all InfoSec news
Heyserial - Programmatically Create Hunting Rules For Deserialization Exploitation With Multiple Keywords, Gadget Chains, Object Types, Encodings, And Rule Types
May 12, 2022, 9:30 p.m. | noreply@blogger.com (Unknown)
KitPloit - PenTest Tools! www.kitploit.com
Programmatically create hunting rules for deserialization exploitation with multiple
- keywords (e.g. cmd.exe)
- gadget chains (e.g. CommonsCollection)
- object types (e.g. ViewState, Java, Python Pickle, PHP)
- encodings (e.g. Base64, raw)
- rule types (e.g. Snort, Yara)
Disclaimer
Rules generated by this tool are intended for hunting/research purposes and are not designed for high fidelity/blocking purposes.
Please test thoroughly before deploying to any production systems.
The Yara rules are primarily intended for scanning web server logs. Some of the "object prefixes" are only 2 …
deserialization exploitation hunting rules yara rule generator ysoserial
More from www.kitploit.com / KitPloit - PenTest Tools!
Jobs in InfoSec / Cybersecurity
Security Analyst
@ Northwestern Memorial Healthcare | Chicago, IL, United States
GRC Analyst
@ Richemont | Shelton, CT, US
Security Specialist
@ Peraton | Government Site, MD, United States
Information Assurance Security Specialist (IASS)
@ OBXtek Inc. | United States
Cyber Security Technology Analyst
@ Airbus | Bengaluru (Airbus)
Vice President, Cyber Operations Engineer
@ BlackRock | LO9-London - Drapers Gardens