OWASP Top 10: A8 - Insecure Deserialization

Skillsoft issued completion badges are earned based on viewing the percentage required or receiving a passing score when assessment is required. Object-oriented programming is common when writing scripts, as well as during software development. OOP treats items as objects that have properties and methods, as opposed to treating command output as a simple string. In this course, you'll learn about OOP along with some syntax examples. You'll explore how programming objects become serialized and deserialized and how this can present a security risk to web applications. Next, you'll examine how deserialization works in PowerShell, as well as how to execute a deserialization attack against an intentionally vulnerable web application. Lastly, you'll learn how to prevent deserialization attacks from succeeding.