<![CDATA[For users of YAWAST / yawast-ng: The project has moved to a new location, and will have a major feature update next week, with plugins, new injection testing, automation &amp; performance improvements, and more.]]>For users of YAWAST / yawast-ng: The project has moved to a new location, and will have a major feature update next week, with plugins, new injection testing, automation & performance improvements, and more. It'll be the biggest release in years. https://github.com/adcaudill/yawast-ng

]]>https://board.circlewithadot.net/topic/c1704c8a-0a4b-4581-8e5e-8c40ba7dc417/for-users-of-yawast-yawast-ng-the-project-has-moved-to-a-new-location-and-will-have-a-major-feature-update-next-week-with-plugins-new-injection-testing-automation-amp-performance-improvements-and-more.RSS for NodeFri, 17 Apr 2026 14:53:32 GMTFri, 13 Feb 2026 20:45:21 GMT60<![CDATA[Reply to For users of YAWAST / yawast-ng: The project has moved to a new location, and will have a major feature update next week, with plugins, new injection testing, automation &amp; performance improvements, and more. on Fri, 27 Mar 2026 17:49:10 GMT]]>@adam_caudill The blog on JSON deserialization has a great introduction (and it is linked by NIST) but the last example seems wrong. The constructor code from a custom class definition will not be part of serialized data. It's only existing commonly used classes whose code can be abused on deserializing their instances.

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/ilgiz/statuses/116302397482408800https://board.circlewithadot.net/post/https://infosec.exchange/users/ilgiz/statuses/116302397482408800Fri, 27 Mar 2026 17:49:10 GMT