February 1, 2026 Hunting for Deserialization Gadgets in the Rails Ecosystem Walking through the process of identifying a deserialization gadget chain commonly available in Ruby on Rails applications.

February 18, 2022 Java Deserialization Vulnerabilities Understanding Java deserialization from serialization internals to exploitation, with a walkthrough of using ysoserial gadget chains to achieve RCE on Apache OpenMeetings.