During a recent pentest, we exploited an insecure PDF generator to trigger SSRF and access AWS instance metadata. PDF generators often allow risky features like JavaScript by default, making them an overlooked attack surface.

During a recent penetration test, we uncovered a critical insecure deserialization vulnerability hidden in a client’s production application. What started as a suspicious base64 string quickly unfolded into serialized Java objects, ysoserial payloads, and a proof-of-exploitation via DNS callbacks. In this post, we share the story behind the discovery, explain the risks of insecure deserialization, and highlight how a simple fix helped secure a vulnerable authentication endpoi