- https://mbechler.github.io/2021/12/10/PSA_Log4Shell_JNDI_Injection/ ▪ JNDI, Deserialization - https://www.veracode.com/blog/research/exploiting-jndi-injections-java - https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP- Manipulation-To-RCE.pdf - https://cheatsheetseries.owasp.org/assets/Deserialization_Cheat_Sheet_GOD16Deserialization.pdf ▪ PoC - https://github.com/okuken/sectest_java - https://github.com/pimps/JNDI-Exploit-Kit - https://github.com/frohoff/ysoserial