Y
Hacker News
new
|
ask
|
show
|
jobs
by
borski
4751 days ago
Couple of methods. For one thing, we test for status codes returned for particularly crafted YAML/XML parameters. Aside from that, we also carefully craft a YAML injection using a timing attack and test blind, that way.