Pentesting with Serialized Java Objects and Burp Suite On 17 Apr, 2015 By Federico Dotta Some days ago, I had to test a web application consisting in a Java applet. Like always, I direct all traffic through my favourite HTTP Proxy, Burp Suite, but the…