Forwarding you to intoli.com

Dangerous Pickles Malicious Python Serialization

Before we get elbow deep in opcodes here, let’s cover a little background. The Python standard library has a module called pickle that is used for serializing and deserializing objects. Except it’s not called serializing and deserializing, it’s pickling and unpickling .