AttackFlow Findings Dictionary

Finding A Way To Try AttackFlow Enterprise Edition?

If so, click to download 15 days full version for free!

Lack Of Serializable Annotation

Classes will not be serialized at runtime despite of the intention of making serializable

Severity

Low

Fix Cost

Medium

Trust Level

Medium

If a class needs custom serialization methods (for example, requiring own binary serialization mechanism), it should implement ISerializable interface.

However, only implementing this interface doesn’t make a class serializable. The class should also hold a [Serializable] attribute.

                
public class RemoteMessage : ISerializable
{

// custom serialize methods
             
            

Finding A Way To Purchase AttackFlow Enterprise Edition?

If so, click to buy now for yearly subscriptions!