https://blog.chaitin.cn/2015-11-11_java_unserialize_rce/
http://blog.nsfocus.net/?s=fastjson
http://blog.nsfocus.net/fastjson-remote-deserialization-program-validation-analysis/
http://blog.nsfocus.net/jackson-framework-java-vulnerability-analysis/
https://blog.chaitin.cn/2015-11-11_java_unserialize_rce/
http://blog.nsfocus.net/?s=fastjson
http://blog.nsfocus.net/fastjson-remote-deserialization-program-validation-analysis/
http://blog.nsfocus.net/jackson-framework-java-vulnerability-analysis/