How to Detect JID Attacks in Go

Do you use JSON in your web applications? If so, you’re at risk of a JSON Insecure Deserialization (JID) attack. These attacks exploit vulnerabilities within an application by injecting malicious serialized objects that in turn authorize deserialization and expose the information contained in your system. In this tutorial, we will demonstrate how you can use an API in Go to detect JID attacks and protect your applications.

We will initiate the process by adding the user-facing text input into the following code:

package main
import (
     "fmt"
     "strings"
     "net/http"
     "io/ioutil"
)
func main() {
url := "https://api.cloudmersive.com/security/threat-detection/content/insecure-deserialization/json/detect/string"
     method := "POST"
payload := strings.NewReader(`"<string>"`)
client := &http.Client {
     }
     req, err := http.NewRequest(method, url, payload)
if err != nil {
          fmt.Println(err)
          return
     }
     req.Header.Add("Content-Type", "application/json")
     req.Header.Add("Apikey", "YOUR-API-KEY-HERE")
res, err := client.Do(req)
     if err != nil {
          fmt.Println(err)
          return
     }
     defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
     if err != nil {
          fmt.Println(err)
          return
     }
     fmt.Println(string(body))
}

And just like that, we’re done!