In this session, we will demonstrate how common vulnerabilities in the Java ecosystem are exploited on a daily base by live hacking real-world application libraries. All the examples used are commonly known exploits, some more famous than others, such as Apache Struts and Spring Break Remote Code Execution Vulnerabilities. By exploiting them and showing how you can be attacked, before showing you how to protect yourself, you will have a better understanding of why and how a security focus and DevSecOps is essential for every developer.