We initially became interested in the __VSTATE parameter after reading this article by graanl which we saw after reading this article from The Record about an APT group exploiting how it works. What is a ViewState? A ViewState is a parameter that contains information about the state of a users session, eg. are they logged in, who are they logged in as, what settings have they changed. In .NET this is in the form of a serialized .