Hi! I just released version 0.6 of Java Deserialization Scanner! The first improvement is the addition of URLDNS gadget, that is an active check that detects Java deserialization on the…
Introduction Java deserialization vulnerabilities were discovered and disclosed in January 2015 by Gabriel Lawrence and Chris Frohoff. These serious vulnerabilities arise from the way in which Java deserializes serialized objects (see…