#deserialization

deser-node on offsec.tools
deser-node

NodeJS deserialization payload generator.

Freddy Deserialization Bug Finder on offsec.tools
Freddy Deserialization Bug Finder

A Burp Suite extension to aid in detecting and exploiting serialisation libraries/APIs.

Java Deserialization Scanner on offsec.tools
Java Deserialization Scanner

All-in-one plugin for the detection and exploitation of Java deserialization vulnerabilities.

PHPGGC on offsec.tools
PHPGGC

PHP unserialize() payloads along with a tool to generate them.

ysoserial.net on offsec.tools
ysoserial.net

Deserialization payload generator for a variety of .NET formatters.

GadgetProbe on offsec.tools
GadgetProbe

Probe endpoints consuming Java serialized objects for fingerprinting.

ysoserial on offsec.tools
ysoserial

Generates payloads that exploit unsafe Java object deserialization.