reddit hackernews mail facebook facebook linkedin
Java Deserialization Scanner

Java Deserialization Scanner

All-in-one plugin for the detection and exploitation of Java deserialization vulnerabilities.

Java Deserialization Scanner is a Burp Suite plugin aimed at detect and exploit Java deserialization vulnerabilities. The plugin is made up of three different components:

1. Integration with Burp Suite active and passive scanner
2. Manual tester, for the detection of Java deserialization vulnerabilities on custom insertion points
3. Exploiter, that allow to actively exploit Java deserialization vulnerabilies, using frohoff ysoserial