Gadgetinspector – A Byte Code Analyzer For Finding Deserialization Gadget Chains In Java Applications

This project inspects Java libraries and classpaths for gadget chains. Gadgets chains are used to construct exploits for deserialization vulnerabilities. By automatically discovering possible gadgets chains in an application’s classpath penetration testers can quickly construct exploits and application security engineers can assess the impact of a deserialization vulnerability and prioritize its remediation.This project was presentedRead More

X