Java Deserialization Scanner v0.6

federicodotta released this 24 Apr 09:17

· 1 commit to master since this release

5315c68

Changelog

New URLDNS for active detection of Java deserialization without vulnerable libraries
6 new gadgets (CommonsCollection7, MozillaRhino1, MozillaRhino2, Vaadin, JavasstistWeld, JbossInspectors
Custom encoding in Manual Testing and Exploitation tabs (thanks András Veres-Szentkirályi)
Response time in Manual Testing tab
Small fixes to improve detection
Hibernate5 switch in exploitation tab
Body of issues reviewed

Assets 3