Gadgetinspector is a byte code analyzer for finding deserialization gadget chains in Java applications. This project inspects Java libraries and classpaths for gadget chains. Gadgets chains are used to construct exploits for deserialization vulnerabilities. By automatically discovering possible gadgets chains in an application’s classpath penetration testers can quickly construct exploits and application security engineers can …
Continue reading “Gadgetinspector : Code Analyzer For Finding Deserialization Gadget”