A collection of Java Deserialization Exploits, Currently this repo contains exploits for the following vulnerabilities:
+ Cisco Prime Infrastructure Java Deserialization RCE (CVE-2016-1291), The python script uses ysoserial to dynamically generate the payload. Therefore java is required as well.
+ IBM WebSphere Java Object Deserialization RCE (CVE-2015-7450)
+ OpenNMS Java Object Deserialization RCE (No CVE ?)
+ python 2.7.x
+ All Operating System Support
git clone https://github.com/CoalfireLabs/java_deserialization_exploits && cd java_deserialization_exploits
then run one by one script inside folder what do you need.