SerialBrute - Java deserialization attack tool.

SerialBrute – Java deserialization attack tool.

SerialBrute is a Java Serialization brute force attack tool. Generates RCE gadget chains using ysoserial and injects them into HTTP request or series of TCP packets in order to aid in the detection and exploitation of Java deserialization vulnerabilities.
Script Lists:
+ SerialBrute.py: Main Script.
+ SrlBrt.py: script to attack arbitrary applications and protocols.

SerialBrute – Java Serialization Attack Tool

Dependencies:
+ Ysoserial https://jitpack.io/com/github/frohoff/ysoserial/master-SNAPSHOT/ysoserial-master-SNAPSHOT.jar
+ Python 2.7.x
+ git

Usage:

Source: https://github.com/NickstaDB