Java RMI Vulnerability Scanner
some useful payloads to analysis deserialization in java env
Command Injection / Remote Code Execution (RCE) via Insecure Deserialization in load() of predictor.py in Vertex AI SDK v1.121.0 - (github.com/googleapis/python-aiplatform)
Command Injection / Remote Code Execution (RCE) via Insecure Deserialization in decode() of json_conversion.py in PyGlove v0.4.5 - (github.com/google/pyglove)
Command Injection / Remote Code Execution (RCE) via Insecure Deserialization in _load_ccd_pickle_cached() of chemical_components.py in AlphaFold 3 (v3.0.1) - (github.com/google-deepmind/alphafold3)
Add a description, image, and links to the deserialization-attacks topic page so that developers can more easily learn about it.
To associate your repository with the deserialization-attacks topic, visit your repo's landing page and select "manage topics."