Share
## https://sploitus.com/exploit?id=433D403A-065E-50C0-8E82-72F61DBAC433
This is a Java-based tool for finding deserialization gadget chains in Java applications. The tool is called "Gadget Inspector" and is presented as a project that was showcased at Black Hat USA 2018.

The tool is designed to automatically discover possible gadget chains in an application's classpath, which can be used to construct exploits for deserialization vulnerabilities. The tool is likely to be used by security researchers and penetration testers to assess the impact of a deserialization vulnerability and prioritize its remediation.

The tool is built using the Gradle build system and has a number of dependencies, including the ASM library for bytecode manipulation and the Guava library for utility functions. The tool can be run using the Gradle wrapper, which is a script that sets up the Gradle environment and runs the build process.

The tool is likely to be used in the following way:

1. The user provides the path to a Java application's classpath, which can be a WAR file or a directory containing the application's classes and libraries.
2. The tool analyzes the classpath and identifies possible gadget chains, which are sequences of methods that can be used to construct an exploit.
3. The tool generates a report detailing the possible gadget chains and their potential impact.
4. The user can use the report to prioritize the