Java-Deserialization-Scanner icon indicating copy to clipboard operation
Java-Deserialization-Scanner copied to clipboard

Published 20 hours ago verified publisher icon federicodotta

ASCII hex generating false positives

Open anantshri opened this issue 9 years ago • 1 comments

ascii hex magic selected for detection translates to "aced" in ASCII which could be very well be a variable name or portion of text in variable. example variable name placed would be detected as serialized object.

not sure how to tackle it

anantshri avatar Jun 27 '16 12:06 anantshri

Hi anantshri, thank you for the issue. I leave this issue open and I will try to add some other specific characters of serialized Java objects in order to decrease the possibility for false positives.

federicodotta avatar Jun 29 '16 07:06 federicodotta