A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. Description Originally released as part of AppSecCali 2015 Talk"Marshalling Pickles: how deserializing objects will ruin your day"with gadget chains for Apache Commons Collections (3.x and 4.x), Spring...