Ysoserial

Home / Glossary / Ysoserial
Ysoserial, a Java deserialization exploit framework, generates attack payloads targeting gadget chains in vulnerable enterprise Java applications, posing significant remote code execution risks to SOC defenders.

Ysoserial is an open-source Java deserialization exploit framework that automates the generation of serialized Java object payloads designed to trigger remote code execution (RCE) by exploiting vulnerable deserialization implementations in Java applications and middleware. Released publicly in 2015 by security researcher Chris Frohoff, ysoserial catalogs and weaponizes gadget chains — sequences of existing, legitimate Java code in widely deployed libraries that, when executed in a specific order during the deserialization of attacker-controlled data, perform arbitrary operations including operating system command execution, file manipulation, and network connection initiation.

For SOC analysts, threat hunters, and application security architects, ysoserial represents a class of attack technique — automated exploitation of language-level data handling vulnerabilities — that is difficult to detect through conventional signature-based approaches and requires specific defensive strategies, including secure deserialization practices, input validation, runtime application self-protection, and behavioral monitoring for the process execution patterns characteristic of successful deserialization exploits.

Java Deserialization Vulnerabilities and Gadget Chains

To understand ysoserial’s operation and impact, security professionals must first understand Java deserialization and the vulnerability class that makes it exploitable. Deserialization is the process by which a Java application converts a stream of bytes representing a serialized object back into a live Java object — a fundamental capability used in distributed applications, caching systems, and inter-service communication protocols.

  • The Deserialization Trust Problem: Java’s native deserialization mechanism executes class-specific code during object reconstruction from byte streams. When an application deserializes untrusted data — data received from external sources without cryptographic verification of its integrity and origin — an attacker can supply a specially crafted byte stream that triggers unintended code execution during deserialization, before any application-level validation can be applied.
  • Gadget Chains Explained: A gadget chain is a sequence of method calls through existing, legitimate Java code that, when triggered by deserialization, collectively produce a malicious outcome. Individual gadgets are innocuous code segments in standard libraries; their power lies in how they can be chained together. An attacker crafts a serialized object that, when deserialized, invokes the first gadget in the chain, which invokes the second, and so on — ultimately executing arbitrary operating system commands or producing other high-impact outcomes using only code that already exists in the application’s classpath.
  • Library Dependencies as Attack Surface: Ysoserial’s gadget chains exploit vulnerabilities in widely deployed Java libraries, including Apache Commons Collections, Spring Framework, Groovy, Apache Commons BeanUtils, and others. Any application that includes these libraries on its classpath — regardless of whether the application directly calls the vulnerable methods — may be exploitable if it deserializes untrusted data from any source, including network services, file imports, session cookies, or inter-service APIs.
  • Vulnerability Scope and Prevalence: Java deserialization vulnerabilities are exceptionally prevalent because the deserialization pattern appears across a broad range of Java application architectures, including Java EE application servers, Java RMI services, JMX management interfaces, message queue consumers, caching layers, and custom application protocols. The combination of widespread deployment and straightforward exploitation via ysoserial makes this vulnerability class a persistent priority for both enterprise security assessments and threat actor campaigns.

The 2015 disclosure of Apache Commons Collections gadget chains — demonstrated using ysoserial — exposed critical vulnerabilities in installations of WebLogic, WebSphere, JBoss, and Jenkins simultaneously, illustrating the systemic nature of the Java deserialization problem across the enterprise software ecosystem.

How Ysoserial Generates Exploit Payloads

Ysoserial operates as a command-line tool that accepts a target gadget chain identifier and a command to execute, then generates a serialized Java object payload that, when deserialized by a vulnerable application, triggers execution of the specified command. Understanding this payload generation process is valuable for both offensive security practitioners and defenders analyzing detected attacks.

  • Gadget Chain Selection: Ysoserial includes a library of named gadget chains, each targeting vulnerabilities in a specific Java library or combination of libraries. The operator selects the appropriate gadget chain based on which libraries are present in the target application’s classpath — information typically gathered through prior reconnaissance, error messages, or service fingerprinting. Selecting an incompatible gadget chain for a target results in a deserialization error rather than code execution.
  • Payload Serialization: After gadget chain selection, ysoserial constructs a malicious Java object graph that implements the selected chain, wraps the attacker-specified command around it, and serializes the resulting object to a byte stream in Java’s native serialization format. The output is a binary payload ready for injection into whatever channel the target application uses to receive serialized data.
  • Delivery Vector Adaptation: Ysoserial payloads must be delivered through whatever input channel the vulnerable application uses to receive serialized data. Common delivery vectors include HTTP request bodies and cookies for web applications, Java RMI connection streams for remote management services, JMX protocol messages for monitoring interfaces, and message queue payloads for asynchronous messaging systems. Different delivery contexts may require base64 encoding or other transformations of the raw payload bytes.
  • URLDNS and Out-of-Band Detection: Ysoserial includes a special URLDNS gadget chain that, rather than executing a command, causes the deserializing application to perform a DNS lookup for a specified domain. This chain is used during security assessments to confirm a deserialization vulnerability without executing potentially destructive commands, enabling assessors to verify the vulnerability’s existence using out-of-band DNS monitoring before attempting full RCE confirmation.

The systematic, tool-assisted nature of ysoserial exploitation significantly lowers the technical barrier for Java deserialization attacks — enabling threat actors with limited Java expertise to execute sophisticated exploitation campaigns against enterprise targets.

Common Gadget Chains in Ysoserial

Ysoserial’s bundled gadget chains represent the most widely exploited Java deserialization vulnerability patterns in enterprise environments. Security teams should understand these chains to prioritize library patching, assess exposure, and interpret detection signatures accurately.

  • CommonsCollections Chains: The Apache Commons Collections library provided the first publicly demonstrated high-impact ysoserial gadget chains. Multiple CommonsCollections variants (CC1 through CC7) target different library versions and JDK environments, collectively covering a broad range of deployment configurations. These chains abuse the library’s Transformer interface and the InvokerTransformer class to chain method invocations, leading to a Runtime.exec() calls that execute OS commands.
  • Spring Framework Chains: Spring-based gadget chains exploit the Spring Framework’s ObjectFactory and PropertyPathFactoryBean implementations to achieve code execution. Spring is one of the most widely deployed Java application frameworks in enterprise environments, making these chains a broad target for attackers assessing enterprise Java application portfolios.
  • Groovy Chain: The Groovy gadget chain exploits Groovy’s MetaClass infrastructure to execute arbitrary Groovy scripts as part of the deserialization process. Applications that include Groovy scripting support — common in data processing, automation, and DevOps tooling — are potentially vulnerable to this chain regardless of whether they explicitly use Groovy features.
  • BeanShell and ROME Chains: Additional ysoserial chains target the BeanShell scripting engine and the ROME RSS parsing library, each of which provides code execution pathways through their respective object model implementations. These chains extend ysoserial’s applicability to application stacks that may have patched the more widely known Commons Collections vulnerabilities while retaining other exploitable library dependencies.

The ongoing development of new gadget chains — both within ysoserial and in successor projects — means that patching any single library is insufficient protection against Java deserialization exploitation; architectural remediation is required for durable defense.

Ysoserial in Offensive Security and Red Team Operations

Ysoserial is a standard component of enterprise penetration testing and red team operation toolkits, used to assess Java application security and validate the effectiveness of defensive controls against this class of vulnerability. Responsible use requires careful scope management and coordination with application owners.

  • Application Security Assessment Applications: During Java application security assessments, ysoserial enables testers to confirm whether deserialization endpoints are exploitable and to determine which gadget chains are effective against the target application’s dependency set. The URLDNS chain is typically used first to confirm the existence of a vulnerability via out-of-band DNS callback monitoring, followed by non-destructive RCE validation using OS commands that produce identifiable but reversible output.
  • Red Team Network and Infrastructure Testing: Red teams use ysoserial payloads to evaluate detection capabilities against Java deserialization attacks, testing whether SIEM rules, network intrusion detection signatures, and endpoint protection platforms generate alerts for ysoserial payload delivery and execution. Gaps identified during red team engagements drive targeted improvements to detection rules and monitoring coverage.
  • Web Application Firewall Bypass Research: Security researchers use ysoserial to evaluate whether web application firewall (WAF) rules and serialization filtering implementations effectively block or detect known gadget chain payloads. This research has revealed that many WAF implementations fail to detect obfuscated or modified ysoserial payloads, informing both tool development and the enhancement of defensive controls.
  • Successor Tools and Evolution: The ysoserial project inspired successor tools, including ysoserial.net (targeting .NET deserialization vulnerabilities), marshalsec (targeting Java marshaling libraries beyond Java’s native serialization), and GadgetProbe (identifying available gadget chains dynamically). Red teams should be familiar with this evolving toolset, as threat actors incorporate these successor tools alongside ysoserial in operational campaigns.

Organizations that conduct Java application penetration testing should include ysoserial-based deserialization testing as a standard assessment component, particularly for applications that expose Java serialization endpoints to external networks.

Detecting and Preventing Ysoserial Exploits

Defending against ysoserial-based attacks requires a multi-layered strategy that combines architectural remediation, runtime protection, and behavioral detection — because signature-based blocking alone is insufficient against the full range of payload obfuscation techniques attackers can use.

  • Architectural Remediation: The most durable defense against Java deserialization exploitation is eliminating untrusted deserialization from application architectures. Where Java’s native serialization can be replaced with safer data exchange formats — such as JSON, Protocol Buffers, or XML with strict schema validation — the attack surface is eliminated. Legacy applications that cannot immediately eliminate deserialization should implement serialization filters (introduced in Java 9 as JEP 290) that allowlist the specific classes permitted for deserialization.
  • Dependency Patching and Library Management: Maintaining current, patched versions of all Java libraries on application classpaths eliminates known gadget chains that depend on specific vulnerable library versions. Security teams should implement software composition analysis (SCA) tooling that continuously identifies known-vulnerable Java dependencies across the application portfolio and prioritizes patching based on exploitability and exposure.
  • Java Serialization Filtering (JEP 290): Java’s built-in serialization filter mechanism (JEP 290, available in Java 9+ and backported to Java 6/7/8 security updates) allows applications to define filter functions that inspect and accept or reject incoming serialized objects before deserialization executes. Implementing class allowlist filters that reject unexpected class types from deserialization streams provides a runtime control that blocks ysoserial payloads even against unpatched library versions.
  • Runtime Behavioral Detection: Endpoint detection platforms and runtime application self-protection (RASP) solutions can detect ysoserial exploitation through behavioral indicators: unusual Java processes spawning OS child processes, unexpected network connections from Java application server processes, and anomalous class-loading patterns associated with gadget-chain execution. These behavioral signals are effective even against obfuscated or modified payloads that evade static signatures.

Network-level indicators — including the binary magic bytes (0xACED 0x0005) that identify Java serialized data at the start of network streams — enable network intrusion detection systems to flag unexpected serialized Java data appearing in HTTP bodies, network protocols, or other input channels where serialization is not expected.

Ysoserial in Real-World Attack Campaigns

Ysoserial and the deserialization exploitation techniques it popularized have been incorporated into numerous high-profile attack campaigns targeting enterprise Java infrastructure. Documented cases provide a concrete threat context for security teams assessing their exposure to this class of attack.

  • Apache Commons Collections Mass Exploitation (2015-2016): Following the public disclosure of Commons Collections gadget chains via ysoserial, a wave of exploitation targeting WebLogic, WebSphere, JBoss, and Jenkins installations swept the internet. Attackers used ysoserial payloads to install cryptocurrency miners, deploy webshells, and establish persistent access on enterprise application servers — demonstrating that publicly disclosed ysoserial gadget chains are immediately operationalized by opportunistic threat actors at scale.
  • Oracle WebLogic Recurring Exploitation: Oracle WebLogic has been repeatedly targeted through Java deserialization vulnerabilities exploitable via ysoserial-derived payloads, with multiple CVEs (including CVE-2019-2725 and CVE-2020-14882) weaponized by both ransomware operators and nation-state groups. The recurring nature of WebLogic deserialization vulnerabilities reflects both the complexity of remediating deserialization in mature enterprise middleware and the sustained interest of attackers in these high-value targets.
  • Jenkins RCE Campaigns: Jenkins continuous integration servers — widely deployed in enterprise DevOps environments — have been targeted through Java deserialization vulnerabilities exploitable via ysoserial, including CVE-2016-9299 and related issues. Attackers targeting Jenkins gain access to build pipelines, source code repositories, and deployment credentials — making Jenkins a high-value objective that can propagate access across the broader software development and production infrastructure.
  • Ransomware and Cryptominer Delivery: Multiple ransomware groups and cryptominer campaigns have incorporated ysoserial-derived payloads into their initial access toolkits, specifically targeting internet-exposed Java application servers as entry points. The combination of broad Java middleware deployment and relatively straightforward ysoserial exploitation makes this attack vector consistently attractive for financially motivated threat actors.

The sustained use of ysoserial techniques in active attack campaigns — more than a decade after the tool’s initial release — reflects the persistent challenge of eliminating Java deserialization vulnerabilities from complex enterprise application portfolios.

Conclusion

Ysoserial represents both a critical security research contribution and an enduring offensive capability that continues to be leveraged against enterprise Java infrastructure years after its original release. For security architects, application developers, and SOC teams managing Java-intensive enterprise environments, understanding how ysoserial works — the gadget chains it exploits, the payloads it generates, and the detection evasion techniques it enables — is essential for building effective defenses against this class of attack. The most durable protection combines architectural elimination of unsafe deserialization, runtime serialization filtering, software composition analysis for vulnerable dependencies, and behavioral detection capabilities that identify the process execution and network connection patterns characteristic of successful Java deserialization exploitation.

Deepwatch® is the pioneer of AI- and human-driven cyber resilience. By combining AI, security data, intelligence, and human expertise, the Deepwatch Platform helps organizations reduce risk through early and precise threat detection and remediation. Ready to Become Cyber Resilient? Meet with our managed security experts to discuss your use cases, technology, and pain points, and learn how Deepwatch can help.

Related Content

  • Move Beyond Detection and Response to Accelerate Cyber Resilience: This resource explores how security operations teams can evolve beyond reactive detection and response toward proactive, adaptive resilience strategies. It outlines methods to reduce dwell time, accelerate threat mitigation, and align SOC capabilities with business continuity goals.
  • The Dawn of Collaborative Agentic AI in MDR: In this whitepaper, learn about the groundbreaking collaborative agentic AI ecosystem that is redefining managed detection and response services. Discover how the Deepwatch platform’s dual focus on both security operations (SOC) enhancement and customer experience ultimately drives proactive defense strategies that align with organizational goals.
  • 2024 Deepwatch Adversary Tactics & Intelligence Annual Threat Report: The 2024 threat report offers an in-depth analysis of evolving adversary tactics, including keylogging, credential theft, and the use of remote access tools. It provides actionable intelligence, MITRE ATT&CK mapping, and insights into the behaviors of threat actors targeting enterprise networks.