federicodotta
commented
8 years ago Hi anantshri, thank you for the issue. I leave this issue open and I will try to add some other specific characters of serialized Java objects in order to decrease the possibility for false positives.
ascii hex magic selected for detection translates to "aced" in ASCII which could be very well be a variable name or portion of text in variable. example variable name placed would be detected as serialized object.
not sure how to tackle it