The invention discloses a Weblogic deserialization vulnerability scanning detection method and tool, the tool comprises a vulnerability detection tool body, a vulnerability scanning host, a vulnerability detection module and a deserialization processing module, the vulnerability detection tool body is internally provided with the vulnerability scanning host, the vulnerability scanning host is connected with the deserialization processing module, and the deserialization processing module is connected with the vulnerability detection module. The input end of the vulnerability scanning host is connected with the input end of the vulnerability detection server, and the deserialization processing module is adopted to initialize the vulnerability scanning interface, so that the detection interface, the domain name address, the detection result and the user instruction are recovered to the initial running state at the same time; by adopting the mode, the detection interface, the domain name address, the detection result and the user instruction can be in the initial state before each vulnerability scanning, so that the vulnerability scanning detection tool does not need to be initialized by manually inputting the instruction, and the subsequent vulnerability detection efficiency of other Weblogic servers is effectively improved.