A exploit tool for Grafana Unauthorized arbitrary file reading vulnerability (CVE-2021-43798), it can burst plugins / extract secret_key / decrypt data_source info automatic.
☆268Oct 17, 2025Updated 5 months ago
Alternatives and similar repositories for grafanaExp
Users that are interested in grafanaExp are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆231Jan 3, 2022Updated 4 years ago
- Memshell☆294Dec 7, 2021Updated 4 years ago
- fastjson 被动扫描、不出网payload生成☆367Nov 19, 2021Updated 4 years ago
- Redis-Attack By Replication (通过主从复制攻击Redis)☆356Nov 25, 2022Updated 3 years ago
- fastjson不出网利用、c3p0☆256Jul 30, 2021Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- 改造BeichenDream/InjectJDBC加入shiro获取key和修改key功能☆279Nov 28, 2023Updated 2 years ago
- 主流供应商的一些攻击性漏洞汇总☆808Nov 8, 2021Updated 4 years ago
- ☆275Oct 28, 2021Updated 4 years ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆753Apr 14, 2021Updated 4 years ago
- 利用NTLM Hash读取Exchange邮件☆441Jan 7, 2025Updated last year
- 用CSharp写的一款信息搜集工具,目前支持Navicat、TeamView、Xshell、SecureCRT产品的密码解密☆250Aug 26, 2020Updated 5 years ago
- AK资源管理工具,阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储/火山引擎 AccessKey AccessKeySecret,利用AK获取资源信息和操作资源,ECS/CVM/E2/UHOST/ECI/BCC执行命令,OSS/COS/S3/BOS…☆780Feb 13, 2025Updated last year
- 解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入☆774Jan 26, 2022Updated 4 years ago
- 帆软/致远密码解密工具☆359Jul 29, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞,一键注册蚁剑filter内存shell☆536Aug 25, 2020Updated 5 years ago
- MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize☆1,362Nov 18, 2021Updated 4 years ago
- ☆342Jun 7, 2022Updated 3 years ago
- 可在Windows下执行系统命令的Redis模块,可用于Redis主从复制攻击。☆264Nov 25, 2022Updated 3 years ago
- 防火墙出网探测工具,内网穿透型socks5代理☆269Nov 12, 2021Updated 4 years ago
- fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。☆125May 14, 2021Updated 4 years ago
- RPC远程主机信息匿名扫描工具☆319Sep 30, 2022Updated 3 years ago
- 一个LDAP请求监听器,摆脱dnslog平台☆291Apr 7, 2023Updated 2 years ago
- 分享几个直接可用的内存马,记录一下学习过程中看过的文章☆980Mar 23, 2022Updated 4 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- 影子用户 克隆☆233Dec 30, 2021Updated 4 years ago
- 一款可以在不出网的环境下进行反向代理及cs上线的工具☆491Apr 26, 2023Updated 2 years ago
- 利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码☆712May 10, 2021Updated 4 years ago
- Grafana Unauthorized arbitrary file reading vulnerability☆368Feb 14, 2023Updated 3 years ago
- JumpServer远程代码执行漏洞检测利用脚本☆204Feb 9, 2021Updated 5 years ago
- 这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具,用于节省红队工作量,通过下载浏览器数据库、记录密钥来离线解密浏览器密码。☆637Apr 4, 2021Updated 4 years ago
- Fastjson姿势技巧集合☆1,835Oct 20, 2023Updated 2 years ago
- Shiro-550 不依赖CC链利用工具☆450Jun 19, 2024Updated last year
- Coremail任意文件上传漏洞POC☆156Apr 11, 2021Updated 4 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Java RCE 回显测试代码☆1,016Oct 15, 2020Updated 5 years ago
- Bypass AV 用户添加��☆169Dec 30, 2021Updated 4 years ago
- 一个全新的敏感文件发现工具☆270Jan 5, 2021Updated 5 years ago
- 各种数据库的利用姿势☆1,033Jan 3, 2025Updated last year
- ☆295May 7, 2022Updated 3 years ago
- Xshell全版本密码恢复工具☆933Jun 8, 2023Updated 2 years ago
- (批量化改造)sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。☆108Jan 8, 2021Updated 5 years ago