A exploit tool for Grafana Unauthorized arbitrary file reading vulnerability (CVE-2021-43798), it can burst plugins / extract secret_key / decrypt data_source info automatic.
☆268Oct 17, 2025Updated 7 months ago
Alternatives and similar repositories for grafanaExp
Users that are interested in grafanaExp are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆231Jan 3, 2022Updated 4 years ago
- Memshell☆298Dec 7, 2021Updated 4 years ago
- fastjson 被动扫描、不出网payload生成☆368Nov 19, 2021Updated 4 years ago
- Redis-Attack By Replication (通过主从复制攻击Redis)☆360Nov 25, 2022Updated 3 years ago
- fastjson不出网利用、c3p0☆257Jul 30, 2021Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- 改造BeichenDream/InjectJDBC加入shiro获取key和修改key功能☆281Nov 28, 2023Updated 2 years ago
- 主流供应商的一些攻击性漏洞汇总☆803Nov 8, 2021Updated 4 years ago
- ☆275Oct 28, 2021Updated 4 years ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆757Apr 14, 2021Updated 5 years ago
- 利用NTLM Hash读取Exchange邮件☆442Mar 23, 2026Updated 2 months ago
- 用CSharp写的一款信息搜集工具,目前支持Navicat、TeamView、Xshell、SecureCRT产品的密码解密☆251Aug 26, 2020Updated 5 years ago
- AK资源管理工具,阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储/火山引擎 AccessKey AccessKeySecret,利用AK获取资源信息和操作资源,ECS/CVM/E2/UHOST/ECI/BCC执行命令,OSS/COS/S3/BOS…☆784Feb 13, 2025Updated last year
- 解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入☆775Jan 26, 2022Updated 4 years ago
- 帆软/致远密码解密工具☆363Jul 29, 2021Updated 4 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞,一键注册蚁剑filter内存shell☆532Aug 25, 2020Updated 5 years ago
- MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize☆1,370Nov 18, 2021Updated 4 years ago
- ☆341Jun 7, 2022Updated 4 years ago
- 可在Windows下执行系统命令的Redis模块,可用于Redis主从复制攻击。☆264Nov 25, 2022Updated 3 years ago
- 防火墙出网探测工具,内网穿透型socks5代理☆270Nov 12, 2021Updated 4 years ago
- fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。☆126May 14, 2021Updated 5 years ago
- RPC远程主机信息匿名扫描工具☆318Sep 30, 2022Updated 3 years ago
- 一个LDAP请求监听器,摆脱dnslog平台☆291Apr 7, 2023Updated 3 years ago
- 分享几个直接可用的内存马,记录一下学习过程中看过的文章☆984Mar 23, 2022Updated 4 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- 影子用户 克隆☆232Dec 30, 2021Updated 4 years ago
- 一款可以在不出网的环境下进行反向代理及cs上线的工具☆491Apr 26, 2023Updated 3 years ago
- 利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码☆714May 10, 2021Updated 5 years ago
- Grafana Unauthorized arbitrary file reading vulnerability☆368Feb 14, 2023Updated 3 years ago
- JumpServer远程代码执行漏洞检测利用脚本☆204Feb 9, 2021Updated 5 years ago
- 这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具,用于节省红队工作量,通过下载浏览器数据库、记录密钥来离线解密浏览器密码。☆635Apr 4, 2021Updated 5 years ago
- Fastjson姿势技巧集合☆1,848Oct 20, 2023Updated 2 years ago
- Coremail任意文件上传漏洞POC☆157Apr 11, 2021Updated 5 years ago
- Shiro-550 不依赖CC链利用工具☆449Jun 19, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Java RCE 回显测试代码☆1,013Oct 15, 2020Updated 5 years ago
- Bypass AV 用户添加☆169Dec 30, 2021Updated 4 years ago
- 一个全新的敏感文件发现工具☆268Jan 5, 2021Updated 5 years ago
- 各种数据库的利用姿势☆1,034Jan 3, 2025Updated last year
- ☆298May 7, 2022Updated 4 years ago
- Xshell全版本密码恢复工具☆942Jun 8, 2023Updated 3 years ago
- (批量化改造)sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。☆109Jan 8, 2021Updated 5 years ago