A-D-Team / grafanaExp
A exploit tool for Grafana Unauthorized arbitrary file reading vulnerability (CVE-2021-43798), it can burst plugins / extract secret_key / decrypt data_source info automatic.
☆243Updated 4 months ago
Related projects ⓘ
Alternatives and complementary repositories for grafanaExp
- fastjson不出网利用、c3p0☆246Updated 3 years ago
- ☆217Updated 2 years ago
- 个人整理的一些域渗透Tricks,可能有一些错误。☆246Updated 3 years ago
- fastjson 被动扫描、不出网payload生成☆369Updated 3 years ago
- Redis-Attack By Replication (通过主从复制攻击Redis)☆316Updated last year
- 命令执行不回显但DNS协议出网的命令回显场景解决方案☆272Updated last year
- BCEL encode/decode manager for fastjson payloads☆143Updated 2 years ago
- 域渗透脑图中文翻译版☆276Updated 3 years ago
- 可在Windows下执行系统命令的Redis模块,可用于Redis主从复制攻击。☆257Updated last year
- ☆195Updated 2 months ago
- ☆282Updated 2 years ago
- A memory shell for ruoyi☆233Updated last year
- JCE - JSP/JPSX CodeEncode - 用于 Webshell 逃避静态查杀的辅助脚本☆256Updated 3 years ago
- 域信息收集工具☆383Updated 2 years ago
- AntSword(蚁剑)全参数流量XOR和Base64加伪装WebShell☆162Updated 3 years ago
- 远程代码执行S2-062 CVE-2021-31805验证POC☆131Updated 2 years ago
- 下架☆141Updated 2 years ago
- 一款通过污点追踪发现Jsp webshell的工具(A tool to find Jsp Webshell through stain tracking)☆175Updated 2 years ago
- ☆111Updated 3 years ago
- 改造BeichenDream/InjectJDBC加入shiro获取key和修改key功能☆275Updated 11 months ago
- Compatible with xray and nuclei poc framework☆189Updated last year
- Java应用的一些配置文件字典,来源于公开的字典与平时收集☆296Updated 9 months ago
- Shiro-550 不依赖CC链利用工具☆447Updated 5 months ago
- 针对 403 页面的 fuzz 脚本☆124Updated 2 years ago
- 一个LDAP请求监听器,摆脱dnslog平台☆283Updated last year
- Exchange 服务器安全性的辅助测试工具☆313Updated last year
- 一款OutLook信息收集工具☆231Updated last year