Script to exploit Grafana CVE-2025-4123: XSS and Full-Read SSRF
☆55Jul 28, 2025Updated 7 months ago
Alternatives and similar repositories for CVE-2025-4123
Users that are interested in CVE-2025-4123 are comparing it to the libraries listed below
Sorting:
- ARL官方仓库备份项目+指纹添加工具:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。☆17May 13, 2024Updated last year
- ☆45Mar 5, 2025Updated last year
- ☆93Aug 26, 2025Updated 6 months ago
- Grafanav8.*版本任意文件读取漏洞批量检测工具:该漏洞目前为0day漏洞,未授权的攻击者利用该漏洞,能够获取服务器敏感文件。☆13Dec 23, 2021Updated 4 years ago
- A Chrome extension that automatically scans web pages and internal links for user-defined keywords, storing results and sending notificat…☆24Sep 28, 2025Updated 5 months ago
- PoC☆12Apr 7, 2025Updated 11 months ago
- 致远OA通过发送特殊请求获取管理员cookie,再通过文件上传接口上传webshell压缩文件,最后发送解压请求获取webshell☆10Apr 11, 2021Updated 4 years ago
- ☆53Mar 25, 2025Updated 11 months ago
- Pyload RCE with js2py sandbox escape☆17Oct 26, 2024Updated last year
- Pen Hunter is a comprehensive vulnerability scanning tool designed for penetration testers, security researchers and bug bounties. it aut…☆21Dec 10, 2024Updated last year
- 实现了WebSocket通信的哥斯拉webshell管理器☆19Jul 8, 2025Updated 8 months ago
- Javascript file change monitoring☆17Nov 11, 2025Updated 3 months ago
- Exploit for CVE-2024-20767 - Adobe ColdFusion☆34Dec 19, 2024Updated last year
- Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386)☆63Feb 29, 2024Updated 2 years ago
- ☆20Jun 26, 2024Updated last year
- can convert EXE/DLL into position-independent shellcode☆40Feb 1, 2026Updated last month
- Dump Linux keyrings☆24Jul 15, 2024Updated last year
- A chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs☆75Jun 12, 2025Updated 8 months ago
- Request device ticket/token using the device's MSA☆38Aug 25, 2025Updated 6 months ago
- ☆82Aug 30, 2024Updated last year
- ☆21Apr 30, 2025Updated 10 months ago
- Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.☆34Feb 1, 2026Updated last month
- Exploit for CVE-2024-29847☆18Sep 15, 2024Updated last year
- Proof-of-Concept of exploits that may be published☆23Oct 24, 2024Updated last year
- CVE-2025-31644: Command Injection in Appliance mode in F5 BIG-IP☆24May 11, 2025Updated 9 months ago
- Exploit for the vulnerability CVE-2024-43044 in Jenkins☆184Oct 2, 2024Updated last year
- AI Substitutor is an extension for Burp Suite that uses AI functionality to substitute values of HTTP request parameters and headers.☆27Apr 30, 2025Updated 10 months ago
- Script to test NetSec capabilities.☆21May 1, 2023Updated 2 years ago
- Script to read input from stdin and encode it☆19Aug 23, 2023Updated 2 years ago
- a DIY tools to decrypto webshell Traffic☆25Feb 26, 2024Updated 2 years ago
- VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)☆96Sep 1, 2023Updated 2 years ago
- Morgan is a powerful tool designed to help security researchers, developers, and security auditors identify sensitive information, vulner…☆56Feb 2, 2025Updated last year
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆21Aug 25, 2024Updated last year
- Ivanti EPM AgentPortal RCE Vulnerability☆20Sep 16, 2024Updated last year
- Custom Magisk Module that combines various other modules, such as Movecert and Frida☆24Jan 29, 2026Updated last month
- VulnSeer combines the power of Nmap's service detection with multiple AI providers to deliver intelligent vulnerability assessments. Unli…☆43Jun 12, 2025Updated 8 months ago
- ☆29Feb 4, 2026Updated last month
- Check if your AV/EDR does inline hooking, displays the hooked functions and allows you to compare them with the original ones.☆37Apr 24, 2025Updated 10 months ago
- A proof of concept program that pulls and parses security.txt files at mass.☆29May 31, 2023Updated 2 years ago