Script to exploit Grafana CVE-2025-4123: XSS and Full-Read SSRF
☆56Jul 28, 2025Updated 10 months ago
Alternatives and similar repositories for CVE-2025-4123
Users that are interested in CVE-2025-4123 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆53Mar 25, 2025Updated last year
- ☆45Mar 5, 2025Updated last year
- Pen Hunter is a comprehensive vulnerability scanning tool designed for penetration testers, security researchers and bug bounties. it aut…☆29May 4, 2026Updated last month
- A Chrome extension that automatically scans web pages and internal links for user-defined keywords, storing results and sending notificat…☆26Sep 28, 2025Updated 8 months ago
- POC of CVE-2025-7783☆32Oct 31, 2025Updated 7 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Dump Linux keyrings☆24Jul 15, 2024Updated last year
- Terminal-based IDA disassembly, microcode and pseudocode dumper☆45May 29, 2026Updated 2 weeks ago
- ARL官方仓库备份项目+指纹添加工具:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。☆20May 13, 2024Updated 2 years ago
- Javascript file change monitoring☆19May 22, 2026Updated 3 weeks ago
- ☆184Mar 16, 2026Updated 3 months ago
- 致远OA通过发送特殊请求获取管理员cookie,再通过文件上传接口上传webshell压缩文件,最后发送解压请求获取webshell☆10Apr 11, 2021Updated 5 years ago
- ☆94Aug 26, 2025Updated 9 months ago
- Grafanav8.*版本任意文件读取漏洞批量检测工具:该漏洞目前为0day漏洞,未授权的攻击者利用该漏洞,能够获取服务器敏感文件。☆12Dec 23, 2021Updated 4 years ago
- NodeJS File Write to RCE on a read-only filesystem using a ROP chain in libuv☆44Oct 13, 2024Updated last year
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- PoC☆12Apr 7, 2025Updated last year
- A chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs☆76Jun 12, 2025Updated last year
- Exploit for CVE-2024-20767 - Adobe ColdFusion☆34Dec 19, 2024Updated last year
- Tool for Active Directory Certificate Services enumeration and abuse☆13Oct 7, 2024Updated last year
- Dockerfile and Kubernetes manifests for reproduce CVE-2024-3094☆14Apr 6, 2024Updated 2 years ago
- ☆83Aug 30, 2024Updated last year
- A Powerful XSS,RXSS,BXSS finding tool☆33Oct 29, 2025Updated 7 months ago
- A powerful Burp Suite extension that automatically detects JavaScript URLs from HTTP traffic, scans them using TruffleHog for secrets det…☆32Oct 23, 2025Updated 7 months ago
- SpecOps is a Burp Suite extension that ingests an OpenAPI or Swagger spec and instantly builds a workbench to test every documented endpo…☆31Mar 27, 2026Updated 2 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆38Apr 24, 2024Updated 2 years ago
- Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386)☆63Feb 29, 2024Updated 2 years ago
- AI Substitutor is an extension for Burp Suite that uses AI functionality to substitute values of HTTP request parameters and headers.☆29Apr 30, 2025Updated last year
- Exploit for CVE-2024-29847☆19Sep 15, 2024Updated last year
- ☆66Sep 8, 2025Updated 9 months ago
- ExploitBench measures how far AI agents climb, from reaching vulnerable code, to triggering the bug, to building exploit primitives, to a…☆256May 16, 2026Updated last month
- A gadget for converting PE files to shellcode.☆14Jan 9, 2020Updated 6 years ago
- PoC and Detection for CVE-2024-21626☆77Feb 6, 2024Updated 2 years ago
- Automated GitHub secret scanning with smart alerting & monitoring.☆31Jan 15, 2026Updated 5 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- A Go client to receive real-time data messages from Polymarket☆12Jun 25, 2025Updated 11 months ago
- ShootCutMe an .LNK file creator tool for redteamer☆16Oct 2, 2024Updated last year
- A proof of concept program that pulls and parses security.txt files at mass.☆29May 31, 2023Updated 3 years ago
- Pyload RCE with js2py sandbox escape☆18Oct 26, 2024Updated last year
- A no-reboot, in-memory Linux persistence PoC leveraging namespace joining, user-namespace elevation, and self‑deletion.☆65Aug 6, 2025Updated 10 months ago
- iOS traffic interception framework which route all device HTTP/HTTPS traffic through Burp Suite via a system-wide VPN tunnel☆45Feb 15, 2026Updated 4 months ago
- Command line interface for Jsmon Security Platform☆32May 18, 2026Updated last month