lfi

There are 125 repositories under lfi topic.

1N3/BlackWidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Language:Python1.7k 60 33382
v3n0m-Scanner/V3n0M-Scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Language:Python1.5k 91 180413
AlisamTechnology/ATSCAN
Advanced dork Search & Mass Exploit Scanner
Language:Perl1.5k 94 56354
nemesida-waf/waf-bypass
Check your WAF before an attacker does
Language:Python1.4k 22 16180
mzfr/liffy
Local file inclusion exploitation tool
Language:Python886 12 15112
payloadbox/rfi-lfi-payload-list
🎯 RFI/LFI Payload List
614 17 1207
abhisharma404/vault
swiss army knife for hackers
Language:Python533 25 3896
anmolksachan/TheTimeMachine
Weaponizing WaybackUrls for Recon, BugBounties , OSINT, Sensitive Endpoints and what not
Language:Python461 7 470
swisskyrepo/DamnWebScanner
Another web vulnerabilities scanner, this extension works on Chrome and Opera
Language:Python461 17 4158
pikpikcu/XRCross
XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
Language:Shell341 11 969
paralax/lfi-labs
small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns
Language:PHP331 15 883
hansmach1ne/LFImap
Local File Inclusion discovery and exploitation tool
Language:Python324 4 4138
dragonked2/Egyscan
Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:
Language:Python276 3 1455
chrispetrou/FDsploit
File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Language:Python273 9 379
VainlyStrain/Vailyn
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Language:Python199 5 2524
dotPY-hax/gitlab_RCE
RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1
Language:Python157 2 026
storenth/lazyrecon
Wicked sick v2.0 script is intended to automate your reconnaissance process in an organized fashion.
Language:Shell150 2 346
smsharma/awesome-neural-sbi
Community-sourced list of papers and resources on neural simulation-based inference.
126 6 27
kostas-pa/LFITester
LFITester is a Python3 program that automates the detection and exploitation of Local File Inclusion (LFI) vulnerabilities on a server.
Language:Python109 2 824
thehackersbrain/CVE-2021-41773
Apache2 2.4.49 - LFI & RCE Exploit - CVE-2021-41773
Language:Python109 2 135
capture0x/Lfi-Space
Lfi Scan Tool
Language:Python108 2 218
ronin-rb/ronin-vulns
Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
Language:Ruby77 2 8519
0bfxgh0st/lfienum
Local File Inclusion Enumeration (PoC)
Language:Python60 1 01
AmoloHT/TTWAF
「🧱」Test a list of payloads and see if you can bypass it
Language:Rust60 1 011
Stuub/CVE-2024-4040-SSTI-LFI-PoC
CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support
Language:Python56 2 37
Sybil-Scan/imagemagick-lfi-poc
ImageMagick LFI PoC [CVE-2022-44268]
Language:Python53 0 011
iilegacyyii/PoC-CVE-2021-41773
Language:Python49 1 138
verylazytech/CVE-2024-10914
POC - CVE-2024–10914- Command Injection Vulnerability in `name` parameter for D-Link NAS
Language:PowerShell45 1 012
PinoyWH1Z/SSH-Private-Key-Looting-Wordlists
SSH Private Key Looting Wordlists. A collection of wordlists to aid in locating or brute-forcing SSH private key file names.
42 2 09
DevanshRaghav75/AutomationGuide
Learn how to automate XSS, SSRF, LFI, SQLI, NoSQLi
41 1 013
Mr-xn/thinkphp_lang_RCE
about thinkphp lang RCE QVD-2022-46174 v6.0.1 <= Thinkphp <= v6.0.13 Thinkphp v5.0.x Thinkphp v5.1.x
41 2 14
TheHermione/DorkFinder
Automatic tool to find Google Dorks
Language:Python36 1 04
jpiechowka/zip-shotgun
Utility script to test zip file upload functionality (and possible extraction of zip files) for vulnerabilities (aka Zip Slip)
Language:Python32 3 05
aryanrtm/Crascan
Crascan is a simple LFI, RFI, RCE, and Joomla Components vulnerability scanner.
Language:Shell31 4 012
farinap5/webpwn
Web Vulnerability Detector (XSS,SQL,LFI,XST,WAF)
Language:Python26 1 19
treddis/dotdotfarm
Fast Path Traversal exploitation tool
Language:Python21 1 01

lfi

1N3/BlackWidow

v3n0m-Scanner/V3n0M-Scanner

AlisamTechnology/ATSCAN

nemesida-waf/waf-bypass

mzfr/liffy

payloadbox/rfi-lfi-payload-list

abhisharma404/vault

anmolksachan/TheTimeMachine

swisskyrepo/DamnWebScanner

pikpikcu/XRCross

paralax/lfi-labs

hansmach1ne/LFImap

dragonked2/Egyscan

chrispetrou/FDsploit

VainlyStrain/Vailyn

dotPY-hax/gitlab_RCE

storenth/lazyrecon

smsharma/awesome-neural-sbi

kostas-pa/LFITester

thehackersbrain/CVE-2021-41773

capture0x/Lfi-Space

ronin-rb/ronin-vulns

0bfxgh0st/lfienum

AmoloHT/TTWAF

Stuub/CVE-2024-4040-SSTI-LFI-PoC

Sybil-Scan/imagemagick-lfi-poc

iilegacyyii/PoC-CVE-2021-41773

verylazytech/CVE-2024-10914

PinoyWH1Z/SSH-Private-Key-Looting-Wordlists

DevanshRaghav75/AutomationGuide

Mr-xn/thinkphp_lang_RCE

TheHermione/DorkFinder

jpiechowka/zip-shotgun

aryanrtm/Crascan

farinap5/webpwn

treddis/dotdotfarm