lfi

There are 103 repositories under lfi topic.

1N3/BlackWidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Language:Python1.5k 61 33349
v3n0m-Scanner/V3n0M-Scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Language:Python1.5k 90 180407
AlisamTechnology/ATSCAN
Advanced dork Search & Mass Exploit Scanner
Language:Perl1.4k 93 55345
nemesida-waf/waf-bypass
Check your WAF before an attacker does
Language:Python1.3k 23 12164
mzfr/liffy
Local file inclusion exploitation tool
Language:Python769 13 15104
payloadbox/rfi-lfi-payload-list
🎯 RFI/LFI Payload List
529 18 1179
abhisharma404/vault
swiss army knife for hackers
Language:Python506 26 3894
swisskyrepo/DamnWebScanner
Another web vulnerabilities scanner, this extension works on Chrome and Opera
Language:Python442 18 4155
pikpikcu/XRCross
XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
Language:Shell327 11 971
paralax/lfi-labs
small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns
Language:PHP315 14 882
chrispetrou/FDsploit
File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Language:Python266 10 377
anmolksachan/TheTimeMachine
Weaponizing WaybackUrls for Recon, BugBounties , OSINT, Sensitive Endpoints and what not
Language:Python263 5 232
dragonked2/Egyscan
Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:
Language:Python236 3 1440
hansmach1ne/LFImap
Local File Inclusion discovery and exploitation tool
Language:Python211 4 3631
VainlyStrain/Vailyn
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Language:Python196 6 2425
AngelSecurityTeam/SQLiDumper-AngelSecurityTeam
Dork Search , Vulnerability Scanner ,SQL Injection , XSS , LFI ,RFI
158 4 238
dotPY-hax/gitlab_RCE
RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1
Language:Python157 2 026
storenth/lazyrecon
Wicked sick v2.0 script is intended to automate your reconnaissance process in an organized fashion.
Language:Shell138 3 245
capture0x/Lfi-Space
Lfi Scan Tool
Language:Python102 2 217
kostas-pa/LFITester
LFITester is a Python3 program that automates the detection and exploitation of Local File Inclusion (LFI) vulnerabilities on a server.
Language:Python102 2 523
thehackersbrain/CVE-2021-41773
Apache2 2.4.49 - LFI & RCE Exploit - CVE-2021-41773
Language:Python95 2 134
smsharma/awesome-neural-sbi
Community-sourced list of papers and resources on neural simulation-based inference.
84 6 25
0bfxgh0st/lfienum
Local File Inclusion Enumeration (PoC)
Language:Python60 1 01
ronin-rb/ronin-vulns
Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
Language:Ruby59 3 8316
Stuub/CVE-2024-4040-SSTI-LFI-PoC
CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support
Language:Python54 2 37
AmoloHT/TTWAF
「🧱」Test a list of payloads and see if you can bypass it
Language:Rust51 1 011
Sybil-Scan/imagemagick-lfi-poc
ImageMagick LFI PoC [CVE-2022-44268]
Language:Python51 0 011
iilegacyyii/PoC-CVE-2021-41773
Language:Python47 1 138
Mr-xn/thinkphp_lang_RCE
about thinkphp lang RCE QVD-2022-46174 v6.0.1 <= Thinkphp <= v6.0.13 Thinkphp v5.0.x Thinkphp v5.1.x
38 2 13
DevanshRaghav75/AutomationGuide
Learn how to automate XSS, SSRF, LFI, SQLI, NoSQLi
36 1 011
PinoyWH1Z/SSH-Private-Key-Looting-Wordlists
SSH Private Key Looting Wordlists. A collection of wordlists to aid in locating or brute-forcing SSH private key file names.
33 2 06
jpiechowka/zip-shotgun
Utility script to test zip file upload functionality (and possible extraction of zip files) for vulnerabilities (aka Zip Slip)
Language:Python32 3 05
aryanrtm/Crascan
Crascan is a simple LFI, RFI, RCE, and Joomla Components vulnerability scanner.
Language:Shell31 4 012
TheHermione/DorkFinder
Automatic tool to find Google Dorks
Language:Python29 1 04
farinap5/webpwn
Web Vulnerability Detector (XSS,SQL,LFI,XST,WAF)
Language:Python23 1 19
treddis/dotdotfarm
Fast Path Traversal exploitation tool
Language:Python21 1 01

lfi

1N3/BlackWidow

v3n0m-Scanner/V3n0M-Scanner

AlisamTechnology/ATSCAN

nemesida-waf/waf-bypass

mzfr/liffy

payloadbox/rfi-lfi-payload-list

abhisharma404/vault

swisskyrepo/DamnWebScanner

pikpikcu/XRCross

paralax/lfi-labs

chrispetrou/FDsploit

anmolksachan/TheTimeMachine

dragonked2/Egyscan

hansmach1ne/LFImap

VainlyStrain/Vailyn

AngelSecurityTeam/SQLiDumper-AngelSecurityTeam

dotPY-hax/gitlab_RCE

storenth/lazyrecon

capture0x/Lfi-Space

kostas-pa/LFITester

thehackersbrain/CVE-2021-41773

smsharma/awesome-neural-sbi

0bfxgh0st/lfienum

ronin-rb/ronin-vulns

Stuub/CVE-2024-4040-SSTI-LFI-PoC

AmoloHT/TTWAF

Sybil-Scan/imagemagick-lfi-poc

iilegacyyii/PoC-CVE-2021-41773

Mr-xn/thinkphp_lang_RCE

DevanshRaghav75/AutomationGuide

PinoyWH1Z/SSH-Private-Key-Looting-Wordlists

jpiechowka/zip-shotgun

aryanrtm/Crascan

TheHermione/DorkFinder

farinap5/webpwn

treddis/dotdotfarm