lfi-exploitation

There are 43 repositories under lfi-exploitation topic.

  • mzfr/liffy

    Local file inclusion exploitation tool

    Language:Python8861215112

  • payloadbox/rfi-lfi-payload-list

    🎯 RFI/LFI Payload List

    614171207

  • hansmach1ne/LFImap

    Local File Inclusion discovery and exploitation tool

    Language:Python32444138
  • Vailyn

    VainlyStrain/Vailyn

    A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

    Language:Python19952524

  • kostas-pa/LFITester

    LFITester is a Python3 program that automates the detection and exploitation of Local File Inclusion (LFI) vulnerabilities on a server.

    Language:Python1092824

  • TrixSec/waymap

    Waymap is a fast and optimized web vulnerability scanner built for penetration testers. It helps in identifying vulnerabilities by testing against various payloads.

    Language:Python90316

  • verylazytech/CVE-2024-10914

    POC - CVE-2024–10914- Command Injection Vulnerability in `name` parameter for D-Link NAS

    Language:PowerShell451012

  • farinap5/webpwn

    Web Vulnerability Detector (XSS,SQL,LFI,XST,WAF)

    Language:Python26119

  • BoxingOctopusCreative/toxin

    LFI (Local File Inclusion) Exploitation Tool

    Language:Python18306

  • S1lkys/Auto_LFI

    A simple Script which tests for LFI (Local File Inclusion) via Curl

    Language:Shell16106

  • machine1337/lfiscan

    A small and fast bash script to automate LFI vulnerability.

    Language:Shell11209

  • moeinfatehi/lfi-to-rce-scenario

    This repository is a Dockerized php application containing a LFI (Local File Inclusion) vulnerability which can lead to RCE (Remote Code Execution).

    Language:PHP11100

  • codexlynx/nayra

    LFI Exploitation Tool

    Language:Python9415

  • verylazytech/CVE-2024-50623

    CVE-2024-50623 POC - Cleo Unrestricted file upload and download

    Language:Shell7104

  • verylazytech/CVE-2024-9935

    PDF Generator Addon for Elementor Page Builder <= 1.7.5 - Unauthenticated Arbitrary File Download

    Language:Shell7100

  • Ap1311/SQL-LFI_Scanner

    SQLi & LFI Scanner is a powerful security testing tool designed to detect SQL Injection (SQLi) vulnerabilities and Local File Inclusion (LFI) flaws in web applications. It helps ethical hackers and security researchers identify security weaknesses efficiently.

    Language:Python61

  • shinmao/SecurityLearning

    For Web Security

    Language:JavaScript6103

  • E1A/LFI2Keys

    LFI2Keys automates the process of extracting user accounts from /etc/passwd and attempts to locate private SSH keys through LFI

    Language:Python5200

  • BlessedToastr/leafy

    Script to brute force a potential LFI vulnerability

    Language:Python4100
  • ScanShield

    Fear2o/ScanShield

    ScanShield is an advanced vulnerability scanner built to identify common web security flaws such as SQL Injection, XSS, LFI, RFI, directory listing issues, and security header misconfigurations.

    Language:Python3101
  • LFI-Striker

    MouathA/LFI-Striker

    LFI Finder

    Language:Java3110

  • Cappricio-Securities/CVE-2024-4956

    Sonatype Nexus Repository Manager 3 (LFI)

    Language:Python200

  • jstigerwalt/WEB-Fuzz

    Web Fuzz | LFI Log File

    2000

  • krishpranav/lfi-exploiter

    LFI Exploitation tool

    Language:Python2103

  • WesleyA0101/LFIvader

    LFIvader Um scanner avançado para detecção de vulnerabilidades do tipo Local File Inclusion (LFI). Desenvolvido em C, o LFIvader combina eficiência e precisão para identificar falhas em servidores web, apresentando resultados organizados e salvos automaticamente para análise detalhada. 🚀

    Language:C2111

  • Asiern/LFI-Dumper

    Dump files over Local File Inclusion vulnerability

    Language:Go1100

  • dr34mhacks/operation-file-hunt

    A vulnerable lab for understanding difference between LFI and File Retrieval

    Language:PHP1101

  • HackfutSec/LfiDump

    LfiDump is a Python-based Local File Inclusion (LFI) vulnerability scanner that helps security professionals detect potential LFI vulnerabilities in web applications

    Language:Python1100

  • MKlolbullen/Multipayloader

    A beta test for a multi target attack with a multi payload type.

    Language:Python1

  • rohitajariwal/web-app-security-scanner

    A web crawler and vulnerability scanner tool developed by Rohit Ajariwal

    Language:Python1101

  • TheBugFather/LFI-Chef

    Takes input wordlist in native path format to generate encoding evasion, path traversals, and null byte injections

    Language:Python1112

  • YuraveON/xssrflfi

    Just an automation of XSS, SSRF, and LFI tester for Web Application

    Language:Shell1101

  • ERO-HACK/VulnScan

    A tool for collecting information from the site. Scanning "Xss , LFI" bugs, etc. has the ability to "curl" and scan the port.

    0100

  • Roberto-YM/DogCat---WriteUp

    Exploit a PHP application via LFI and break out of a docker container. TryHackMe CTF Challenge.

    0100

  • Cappricio-Securities/CVE-2022-21371

    Oracle WebLogic Server (LFI)

    Language:Python00

  • dokDork/LFIxplorer

    LFIxplorer is a tool designed to exploit Local File Inclusion (LFI) vulnerabilities in web applications. It reads files on the server by identifying vulnerable parameters, allowing users to locate and potentially exploit insecure file inclusion flaws.

    Language:Python