lfi-exploitation

Local file inclusion exploitation tool

🎯 RFI/LFI Payload List

Local File Inclusion discovery and exploitation tool

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

LFITester is a Python3 program that automates the detection and exploitation of Local File Inclusion (LFI) vulnerabilities on a server.

Waymap is a fast and optimized web vulnerability scanner built for penetration testers. It helps in identifying vulnerabilities by testing against various payloads.

POC - CVE-2024–10914- Command Injection Vulnerability in `name` parameter for D-Link NAS

Web Vulnerability Detector (XSS,SQL,LFI,XST,WAF)

LFI (Local File Inclusion) Exploitation Tool

A simple Script which tests for LFI (Local File Inclusion) via Curl

A small and fast bash script to automate LFI vulnerability.

This repository is a Dockerized php application containing a LFI (Local File Inclusion) vulnerability which can lead to RCE (Remote Code Execution).

LFI Exploitation Tool

PDF Generator Addon for Elementor Page Builder <= 1.7.5 - Unauthenticated Arbitrary File Download

CVE-2024-50623 POC - Cleo Unrestricted file upload and download

For Web Security

LFI2Keys automates the process of extracting user accounts from /etc/passwd and attempts to locate private SSH keys through LFI

SQLi & LFI Scanner is a powerful security testing tool designed to detect SQL Injection (SQLi) vulnerabilities and Local File Inclusion (LFI) flaws in web applications. It helps ethical hackers and security researchers identify security weaknesses efficiently.

Script to brute force a potential LFI vulnerability

ScanShield is an advanced vulnerability scanner built to identify common web security flaws such as SQL Injection, XSS, LFI, RFI, directory listing issues, and security header misconfigurations.