49 results for “topic:lfi-exploitation”
Local file inclusion exploitation tool
Local File Inclusion discovery and exploitation tool
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Waymap is a fast and optimized web vulnerability scanner built for penetration testers. It helps in identifying vulnerabilities by testing against various payloads.
LFITester is a Python3 program that automates the detection and exploitation of Local File Inclusion (LFI) vulnerabilities on a server.
POC - CVE-2024–10914- Command Injection Vulnerability in `name` parameter for D-Link NAS
Web Vulnerability Detector (XSS,SQL,LFI,XST,WAF)
LFI (Local File Inclusion) Exploitation Tool
A simple Script which tests for LFI (Local File Inclusion) via Curl
This repository is a Dockerized php application containing a LFI (Local File Inclusion) vulnerability which can lead to RCE (Remote Code Execution).
A small and fast bash script to automate LFI vulnerability.
🦖 PTScanner is a powerful tool for detecting Path Traversal and Local File Inclusion (LFI) vulnerabilities. developed as part of the ApachSAL project, it has been fully ported to Node.js, featuring significant enhancements and extended capabilities for modern penetration testing workflows.
LFI Exploitation Tool
PDF Generator Addon for Elementor Page Builder <= 1.7.5 - Unauthenticated Arbitrary File Download
CVE-2024-50623 POC - Cleo Unrestricted file upload and download
For Web Security
LFI2Keys automates the process of extracting user accounts from /etc/passwd and attempts to locate private SSH keys through LFI
Script to brute force a potential LFI vulnerability
LFI Finder
Takes input wordlist in native path format to generate encoding evasion, path traversals, and null byte injections
A vulnerable lab for understanding difference between LFI and File Retrieval
Dump .git repositories exposed through Local File Inclusion vulnerabilities, and recover source files when object storage is blocked server-side.
Local File inclusion (LFI), or simply File Inclusion, refers to an inclusion attack through which an attacker can trick the web application into including files on the web server
ScanShield is an advanced vulnerability scanner built to identify common web security flaws such as SQL Injection, XSS, LFI, RFI, directory listing issues, and security header misconfigurations.
Sonatype Nexus Repository Manager 3 (LFI)
LFI Exploitation tool
Web Fuzz | LFI Log File
LeFiMap adalah scanner dan exploitation tool untuk kerentanan Local File Inclusion (LFI) yang dibangun untuk membantu proses pentesting modern, lengkap dengan deteksi otomatis, payload fuzzing, WAF evasion, PHP wrapper, Tor routing, dan opsi post-exploitation shell.
Dump files over Local File Inclusion vulnerability
Just an automation of XSS, SSRF, and LFI tester for Web Application