LFI-FINDER is an open-source tool available on GitHub that focuses on detecting Local File Inclusion (LFI) vulnerabilities
☆300Jan 7, 2024Updated 2 years ago
Alternatives and similar repositories for LFI-FINDER
Users that are interested in LFI-FINDER are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A simple tool for bypassing file upload restrictions.☆896Jul 22, 2024Updated last year
- A command-line utility designed to recursively spider webpages for URLs. It works by actively traversing websites - following links embed…☆105Dec 8, 2025Updated 3 months ago
- NucleiFuzzer is a robust automation tool that efficiently detects web application vulnerabilities, including XSS, SQLi, SSRF, and Open Re…☆1,826Aug 20, 2025Updated 7 months ago
- Automated Tool for Testing Header Based Blind SQL Injection☆324Jul 23, 2023Updated 2 years ago
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers☆312Mar 31, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- An XSS exploitation command-line interface and payload generator.☆1,419Jan 19, 2025Updated last year
- Nodesub is a command-line tool for finding subdomains in bug bounty programs☆148Aug 1, 2024Updated last year
- Lfi Scan Tool☆108May 16, 2023Updated 2 years ago
- DNSleuth sniffs DNS packets, i.e, allowing you to spy on the DNS queries your machine is making☆102Aug 9, 2023Updated 2 years ago
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆384May 19, 2023Updated 2 years ago
- Subprober is a powerful and efficient subdomain scanning tool written in Python. With the ability to handle large lists of subdomains. Th…☆265Jul 6, 2025Updated 8 months ago
- A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning☆520Jul 5, 2023Updated 2 years ago
- With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded on the netw…☆146May 31, 2024Updated last year
- Welcome to the Bug Hunter's Wordlists repository! 🐛🔍 This repository serves as a comprehensive collection of essential wordlists utiliz…☆153May 17, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A modern tool written in Python that automates your xss findings.☆470Nov 26, 2023Updated 2 years ago
- 「🔑」A tool used to hunt down API key leaks in JS files and pages☆866Mar 12, 2026Updated last week
- Burp Suite's extension to scan and crawl Single Page Applications☆107Apr 14, 2023Updated 2 years ago
- Checks for SSRF using built-in custom Payloads after fetching URLs from Multiple Passive Sources & applying complex patterns aimed at SSR…☆132Sep 6, 2024Updated last year
- i will upload more templates here to share with the comunity.☆569Apr 17, 2024Updated last year
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆358Dec 14, 2023Updated 2 years ago
- Exploit Proof-of-Concept code for XAMPP v3.3.0 — '.ini' Buffer Overflow (Unicode + SEH)☆14Nov 1, 2023Updated 2 years ago
- ProxyChecker Made in NodeJS☆37Mar 15, 2022Updated 4 years ago
- My Priv8 Nuclei Templates☆340May 12, 2024Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- The most powerful CRLF injection (HTTP Response Splitting) scanner.☆593Oct 17, 2023Updated 2 years ago
- Passively check for XSS character encodings☆18Mar 9, 2026Updated 2 weeks ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆740May 19, 2023Updated 2 years ago
- This function combines all the above functions and takes necessary information from the user to change the IP and MAC address, start the …☆73May 21, 2023Updated 2 years ago
- it is malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web pag…☆116Jul 18, 2023Updated 2 years ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆437Dec 30, 2025Updated 2 months ago
- Dump Windows SAM hashes☆42Aug 9, 2023Updated 2 years ago
- A collection of one-liners for bug bounty hunting.☆1,431Jan 21, 2025Updated last year
- PowerSploit - A PowerShell Post-Exploitation Framework☆22Jun 11, 2022Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- This Repositories contains list of One Liners with Descriptions and Installation requirements☆502Jun 28, 2025Updated 8 months ago
- AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,☆733Mar 21, 2024Updated 2 years ago
- Template Nuclei SSTI☆34Nov 18, 2025Updated 4 months ago
- Small toolkit for extracting information and dumping sensitive strings from Windows processes☆117Jul 17, 2024Updated last year
- Dump place details from Google Maps like phone,email,website,and reviews☆73Jun 3, 2025Updated 9 months ago
- Local file inclusion exploitation tool☆933Oct 1, 2025Updated 5 months ago
- ☆132Jan 25, 2023Updated 3 years ago