LFI-FINDER is an open-source tool available on GitHub that focuses on detecting Local File Inclusion (LFI) vulnerabilities
☆300Jan 7, 2024Updated 2 years ago
Alternatives and similar repositories for LFI-FINDER
Users that are interested in LFI-FINDER are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A simple tool for bypassing file upload restrictions.☆900Jul 22, 2024Updated last year
- A command-line utility designed to recursively spider webpages for URLs. It works by actively traversing websites - following links embed…☆106Dec 8, 2025Updated 4 months ago
- NucleiFuzzer is a robust automation tool that efficiently detects web application vulnerabilities, including XSS, SQLi, SSRF, and Open Re…☆1,830Updated this week
- Automated Tool for Testing Header Based Blind SQL Injection☆323Jul 23, 2023Updated 2 years ago
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers☆312Mar 31, 2024Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- An XSS exploitation command-line interface and payload generator.☆1,421Jan 19, 2025Updated last year
- Nodesub is a command-line tool for finding subdomains in bug bounty programs☆148Aug 1, 2024Updated last year
- Lfi Scan Tool☆108May 16, 2023Updated 2 years ago
- DNSleuth sniffs DNS packets, i.e, allowing you to spy on the DNS queries your machine is making☆102Aug 9, 2023Updated 2 years ago
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆384May 19, 2023Updated 2 years ago
- Subprober is a powerful and efficient subdomain scanning tool written in Python. With the ability to handle large lists of subdomains. Th…☆266Mar 22, 2026Updated 3 weeks ago
- A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning☆517Jul 5, 2023Updated 2 years ago
- With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded on the netw…☆146May 31, 2024Updated last year
- Welcome to the Bug Hunter's Wordlists repository! 🐛🔍 This repository serves as a comprehensive collection of essential wordlists utiliz…☆153May 17, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A modern tool written in Python that automates your xss findings.☆473Nov 26, 2023Updated 2 years ago
- 「🔑」A tool used to hunt down API key leaks in JS files and pages☆881Mar 12, 2026Updated last month
- Burp Suite's extension to scan and crawl Single Page Applications☆107Apr 14, 2023Updated 3 years ago
- Checks for SSRF using built-in custom Payloads after fetching URLs from Multiple Passive Sources & applying complex patterns aimed at SSR…☆133Sep 6, 2024Updated last year
- i will upload more templates here to share with the comunity.☆569Apr 17, 2024Updated last year
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆358Dec 14, 2023Updated 2 years ago
- Exploit Proof-of-Concept code for XAMPP v3.3.0 — '.ini' Buffer Overflow (Unicode + SEH)☆14Nov 1, 2023Updated 2 years ago
- ProxyChecker Made in NodeJS☆37Mar 15, 2022Updated 4 years ago
- My Priv8 Nuclei Templates☆341May 12, 2024Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Passively check for XSS character encodings☆18Mar 9, 2026Updated last month
- The most powerful CRLF injection (HTTP Response Splitting) scanner.☆594Oct 17, 2023Updated 2 years ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆742May 19, 2023Updated 2 years ago
- This function combines all the above functions and takes necessary information from the user to change the IP and MAC address, start the …☆73May 21, 2023Updated 2 years ago
- it is malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web pag…☆117Jul 18, 2023Updated 2 years ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆438Dec 30, 2025Updated 3 months ago
- Dump Windows SAM hashes☆42Aug 9, 2023Updated 2 years ago
- PowerSploit - A PowerShell Post-Exploitation Framework☆22Jun 11, 2022Updated 3 years ago
- This Repositories contains list of One Liners with Descriptions and Installation requirements☆502Jun 28, 2025Updated 9 months ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A collection of one-liners for bug bounty hunting.☆1,478Jan 21, 2025Updated last year
- AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,☆732Mar 21, 2024Updated 2 years ago
- Small toolkit for extracting information and dumping sensitive strings from Windows processes☆117Jul 17, 2024Updated last year
- Template Nuclei SSTI☆34Nov 18, 2025Updated 4 months ago
- Dump place details from Google Maps like phone,email,website,and reviews☆73Jun 3, 2025Updated 10 months ago
- Local file inclusion exploitation tool☆941Oct 1, 2025Updated 6 months ago
- Brute Ratel LDAP filtering and sorting tool. Easily take BR log output and pull hostnames for ease of use with other red team tooling. Su…☆38Nov 16, 2023Updated 2 years ago