LFI-FINDER is an open-source tool available on GitHub that focuses on detecting Local File Inclusion (LFI) vulnerabilities
☆300Jan 7, 2024Updated 2 years ago
Alternatives and similar repositories for LFI-FINDER
Users that are interested in LFI-FINDER are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A simple tool for bypassing file upload restrictions.☆899Jul 22, 2024Updated last year
- A command-line utility designed to recursively spider webpages for URLs. It works by actively traversing websites - following links embed…☆108Dec 8, 2025Updated 5 months ago
- NucleiFuzzer is a robust automation tool that efficiently detects web application vulnerabilities, including XSS, SQLi, SSRF, and Open Re…☆1,843Apr 17, 2026Updated last month
- Automated Tool for Testing Header Based Blind SQL Injection☆323Jul 23, 2023Updated 2 years ago
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers☆313Mar 31, 2024Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- An XSS exploitation command-line interface and payload generator.☆1,421Jan 19, 2025Updated last year
- Nodesub is a command-line tool for finding subdomains in bug bounty programs☆148Aug 1, 2024Updated last year
- Lfi Scan Tool☆110May 2, 2026Updated 3 weeks ago
- DNSleuth sniffs DNS packets, i.e, allowing you to spy on the DNS queries your machine is making☆102Aug 9, 2023Updated 2 years ago
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆384May 19, 2023Updated 3 years ago
- Subprober is a powerful and efficient subdomain scanning tool written in Python. With the ability to handle large lists of subdomains. Th…☆266May 17, 2026Updated last week
- A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning☆518Jul 5, 2023Updated 2 years ago
- With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded on the netw…☆146May 31, 2024Updated last year
- Welcome to the Bug Hunter's Wordlists repository! 🐛🔍 This repository serves as a comprehensive collection of essential wordlists utiliz…☆153May 17, 2024Updated 2 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- A modern tool written in Python that automates your xss findings.☆475Nov 26, 2023Updated 2 years ago
- Burp Suite's extension to scan and crawl Single Page Applications☆106Apr 14, 2023Updated 3 years ago
- 「🔑」A tool used to hunt down API key leaks in JS files and pages☆893Mar 12, 2026Updated 2 months ago
- Checks for SSRF using built-in custom Payloads after fetching URLs from Multiple Passive Sources & applying complex patterns aimed at SSR…☆133Sep 6, 2024Updated last year
- i will upload more templates here to share with the comunity.☆571Apr 17, 2024Updated 2 years ago
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆359Dec 14, 2023Updated 2 years ago
- Exploit Proof-of-Concept code for XAMPP v3.3.0 — '.ini' Buffer Overflow (Unicode + SEH)☆14Nov 1, 2023Updated 2 years ago
- ProxyChecker Made in NodeJS☆37Mar 15, 2022Updated 4 years ago
- My Priv8 Nuclei Templates☆342May 12, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Passively check for XSS character encodings☆19Mar 9, 2026Updated 2 months ago
- The most powerful CRLF injection (HTTP Response Splitting) scanner.☆595Oct 17, 2023Updated 2 years ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆744May 19, 2023Updated 3 years ago
- This function combines all the above functions and takes necessary information from the user to change the IP and MAC address, start the …☆73May 21, 2023Updated 3 years ago
- it is malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web pag…☆118Jul 18, 2023Updated 2 years ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆441Dec 30, 2025Updated 4 months ago
- Dump Windows SAM hashes☆42Aug 9, 2023Updated 2 years ago
- PowerSploit - A PowerShell Post-Exploitation Framework☆22Jun 11, 2022Updated 3 years ago
- This Repositories contains list of One Liners with Descriptions and Installation requirements☆505Jun 28, 2025Updated 10 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A collection of one-liners for bug bounty hunting.☆1,565Jan 21, 2025Updated last year
- AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,☆736Mar 21, 2024Updated 2 years ago
- Small toolkit for extracting information and dumping sensitive strings from Windows processes☆116Jul 17, 2024Updated last year
- Template Nuclei SSTI☆34Nov 18, 2025Updated 6 months ago
- Dump place details from Google Maps like phone,email,website,and reviews☆73Jun 3, 2025Updated 11 months ago
- Local file inclusion exploitation tool☆957Updated this week
- ☆132Jan 25, 2023Updated 3 years ago