LFI-FINDER is an open-source tool available on GitHub that focuses on detecting Local File Inclusion (LFI) vulnerabilities
☆299Jan 7, 2024Updated 2 years ago
Alternatives and similar repositories for LFI-FINDER
Users that are interested in LFI-FINDER are comparing it to the libraries listed below
Sorting:
- A simple tool for bypassing file upload restrictions.☆893Jul 22, 2024Updated last year
- Nodesub is a command-line tool for finding subdomains in bug bounty programs☆148Aug 1, 2024Updated last year
- Automated Tool for Testing Header Based Blind SQL Injection☆323Jul 23, 2023Updated 2 years ago
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers☆311Mar 31, 2024Updated last year
- NucleiFuzzer is a robust automation tool that efficiently detects web application vulnerabilities, including XSS, SQLi, SSRF, and Open Re…☆1,823Aug 20, 2025Updated 6 months ago
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆382May 19, 2023Updated 2 years ago
- An XSS exploitation command-line interface and payload generator.☆1,414Jan 19, 2025Updated last year
- Subprober is a powerful and efficient subdomain scanning tool written in Python. With the ability to handle large lists of subdomains. Th…☆262Jul 6, 2025Updated 8 months ago
- A command-line utility designed to recursively spider webpages for URLs. It works by actively traversing websites - following links embed…☆104Dec 8, 2025Updated 2 months ago
- A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning☆523Jul 5, 2023Updated 2 years ago
- Lfi Scan Tool☆108May 16, 2023Updated 2 years ago
- i will upload more templates here to share with the comunity.☆567Apr 17, 2024Updated last year
- DNSleuth sniffs DNS packets, i.e, allowing you to spy on the DNS queries your machine is making☆102Aug 9, 2023Updated 2 years ago
- Checks for SSRF using built-in custom Payloads after fetching URLs from Multiple Passive Sources & applying complex patterns aimed at SSR…☆132Sep 6, 2024Updated last year
- Welcome to the Bug Hunter's Wordlists repository! 🐛🔍 This repository serves as a comprehensive collection of essential wordlists utiliz…☆152May 17, 2024Updated last year
- A modern tool written in Python that automates your xss findings.☆471Nov 26, 2023Updated 2 years ago
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆356Dec 14, 2023Updated 2 years ago
- 「🔑」A tool used to hunt down API key leaks in JS files and pages☆853Sep 4, 2025Updated 6 months ago
- Exploit Proof-of-Concept code for XAMPP v3.3.0 — '.ini' Buffer Overflow (Unicode + SEH)☆14Nov 1, 2023Updated 2 years ago
- With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded on the netw…☆146May 31, 2024Updated last year
- My Priv8 Nuclei Templates☆338May 12, 2024Updated last year
- Experience the power of a PHP webshell designed to overcome the limitations of blacklisted system/exec functions.☆26Jul 14, 2024Updated last year
- Passively check for XSS character encodings☆18Updated this week
- This Repositories contains list of One Liners with Descriptions and Installation requirements☆500Jun 28, 2025Updated 8 months ago
- EndExt is a .go tool for extracting all the possible endpoints from the JS files☆219Jul 14, 2024Updated last year
- Small toolkit for extracting information and dumping sensitive strings from Windows processes☆117Jul 17, 2024Updated last year
- Burp Suite's extension to scan and crawl Single Page Applications☆107Apr 14, 2023Updated 2 years ago
- The most powerful CRLF injection (HTTP Response Splitting) scanner.☆592Oct 17, 2023Updated 2 years ago
- Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search …☆540Feb 7, 2024Updated 2 years ago
- A collection of one-liners for bug bounty hunting.☆1,427Jan 21, 2025Updated last year
- A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomain…☆888May 3, 2023Updated 2 years ago
- AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,☆733Mar 21, 2024Updated last year
- This function combines all the above functions and takes necessary information from the user to change the IP and MAC address, start the …☆73May 21, 2023Updated 2 years ago
- Brute Ratel LDAP filtering and sorting tool. Easily take BR log output and pull hostnames for ease of use with other red team tooling. Su…☆38Nov 16, 2023Updated 2 years ago
- Dump place details from Google Maps like phone,email,website,and reviews☆73Jun 3, 2025Updated 9 months ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆438Dec 30, 2025Updated 2 months ago
- Dump Windows SAM hashes☆42Aug 9, 2023Updated 2 years ago
- An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for …☆1,267Jul 18, 2024Updated last year
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆738May 19, 2023Updated 2 years ago