Alternatives and similar repositories for LFImap

Users that are interested in LFImap are comparing it to the libraries listed below

• mzfr / liffy

  View on GitHub
  Local file inclusion exploitation tool
  ☆925Oct 1, 2025Updated 4 months ago
• vladko312 / SSTImap

  View on GitHub
  Automatic SSTI detection tool with interactive interface
  ☆1,374Jan 17, 2026Updated 3 weeks ago
• R0X4R / bhedak

  View on GitHub
  A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.
  ☆109Mar 1, 2022Updated 3 years ago
• trickest / find-gh-poc

  View on GitHub
  Find CVE PoCs on GitHub
  ☆160Aug 1, 2025Updated 6 months ago
• ghsec / ghsec-jaeles-signatures

  View on GitHub
  Signatures for jaeles scanner by @j3ssie
  ☆117Apr 20, 2024Updated last year
• clarkvoss / Nuclei-Templates

  View on GitHub
  ☆86Aug 25, 2022Updated 3 years ago
• xnl-h4ck3r / xnLinkFinder

  View on GitHub
  A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets
  ☆1,515Jan 15, 2026Updated 3 weeks ago
• xnl-h4ck3r / knoxnl

  View on GitHub
  This is a python wrapper around the amazing KNOXSS API by Brute Logic
  ☆279Jan 12, 2026Updated last month
• HernanRodriguez1 / ScanMySQLiErrorBased-Nuclei

  View on GitHub
  ☆21Aug 3, 2022Updated 3 years ago
• swisskyrepo / SSRFmap

  View on GitHub
  Automatic SSRF fuzzer and exploitation tool
  ☆3,479Sep 4, 2025Updated 5 months ago
• devploit / nomore403

  View on GitHub
  🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast…
  ☆1,490Feb 5, 2026Updated last week
• xnl-h4ck3r / urless

  View on GitHub
  De-clutter a list of URLs
  ☆384Feb 3, 2026Updated last week
• bitquark / shortscan

  View on GitHub
  An IIS short filename enumeration tool
  ☆1,109Nov 25, 2024Updated last year
• EasyRecon / Hunt3r

  View on GitHub
  Made your bugbounty subdomains reconnaissance easier with Hunt3r the web application reconnaissance framework
  ☆169Feb 4, 2023Updated 3 years ago
• devanshbatham / OpenRedireX

  View on GitHub
  A fuzzer for detecting open redirect vulnerabilities
  ☆782Jul 1, 2024Updated last year
• Raghavd3v / CRLFsuite

  View on GitHub
  The most powerful CRLF injection (HTTP Response Splitting) scanner.
  ☆593Oct 17, 2023Updated 2 years ago
• hakluke / hakoriginfinder

  View on GitHub
  Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!
  ☆975Jan 12, 2024Updated 2 years ago
• dwisiswant0 / crlfuzz

  View on GitHub
  A fast tool to scan CRLF vulnerability written in Go
  ☆1,517Jan 22, 2026Updated 3 weeks ago
• volkandindar / agartha

  View on GitHub
  A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violati…
  ☆394Feb 4, 2026Updated last week
• Hackmanit / Web-Cache-Vulnerability-Scanner

  View on GitHub
  Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hac…
  ☆1,145Jan 21, 2026Updated 3 weeks ago
• edoardottt / csprecon

  View on GitHub
  Discover new target domains using Content Security Policy
  ☆501Feb 7, 2026Updated last week
• hahwul / dalfox

  View on GitHub
  🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
  ☆4,835Updated this week
• xnl-h4ck3r / waymore

  View on GitHub
  Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!
  ☆2,533Feb 7, 2026Updated last week
• JoshMorrison99 / isXSS-Burp

  View on GitHub
  Passively check for XSS character encodings
  ☆18Feb 7, 2026Updated last week
• s0md3v / uro

  View on GitHub
  declutters url lists for crawling/pentesting
  ☆1,522Feb 23, 2025Updated 11 months ago
• nccgroup / jwt-reauth

  View on GitHub
  ☆106Jan 3, 2023Updated 3 years ago
• HernanRodriguez1 / ScanReflectedXSS

  View on GitHub
  ☆46Nov 5, 2025Updated 3 months ago
• MindPatch / lorsrf

  View on GitHub
  Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load
  ☆297Sep 22, 2024Updated last year
• eslam3kl / SQLiDetector

  View on GitHub
  Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests w…
  ☆631Jan 4, 2026Updated last month
• anshumanpattnaik / http-request-smuggling

  View on GitHub
  HTTP Request Smuggling Detection Tool
  ☆535Dec 21, 2023Updated 2 years ago
• projectdiscovery / fuzzing-templates

  View on GitHub
  Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
  ☆87May 2, 2024Updated last year
• ferreiraklet / Jeeves

  View on GitHub
  Jeeves SQLI Finder
  ☆218May 13, 2022Updated 3 years ago
• ferreiraklet / airixss

  View on GitHub
  Finding XSS during recon
  ☆271Sep 13, 2022Updated 3 years ago
• MayankPandey01 / Jira-Lens

  View on GitHub
  Fast and customizable vulnerability scanner For JIRA written in Python
  ☆344Dec 31, 2024Updated last year
• root-tanishq / userefuzz

  View on GitHub
  User-Agent , X-Forwarded-For and Referer SQLI Fuzzer
  ☆382May 19, 2023Updated 2 years ago
• bp0lr / gauplus

  View on GitHub
  ☆299Jul 16, 2022Updated 3 years ago
• xnl-h4ck3r / GAP-Burp-Extension

  View on GitHub
  Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
  ☆1,495Jan 8, 2026Updated last month
• adrianlarion / pegaxss

  View on GitHub
  Magic Header Blind Xss tool (deliver blind xss payloads in request headers).
  ☆26May 30, 2021Updated 4 years ago
• e1abrador / Burp-Encode-IP

  View on GitHub
  Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.
  ☆46Mar 4, 2024Updated last year