Local File Inclusion Exploitation Tool (mirror)
☆127Feb 13, 2017Updated 9 years ago
Alternatives and similar repositories for liffy
Users that are interested in liffy are comparing it to the libraries listed below
Sorting:
- [DEPRECATED] Kadabra is my automatic LFI Exploiter and Scanner, written in C++ and a couple extern module in Python.☆36Oct 7, 2019Updated 6 years ago
- kadimus is a tool to check and exploit lfi vulnerability.☆563Aug 17, 2020Updated 5 years ago
- A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.☆549Jun 12, 2017Updated 8 years ago
- Project "Flashbang" - An open-source Flash-security helper☆205Apr 19, 2015Updated 10 years ago
- Portable and flexible web application security assessment tool.It parses Burp Suite log and performs various tests depending on the modul…☆123Apr 4, 2018Updated 7 years ago
- Burp plugin to do random fuzzing of HTTP requests☆33Jan 31, 2017Updated 9 years ago
- SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.☆260May 16, 2025Updated 9 months ago
- Setup script for Regon-ng☆938Nov 17, 2020Updated 5 years ago
- A collection of all the lists, scripts and techniques I use while doing web application penetration tests.☆169Feb 29, 2016Updated 10 years ago
- A Cross-Platform Forensic Framework for Google Chrome☆70Mar 15, 2015Updated 10 years ago
- Burp Extender plugin that generates a sitemap of a website using Wayback Machine☆227May 8, 2018Updated 7 years ago
- fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion b…☆582Sep 12, 2022Updated 3 years ago
- Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.☆325Oct 20, 2021Updated 4 years ago
- XXE attack tool☆31Feb 20, 2016Updated 10 years ago
- Chrome Extension for XSS Hunter Payloads☆42Sep 7, 2016Updated 9 years ago
- Python Implementation of a .NET Padding Oracle Assessment Tool☆31Dec 17, 2015Updated 10 years ago
- OWASP Mth3l3m3nt Framework is a penetration testing aiding tool and exploitation framework. It fosters a principle of attack the web usin…☆163Jan 21, 2021Updated 5 years ago
- This tool can be used to brute discover GET and POST parameters☆1,393Aug 24, 2019Updated 6 years ago
- AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.☆256Feb 23, 2022Updated 4 years ago
- Linux and Windows Hardening Points☆12Mar 6, 2018Updated 8 years ago
- Automate SSH communication with firewalls, switches, etc.☆27Mar 29, 2018Updated 7 years ago
- Finds unknown classes of injection vulnerabilities☆709Apr 30, 2025Updated 10 months ago
- The repository for Building visualisation platforms for OSINT data using open source solutions☆29Aug 21, 2018Updated 7 years ago
- A Burp Extension to test applications for vulnerability to the Web Cache Deception attack☆140Feb 18, 2021Updated 5 years ago
- ☆10May 8, 2016Updated 9 years ago
- Python tool to check for expired domains still allowed in crossdomain.xml files☆13Jan 11, 2017Updated 9 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,482Oct 12, 2024Updated last year
- vcsmap is a plugin-based tool to scan public version control systems for sensitive information.☆140Aug 31, 2021Updated 4 years ago
- An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …☆260Aug 22, 2021Updated 4 years ago
- Automated All-in-One OS Command Injection Exploitation Tool☆5,645Feb 28, 2026Updated last week
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,123Apr 21, 2024Updated last year
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆628Feb 5, 2019Updated 7 years ago
- application server attack toolkit☆688Apr 6, 2020Updated 5 years ago
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆158Jul 10, 2025Updated 7 months ago
- A Ruby framework designed to aid in the penetration testing of WordPress systems.☆1,044Nov 24, 2019Updated 6 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Aug 29, 2021Updated 4 years ago
- ☆2,319Dec 8, 2023Updated 2 years ago
- Vulnerability scanner based on vulners.com search API☆885Oct 1, 2025Updated 5 months ago
- Burp extension to perform Java Deserialization Attacks☆216Feb 2, 2024Updated 2 years ago