hvqzao / liffyView external linksLinks
Local File Inclusion Exploitation Tool (mirror)
☆128Feb 13, 2017Updated 9 years ago
Alternatives and similar repositories for liffy
Users that are interested in liffy are comparing it to the libraries listed below
Sorting:
- [DEPRECATED] Kadabra is my automatic LFI Exploiter and Scanner, written in C++ and a couple extern module in Python.☆36Oct 7, 2019Updated 6 years ago
- kadimus is a tool to check and exploit lfi vulnerability.☆559Aug 17, 2020Updated 5 years ago
- A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.☆550Jun 12, 2017Updated 8 years ago
- Project "Flashbang" - An open-source Flash-security helper☆205Apr 19, 2015Updated 10 years ago
- Portable and flexible web application security assessment tool.It parses Burp Suite log and performs various tests depending on the modul…☆123Apr 4, 2018Updated 7 years ago
- Burp plugin to do random fuzzing of HTTP requests☆33Jan 31, 2017Updated 9 years ago
- SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.☆260May 16, 2025Updated 9 months ago
- Setup script for Regon-ng☆936Nov 17, 2020Updated 5 years ago
- A collection of all the lists, scripts and techniques I use while doing web application penetration tests.☆169Feb 29, 2016Updated 9 years ago
- Playground for Race Condition attack☆24Mar 18, 2023Updated 2 years ago
- A Cross-Platform Forensic Framework for Google Chrome☆71Mar 15, 2015Updated 10 years ago
- Burp Extender plugin that generates a sitemap of a website using Wayback Machine☆227May 8, 2018Updated 7 years ago
- fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion b…☆581Sep 12, 2022Updated 3 years ago
- Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.☆325Oct 20, 2021Updated 4 years ago
- XXE attack tool☆31Feb 20, 2016Updated 9 years ago
- Chrome Extension for XSS Hunter Payloads☆41Sep 7, 2016Updated 9 years ago
- Python Implementation of a .NET Padding Oracle Assessment Tool☆31Dec 17, 2015Updated 10 years ago
- OWASP Mth3l3m3nt Framework is a penetration testing aiding tool and exploitation framework. It fosters a principle of attack the web usin…☆163Jan 21, 2021Updated 5 years ago
- This tool can be used to brute discover GET and POST parameters☆1,390Aug 24, 2019Updated 6 years ago
- AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.☆256Feb 23, 2022Updated 3 years ago
- Linux and Windows Hardening Points☆12Mar 6, 2018Updated 7 years ago
- Automate SSH communication with firewalls, switches, etc.☆27Mar 29, 2018Updated 7 years ago
- Finds unknown classes of injection vulnerabilities☆708Apr 30, 2025Updated 9 months ago
- The repository for Building visualisation platforms for OSINT data using open source solutions☆29Aug 21, 2018Updated 7 years ago
- vcsmap is a plugin-based tool to scan public version control systems for sensitive information.☆142Aug 31, 2021Updated 4 years ago
- A Burp Extension to test applications for vulnerability to the Web Cache Deception attack☆139Feb 18, 2021Updated 4 years ago
- ☆10May 8, 2016Updated 9 years ago
- Python tool to check for expired domains still allowed in crossdomain.xml files☆13Jan 11, 2017Updated 9 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,484Oct 12, 2024Updated last year
- An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …☆260Aug 22, 2021Updated 4 years ago
- Automated All-in-One OS Command Injection Exploitation Tool☆5,624Feb 8, 2026Updated last week
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,117Apr 21, 2024Updated last year
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆631Feb 5, 2019Updated 7 years ago
- application server attack toolkit☆688Apr 6, 2020Updated 5 years ago
- A Ruby framework designed to aid in the penetration testing of WordPress systems.☆1,044Nov 24, 2019Updated 6 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Aug 29, 2021Updated 4 years ago
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆158Jul 10, 2025Updated 7 months ago
- ☆2,315Dec 8, 2023Updated 2 years ago
- Vulnerability scanner based on vulners.com search API☆884Oct 1, 2025Updated 4 months ago