kurobeats / fimap
fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in webapps.
☆516Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for fimap
- BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source c…☆530Updated 2 years ago
- Local file inclusion exploitation tool☆787Updated last year
- ReverShellGenerator - A tool to generate various ways to do a reverse shell☆555Updated 6 months ago
- A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, al…☆1,198Updated 10 months ago
- DotDotPwn - The Directory Traversal Fuzzer☆990Updated 2 years ago
- A unique automated LFi Exploiter with Bind/Reverse Shells☆267Updated 9 years ago
- Herramienta para evadir disable_functions y open_basedir☆395Updated last year
- A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.☆958Updated 6 years ago
- Content discovery wordlists generated using BigQuery☆557Updated 4 years ago
- A script to enumerate virtual hosts on a server.☆663Updated 6 years ago
- Simple php reverse shell implemented using binary .☆399Updated 11 months ago
- kadimus is a tool to check and exploit lfi vulnerability.☆514Updated 4 years ago
- Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.☆524Updated 6 years ago
- Finds unknown classes of injection vulnerabilities☆636Updated last year
- A Powerful Subdomain Takeover Tool☆930Updated last year
- Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and us…☆566Updated 4 months ago
- Automated script for performing Padding Oracle attacks☆751Updated 3 months ago
- Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner☆1,696Updated 2 years ago
- Open Redirect Payloads☆583Updated 3 weeks ago
- Exploitation for XSS☆702Updated 3 years ago
- Search for Directory Traversal Vulnerabilities☆417Updated 4 months ago
- Modified version of the passing-the-hash tool collection made to work straight out of the box☆556Updated 9 years ago
- Username tools for penetration testing☆841Updated last month
- Python 3.5+ DNS asynchronous brute force utility☆644Updated last year
- RSMangler will take a wordlist and perform various manipulations on it similar to those done by John the Ripper with a few extras.☆216Updated 5 years ago
- 🎯 RFI/LFI Payload List☆536Updated 3 months ago
- Collection of Proof of Concepts and Potential Targets for #ShellShocker☆887Updated 4 years ago
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists☆694Updated last year
- Default usernames and passwords for various systems (VoIP,IPMI,Oracle).☆413Updated 6 months ago
- Materials for OSCP exam☆368Updated 10 months ago