kurobeats / fimap
fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in webapps.
☆521Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for fimap
- kadimus is a tool to check and exploit lfi vulnerability.☆514Updated 4 years ago
- Local file inclusion exploitation tool☆793Updated last year
- ReverShellGenerator - A tool to generate various ways to do a reverse shell☆555Updated 6 months ago
- BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source c…☆532Updated 2 years ago
- A unique automated LFi Exploiter with Bind/Reverse Shells☆267Updated 9 years ago
- A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, al…☆1,201Updated 11 months ago
- DotDotPwn - The Directory Traversal Fuzzer☆989Updated 2 years ago
- Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner☆1,699Updated 2 years ago
- A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.☆958Updated 6 years ago
- Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and us…☆568Updated 5 months ago
- Simple php reverse shell implemented using binary .☆400Updated last year
- BruteXSS is a tool written in python simply to find XSS vulnerabilities in web application. This tool was originally developed by Shawar …☆502Updated 3 years ago
- Exploitation for XSS☆703Updated 3 years ago
- Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT☆390Updated 4 months ago
- Content discovery wordlists generated using BigQuery☆558Updated 4 years ago
- A tool for embedding XXE/XML exploits into different filetypes☆1,038Updated 4 months ago
- This repository contains all the supplement material for the book "The art of sub-domain enumeration"☆639Updated 5 years ago
- Herramienta para evadir disable_functions y open_basedir☆396Updated last year
- Automated script for performing Padding Oracle attacks☆751Updated 4 months ago
- Multi Tool Subdomain Enumeration☆722Updated 3 years ago
- A Powerful Subdomain Takeover Tool☆932Updated last year
- Finds unknown classes of injection vulnerabilities☆638Updated last year
- Username tools for penetration testing☆853Updated 2 months ago
- Default usernames and passwords for various systems (VoIP,IPMI,Oracle).☆415Updated 6 months ago
- Modified version of the passing-the-hash tool collection made to work straight out of the box☆559Updated 9 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,680Updated 6 months ago
- A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-s…☆431Updated 3 years ago
- Drupal enumeration & exploitation tool☆584Updated 4 years ago
- Another web vulnerabilities scanner, this extension works on Chrome and Opera☆449Updated 5 years ago
- JShell - Get a JavaScript shell with XSS.☆511Updated 5 years ago