Alternatives and similar repositories for lfi-labs

Users that are interested in lfi-labs are comparing it to the libraries listed below

• fakhrizulkifli / Defeating-PHP-GD-imagecreatefromjpeg
  Proof-of-concept to exploit the flaw in the PHP-GD built-in function, imagecreatefromjpeg()
  ☆151Updated 10 years ago
• nccgroup / CrossSiteContentHijacking
  Content hijacking proof-of-concept using Flash, PDF and Silverlight
  ☆384Updated 6 years ago
• ewilded / shelling
  SHELLING - a comprehensive OS command injection payload generator
  ☆445Updated 5 years ago
• ripsscanner / rips
  RIPS - A static source code analyser for vulnerabilities in PHP scripts
  ☆358Updated 9 years ago
• modzero / mod0BurpUploadScanner
  HTTP file upload scanner for Burp Proxy
  ☆490Updated last year
• TheTwitchy / xxer
  A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
  ☆521Updated 5 years ago
• snoopysecurity / dvws
  Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn rea…
  ☆456Updated 3 years ago
• Varbaek / xsser
  From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
  ☆427Updated 5 years ago
• m6a-UdS / ssrf-lab
  Lab for exploring SSRF vulnerabilities
  ☆248Updated 4 years ago
• h3xstream / http-script-generator
  ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
  ☆292Updated 2 years ago
• SecurityInnovation / AuthMatrix
  AuthMatrix is a Burp Suite extension that provides a simple way to test authorization in web applications and web services.
  ☆630Updated last year
• foobarto / redteam-notebook
  Collection of commands, tips and tricks and references I found useful during preparation for OSCP exam.
  ☆436Updated 3 years ago
• codewatchorg / bypasswaf
  Add headers to all Burp requests to bypass some WAF products
  ☆331Updated 7 years ago
• robocoder / rips-scanner
  RIPS - A static source code analyser for vulnerabilities in PHP scripts
  ☆320Updated 3 years ago
• joaomatosf / JavaDeserH2HC
  Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
  ☆509Updated 3 years ago
• trietptm / SQL-Injection-Payloads
  SQL Injection Payloads for Burp Suite, OWASP Zed Attack Proxy,...
  ☆232Updated 5 years ago
• skiptomyliu / solutions-bwapp
  In progress rough solutions to bWAPP / bee-box
  ☆177Updated 5 years ago
• a2u / CVE-2018-7600
  💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002
  ☆352Updated 6 years ago
• ilmila / J2EEScan
  J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tes…
  ☆667Updated last year
• NytroRST / XSSFuzzer
  XSS Fuzzer is a tool which generates XSS payloads based on user-defined vectors and fuzzing lists.
  ☆140Updated 6 years ago
• nettitude / xss_payloads
  Exploitation for XSS
  ☆723Updated 4 years ago
• anantshri / svn-extractor
  simple script to extract all web resources by means of .SVN folder exposed over network.
  ☆476Updated last year
• Bo0oM / WAF-bypass-Cheat-Sheet
  Another way to bypass WAF Cheat Sheet (draft)
  ☆428Updated 6 years ago
• weev3 / LKWA
  Lesser Known Web Attack Lab
  ☆331Updated 5 years ago
• kozmic / laravel-poc-CVE-2018-15133
  PoC for CVE-2018-15133 (Laravel unserialize vulnerability)
  ☆252Updated last year
• orangetw / awesome-jenkins-rce-2019
  There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
  ☆604Updated 6 years ago
• joernchen / xxeserve
  XXE Out of Band Server.
  ☆170Updated 2 years ago
• WSP-LAB / FUSE
  A penetration testing tool for finding file upload bugs (NDSS 2020)
  ☆249Updated 4 years ago
• dustyfresh / PHP-vulnerability-audit-cheatsheet
  This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabi…
  ☆356Updated 5 months ago
• kacperszurek / exploits
  ☆265Updated 6 years ago