Stuub/CVE-2024-4040-SSTI-LFI-PoC

CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support

Language: Python - Size: 53.7 KB - Last synced: about 16 hours ago - Pushed: 2 days ago - Stars: 20 - Forks: 6

dragonked2/Egyscan

Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:

Language: Python - Size: 301 KB - Last synced: 3 days ago - Pushed: 3 days ago - Stars: 193 - Forks: 36

xalgord/LFIgo

A faster LFI Fuzzer.

Language: Go - Size: 9.77 KB - Last synced: 3 days ago - Pushed: 4 days ago - Stars: 0 - Forks: 0

mzfr/liffy

Local file inclusion exploitation tool

Language: Python - Size: 253 KB - Last synced: 6 days ago - Pushed: 10 months ago - Stars: 715 - Forks: 99

smsharma/awesome-neural-sbi

Community-sourced list of papers and resources on neural simulation-based inference.

Size: 51.8 KB - Last synced: 2 days ago - Pushed: 2 months ago - Stars: 63 - Forks: 3

hansmach1ne/LFImap

Local File Inclusion discovery and exploitation tool

Language: Python - Size: 235 KB - Last synced: 7 days ago - Pushed: about 2 months ago - Stars: 181 - Forks: 27

mrgr4yhat/Vulnerable-Web-App

The main goal of VWA is to provide a hands-on experience for security rookies on vulnerable web applications available for practicing and learning, so that they can attack realistic web environments… without going to jail :)

Language: PHP - Size: 135 KB - Last synced: 4 days ago - Pushed: 8 months ago - Stars: 3 - Forks: 1

glavstroy/DorkFinder

Automatic tool to find Google Dorks

Language: Python - Size: 3.42 MB - Last synced: 13 days ago - Pushed: 15 days ago - Stars: 5 - Forks: 1

abhisharma404/vault

swiss army knife for hackers

Language: Python - Size: 732 KB - Last synced: 14 days ago - Pushed: 10 months ago - Stars: 495 - Forks: 92

v3n0m-Scanner/V3n0M-Scanner

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Language: Python - Size: 35.4 MB - Last synced: 16 days ago - Pushed: 6 months ago - Stars: 1,418 - Forks: 411

pikpikcu/XRCross

XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities

Language: Shell - Size: 2.85 MB - Last synced: 14 days ago - Pushed: 11 months ago - Stars: 316 - Forks: 69

VainlyStrain/Vailyn

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Language: Python - Size: 994 KB - Last synced: 7 days ago - Pushed: over 2 years ago - Stars: 189 - Forks: 23

nemesida-waf/waf-bypass

Check your WAF before an attacker does

Language: Python - Size: 711 KB - Last synced: 23 days ago - Pushed: 23 days ago - Stars: 1,093 - Forks: 151

treddis/dotdotfarm

Fast Path Traversal exploitation tool

Language: Python - Size: 110 KB - Last synced: 25 days ago - Pushed: 26 days ago - Stars: 21 - Forks: 1

Zierax/Exer-Vuln-Scanner

Exer is a vuln scanner for specific string

Language: Python - Size: 7.81 KB - Last synced: 29 days ago - Pushed: 29 days ago - Stars: 0 - Forks: 0

Ishanoshada/LFI

A side note about LFI and Leaking the php source of some sites

Language: PHP - Size: 393 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 4 - Forks: 0

jpiechowka/zip-shotgun

Utility script to test zip file upload functionality (and possible extraction of zip files) for vulnerabilities (aka Zip Slip)

Language: Python - Size: 53.7 KB - Last synced: 21 days ago - Pushed: almost 5 years ago - Stars: 32 - Forks: 5

fazlearefin/magic-bitten-file

Evade file content checks by prepending magic bytes to any file

Language: Python - Size: 12.7 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 3 - Forks: 0

swisskyrepo/DamnWebScanner

Another web vulnerabilities scanner, this extension works on Chrome and Opera

Language: Python - Size: 1.37 MB - Last synced: 14 days ago - Pushed: over 4 years ago - Stars: 436 - Forks: 155

MouathA/LFI-Striker

LFI Finder

Language: Java - Size: 32.2 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 1 - Forks: 0

payloadbox/rfi-lfi-payload-list

🎯 RFI/LFI Payload List

Size: 35.2 KB - Last synced: about 1 month ago - Pushed: almost 3 years ago - Stars: 498 - Forks: 171

ronin-rb/ronin-vulns

Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.

Language: Ruby - Size: 363 KB - Last synced: about 1 month ago - Pushed: 4 months ago - Stars: 52 - Forks: 16

mathis2001/LighTraversal

LighTraversal is a tool designed to find basic directory traversal vulnerabilities

Language: Python - Size: 14.6 KB - Last synced: about 2 months ago - Pushed: 7 months ago - Stars: 3 - Forks: 0

dokDork/CommandInjectionShield

This script will prepare some tmux session precompiled to test command injection on some web page parameter (on a GET or POST request).

Size: 549 KB - Last synced: 2 months ago - Pushed: 2 months ago - Stars: 0 - Forks: 0

farinap5/webpwn

Web Vulnerability Detector (XSS,SQL,LFI,XST,WAF)

Language: Python - Size: 19.5 KB - Last synced: 28 days ago - Pushed: over 3 years ago - Stars: 18 - Forks: 9

kostas-pa/LFITester

LFITester is a Python3 program that automates the detection and exploitation of Local File Inclusion (LFI) vulnerabilities on a server.

Language: Python - Size: 394 KB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 94 - Forks: 23

anmolksachan/TheTimeMachine

Weaponizing WaybackUrls for Recon, BugBounties , OSINT, Sensitive Endpoints and what not

Language: Python - Size: 832 KB - Last synced: 3 months ago - Pushed: about 1 year ago - Stars: 248 - Forks: 30

chrispetrou/FDsploit 📦

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Language: Python - Size: 1.12 MB - Last synced: 2 months ago - Pushed: about 3 years ago - Stars: 257 - Forks: 78

PinoyWH1Z/SSH-Private-Key-Looting-Wordlists

SSH Private Key Looting Wordlists. A collection of wordlists to aid in locating or brute-forcing SSH private key file names.

Size: 1.51 MB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 0 - Forks: 0

1N3/BlackWidow

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Language: Python - Size: 214 KB - Last synced: 3 months ago - Pushed: about 1 year ago - Stars: 1,430 - Forks: 363

AlisamTechnology/ATSCAN

Advanced dork Search & Mass Exploit Scanner

Language: Perl - Size: 3.38 MB - Last synced: 3 months ago - Pushed: 11 months ago - Stars: 1,303 - Forks: 362

prokunal/WebThemez-LFI

LFI on WebThemez CMS.

Language: Python - Size: 5.86 KB - Last synced: 4 days ago - Pushed: 10 months ago - Stars: 2 - Forks: 0

dotPY-hax/gitlab_RCE

RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1

Language: Python - Size: 46.9 KB - Last synced: 3 months ago - Pushed: over 3 years ago - Stars: 156 - Forks: 29

opabravo/dfuf

Dump files via Directory Traversal / LFI in a breeze with the help of ffuf

Language: Python - Size: 18.6 KB - Last synced: 5 months ago - Pushed: 5 months ago - Stars: 1 - Forks: 0

paralax/lfi-labs

small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns

Language: PHP - Size: 29.3 KB - Last synced: 6 months ago - Pushed: over 3 years ago - Stars: 302 - Forks: 81

EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion

CVE-2018-12031 | LFI in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file, it can lead to sensitive information disclosure, denial of service and code execution.

Size: 3.91 KB - Last synced: 7 months ago - Pushed: over 5 years ago - Stars: 5 - Forks: 3

TheBugFather/LFI-Chef

Takes input wordlist in native path format to generate encoding evasion, path traversals, and null byte injections

Language: Python - Size: 1.32 MB - Last synced: 6 months ago - Pushed: 8 months ago - Stars: 0 - Forks: 1

LoryPack/SBI_gen_networks_SRs Fork of mackelab/gatsbi

Code for the paper: "Simulation-Based Inference with Generative Neural Networks via Scoring Rule Minimization"

Language: Jupyter Notebook - Size: 67.4 MB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 2 - Forks: 1

storenth/lazyrecon Fork of jhaddix/lazyrecon

Wicked sick v2.0 script is intended to automate your reconnaissance process in an organized fashion.

Language: Shell - Size: 55.4 MB - Last synced: 6 months ago - Pushed: about 1 year ago - Stars: 134 - Forks: 47

4L4K4Z4/Mass-Local-File-Inclusion-LFI-Scanner

Mass LFI Scanner By CodeB0ss

Size: 323 KB - Last synced: 7 months ago - Pushed: over 1 year ago - Stars: 5 - Forks: 3

4L4K4Z4/Private-Vulnerable-Scanner

Size: 1.95 KB - Last synced: 7 months ago - Pushed: over 1 year ago - Stars: 0 - Forks: 0

4L4K4Z4/MASS-LFI-TO-RCE

t.me/codeb0ss

Size: 313 KB - Last synced: 7 months ago - Pushed: over 1 year ago - Stars: 1 - Forks: 0

v4ss/Hacky_Nov_Write_Up_2022

Dépôt des challenges que j'ai réalisés pour l'évènement CTF Hacky'Nov à Aix-en-Provence 2022.

Language: PHP - Size: 2.89 MB - Last synced: 8 months ago - Pushed: about 2 years ago - Stars: 0 - Forks: 1

VeryLazyBoy/phpmyadmin-4.8.2 Fork of vulnspy/phpmyadmin-4.8.1

Patch demo for CVE-2018-12613

Language: Shell - Size: 2.93 KB - Last synced: 8 months ago - Pushed: over 5 years ago - Stars: 0 - Forks: 0

TargetPackage/lazyParam Fork of aniqfakhrul/lazyParam

A simple automation tool to detect LFI, RCE and SSTI vulnerabilities.

Language: Python - Size: 59.6 KB - Last synced: 8 months ago - Pushed: over 1 year ago - Stars: 1 - Forks: 0

vandycknick/gitlab-cve-2020-10977

GitLab Arbitrary File Read Exploit

Language: Python - Size: 28.3 KB - Last synced: 8 months ago - Pushed: about 3 years ago - Stars: 1 - Forks: 2

simplyYan/TunnelLight

An efficient, easy and fast way to protect and defend your site/project from various forms of attack or data leaks.

Size: 16.6 KB - Last synced: 8 months ago - Pushed: 8 months ago - Stars: 1 - Forks: 0

abaykan/Labs

Repositori ini berisi file-file vulnerable terhadap bug tertentu yang saya jadikan demo pada artikel yang saya tulis di abaykan.com

Language: PHP - Size: 388 KB - Last synced: 8 months ago - Pushed: over 3 years ago - Stars: 5 - Forks: 5

alp55/Vulnerability-SCAN-TOOL-SQL-XSS-LFI

SQL XSS LFI Zafiyet Tespit Aracı

Language: Python - Size: 68.4 KB - Last synced: 8 months ago - Pushed: over 1 year ago - Stars: 4 - Forks: 2

raadfhaddad/Insecure-Deserialization

Insecure Deserialization, PDF and lab

Language: Hack - Size: 534 KB - Last synced: 9 months ago - Pushed: over 4 years ago - Stars: 16 - Forks: 6

12345qwert123456/CVE-2021-42013

Vulnerable configuration Apache HTTP Server version 2.4.49/2.4.50

Language: Dockerfile - Size: 1.95 KB - Last synced: 9 months ago - Pushed: over 1 year ago - Stars: 0 - Forks: 0

Sybil-Scan/imagemagick-lfi-poc

ImageMagick LFI PoC [CVE-2022-44268]

Language: Python - Size: 2.93 KB - Last synced: 9 months ago - Pushed: 9 months ago - Stars: 36 - Forks: 7

fanbyprinciple/ImageMagick-lfi-poc

ImageMagick Arbitrary Read Files - CVE-2022-44268

Language: Python - Size: 262 KB - Last synced: 10 months ago - Pushed: 10 months ago - Stars: 0 - Forks: 1

sergiovks/LFI-RCE-Unauthenticated-Apache-2.4.49-2.4.50

LFI / RCE Unauthenticated - Apache 2.4.49 & 2.4.50

Language: Python - Size: 14.6 KB - Last synced: 11 months ago - Pushed: 11 months ago - Stars: 1 - Forks: 0

AmoloHT/TTWAF

「🧱」Test a list of payloads and see if you can bypass it

Language: Rust - Size: 4.74 MB - Last synced: 12 months ago - Pushed: almost 2 years ago - Stars: 22 - Forks: 7

capture0x/Lfi-Space

Lfi Scan Tool

Language: Python - Size: 66.4 KB - Last synced: almost 1 year ago - Pushed: almost 1 year ago - Stars: 28 - Forks: 7

0bfxgh0st/lfienum

Local File Inclusion Enumeration (PoC)

Language: Python - Size: 149 KB - Last synced: 8 months ago - Pushed: 8 months ago - Stars: 56 - Forks: 1

machine1337/lfiscan

A small and fast bash script to automate LFI vulnerability.

Language: Shell - Size: 7.81 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 9 - Forks: 8

iilegacyyii/PoC-CVE-2021-41773

Language: Python - Size: 27.3 KB - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 44 - Forks: 38

AngelSecurityTeam/SQLiDumper-AngelSecurityTeam

Dork Search , Vulnerability Scanner ,SQL Injection , XSS , LFI ,RFI

Size: 5.79 MB - Last synced: about 1 year ago - Pushed: about 3 years ago - Stars: 67 - Forks: 20

aryanrtm/Crascan

Crascan is a simple LFI, RFI, RCE, and Joomla Components vulnerability scanner.

Language: Shell - Size: 244 KB - Last synced: about 1 year ago - Pushed: over 5 years ago - Stars: 26 - Forks: 12

moeinfatehi/lfi-to-rce-scenario

This repository is a Dockerized php application containing a LFI (Local File Inclusion) vulnerability which can lead to RCE (Remote Code Execution).

Language: PHP - Size: 404 KB - Last synced: about 1 year ago - Pushed: almost 2 years ago - Stars: 2 - Forks: 0

akincibor/SSRFexploit

Extract metadata with SSRF (Server-Side Request Forgery)

Size: 35.2 KB - Last synced: about 1 year ago - Pushed: almost 2 years ago - Stars: 9 - Forks: 4

thehackersbrain/CVE-2021-41773

Apache2 2.4.49 - LFI & RCE Exploit - CVE-2021-41773

Language: Python - Size: 4.29 MB - Last synced: about 1 year ago - Pushed: about 2 years ago - Stars: 60 - Forks: 27

sergiovks/Wordpress-LFI-MailMasta-1.0-Bash-Script

This script is used for taking advantage of a Local File Inclusion in the Wordpress mail masta plugin version 1.0, it's made in bash

Language: Shell - Size: 12.7 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 1 - Forks: 0

sergiovks/Wordpress-LFI-Site-Editor-1.1.1-Bash-Script-

This script is used for taking advantage of a Local File Inclusion in the Wordpress site editor plugin version 1.1.1, it's made in bash

Language: Shell - Size: 6.84 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 1 - Forks: 1

JhonnyLusonode/VulnFinder

Vulnerabilities Finder made in Bash (SQLI, LFD, LFI, COSI, Shellshock, Struts)

Language: Shell - Size: 5.86 KB - Last synced: 11 months ago - Pushed: over 1 year ago - Stars: 3 - Forks: 0

LoaiEsam37/Lazyxss

LazyXSS is a tool that can help you scan for reflected XSS, LFI without any effort.

Language: Python - Size: 137 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 3 - Forks: 0

Mr-xn/thinkphp_lang_RCE

about thinkphp lang RCE QVD-2022-46174 v6.0.1 <= Thinkphp <= v6.0.13 Thinkphp v5.0.x Thinkphp v5.1.x

Size: 12.7 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 23 - Forks: 2

pranatdayal/pentesting-scripts

Useful scripts for pen testing. Require modification to run

Language: Python - Size: 16.6 KB - Last synced: 11 months ago - Pushed: over 3 years ago - Stars: 12 - Forks: 7

12345qwert123456/CVE-2021-41773

Vulnerable configuration Apache HTTP Server version 2.4.49

Language: Dockerfile - Size: 1.95 KB - Last synced: 9 months ago - Pushed: over 1 year ago - Stars: 0 - Forks: 0

darkerego/pwnkit

Python Pkexec pwnkit

Language: Python - Size: 1000 Bytes - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 1 - Forks: 1

RobinTrigon/lfite

confdedential lfi scanner with screenshot capture tool.

Language: Shell - Size: 151 KB - Last synced: about 1 year ago - Pushed: almost 2 years ago - Stars: 0 - Forks: 0

R3LI4NT/LFIscanner

Local File Inclusion (LFI) scanner.

Language: Python - Size: 757 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 1 - Forks: 1

iamazrael/Dezhql

This is hacking script :3

Language: Python - Size: 818 KB - Last synced: about 1 year ago - Pushed: over 3 years ago - Stars: 2 - Forks: 2

halitAKAYDIN/LfiScan

A small and fast bash script for automatic LFI vulnerability detection.

Language: Shell - Size: 516 KB - Last synced: about 1 year ago - Pushed: about 2 years ago - Stars: 0 - Forks: 1

daedalus/paranoicscan

Language: Perl - Size: 31.3 KB - Last synced: about 1 year ago - Pushed: almost 7 years ago - Stars: 3 - Forks: 1

S1lkys/Auto_LFI

A simple Script which tests for LFI (Local File Inclusion) via Curl

Language: Shell - Size: 137 KB - Last synced: 12 months ago - Pushed: about 5 years ago - Stars: 17 - Forks: 7

storenth/LFI-Payload-List Fork of emadshanab/LFI-Payload-List

LFI Payloads List collected from Github and write-ups.

Size: 413 KB - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 0 - Forks: 0

zerodaywolf/CVE-2021-41773_42013

Lab setup for CVE-2021-41773 (Apache httpd 2.4.49) and CVE-2021-42013 (Apache httpd 2.4.50).

Language: Dockerfile - Size: 7.81 KB - Last synced: 12 months ago - Pushed: over 2 years ago - Stars: 1 - Forks: 2

A1-exe/lfi-brute-forcer

brute force LFI using python

Language: Python - Size: 6.84 KB - Last synced: about 1 year ago - Pushed: about 3 years ago - Stars: 0 - Forks: 0

brokensound77/lfi_injector

Local File Inclusion

Language: Python - Size: 13.7 KB - Last synced: about 1 year ago - Pushed: over 6 years ago - Stars: 1 - Forks: 0

stefan2200/Bud

Automated exploitation of Local File Inclusion bugs

Language: Python - Size: 5.86 KB - Last synced: 3 days ago - Pushed: over 5 years ago - Stars: 0 - Forks: 0