Ecosyste.ms: Repos
An open API service providing repository metadata for many open source software ecosystems.
GitHub topics: lfi
Stuub/CVE-2024-4040-SSTI-LFI-PoC
CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support
Language: Python - Size: 53.7 KB - Last synced: about 16 hours ago - Pushed: 2 days ago - Stars: 20 - Forks: 6
dragonked2/Egyscan
Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:
Language: Python - Size: 301 KB - Last synced: 3 days ago - Pushed: 3 days ago - Stars: 193 - Forks: 36
xalgord/LFIgo
A faster LFI Fuzzer.
Language: Go - Size: 9.77 KB - Last synced: 3 days ago - Pushed: 4 days ago - Stars: 0 - Forks: 0
mzfr/liffy
Local file inclusion exploitation tool
Language: Python - Size: 253 KB - Last synced: 6 days ago - Pushed: 10 months ago - Stars: 715 - Forks: 99
smsharma/awesome-neural-sbi
Community-sourced list of papers and resources on neural simulation-based inference.
Size: 51.8 KB - Last synced: 2 days ago - Pushed: 2 months ago - Stars: 63 - Forks: 3
hansmach1ne/LFImap
Local File Inclusion discovery and exploitation tool
Language: Python - Size: 235 KB - Last synced: 7 days ago - Pushed: about 2 months ago - Stars: 181 - Forks: 27
mrgr4yhat/Vulnerable-Web-App
The main goal of VWA is to provide a hands-on experience for security rookies on vulnerable web applications available for practicing and learning, so that they can attack realistic web environments… without going to jail :)
Language: PHP - Size: 135 KB - Last synced: 4 days ago - Pushed: 8 months ago - Stars: 3 - Forks: 1
glavstroy/DorkFinder
Automatic tool to find Google Dorks
Language: Python - Size: 3.42 MB - Last synced: 13 days ago - Pushed: 15 days ago - Stars: 5 - Forks: 1
abhisharma404/vault
swiss army knife for hackers
Language: Python - Size: 732 KB - Last synced: 14 days ago - Pushed: 10 months ago - Stars: 495 - Forks: 92
v3n0m-Scanner/V3n0M-Scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Language: Python - Size: 35.4 MB - Last synced: 16 days ago - Pushed: 6 months ago - Stars: 1,418 - Forks: 411
pikpikcu/XRCross
XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
Language: Shell - Size: 2.85 MB - Last synced: 14 days ago - Pushed: 11 months ago - Stars: 316 - Forks: 69
VainlyStrain/Vailyn
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Language: Python - Size: 994 KB - Last synced: 7 days ago - Pushed: over 2 years ago - Stars: 189 - Forks: 23
nemesida-waf/waf-bypass
Check your WAF before an attacker does
Language: Python - Size: 711 KB - Last synced: 23 days ago - Pushed: 23 days ago - Stars: 1,093 - Forks: 151
treddis/dotdotfarm
Fast Path Traversal exploitation tool
Language: Python - Size: 110 KB - Last synced: 25 days ago - Pushed: 26 days ago - Stars: 21 - Forks: 1
Zierax/Exer-Vuln-Scanner
Exer is a vuln scanner for specific string
Language: Python - Size: 7.81 KB - Last synced: 29 days ago - Pushed: 29 days ago - Stars: 0 - Forks: 0
Ishanoshada/LFI
A side note about LFI and Leaking the php source of some sites
Language: PHP - Size: 393 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 4 - Forks: 0
jpiechowka/zip-shotgun
Utility script to test zip file upload functionality (and possible extraction of zip files) for vulnerabilities (aka Zip Slip)
Language: Python - Size: 53.7 KB - Last synced: 21 days ago - Pushed: almost 5 years ago - Stars: 32 - Forks: 5
fazlearefin/magic-bitten-file
Evade file content checks by prepending magic bytes to any file
Language: Python - Size: 12.7 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 3 - Forks: 0
swisskyrepo/DamnWebScanner
Another web vulnerabilities scanner, this extension works on Chrome and Opera
Language: Python - Size: 1.37 MB - Last synced: 14 days ago - Pushed: over 4 years ago - Stars: 436 - Forks: 155
MouathA/LFI-Striker
LFI Finder
Language: Java - Size: 32.2 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 1 - Forks: 0
payloadbox/rfi-lfi-payload-list
🎯 RFI/LFI Payload List
Size: 35.2 KB - Last synced: about 1 month ago - Pushed: almost 3 years ago - Stars: 498 - Forks: 171
ronin-rb/ronin-vulns
Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
Language: Ruby - Size: 363 KB - Last synced: about 1 month ago - Pushed: 4 months ago - Stars: 52 - Forks: 16
mathis2001/LighTraversal
LighTraversal is a tool designed to find basic directory traversal vulnerabilities
Language: Python - Size: 14.6 KB - Last synced: about 2 months ago - Pushed: 7 months ago - Stars: 3 - Forks: 0
dokDork/CommandInjectionShield
This script will prepare some tmux session precompiled to test command injection on some web page parameter (on a GET or POST request).
Size: 549 KB - Last synced: 2 months ago - Pushed: 2 months ago - Stars: 0 - Forks: 0
farinap5/webpwn
Web Vulnerability Detector (XSS,SQL,LFI,XST,WAF)
Language: Python - Size: 19.5 KB - Last synced: 28 days ago - Pushed: over 3 years ago - Stars: 18 - Forks: 9
kostas-pa/LFITester
LFITester is a Python3 program that automates the detection and exploitation of Local File Inclusion (LFI) vulnerabilities on a server.
Language: Python - Size: 394 KB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 94 - Forks: 23
anmolksachan/TheTimeMachine
Weaponizing WaybackUrls for Recon, BugBounties , OSINT, Sensitive Endpoints and what not
Language: Python - Size: 832 KB - Last synced: 3 months ago - Pushed: about 1 year ago - Stars: 248 - Forks: 30
chrispetrou/FDsploit 📦
File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Language: Python - Size: 1.12 MB - Last synced: 2 months ago - Pushed: about 3 years ago - Stars: 257 - Forks: 78
PinoyWH1Z/SSH-Private-Key-Looting-Wordlists
SSH Private Key Looting Wordlists. A collection of wordlists to aid in locating or brute-forcing SSH private key file names.
Size: 1.51 MB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 0 - Forks: 0
1N3/BlackWidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Language: Python - Size: 214 KB - Last synced: 3 months ago - Pushed: about 1 year ago - Stars: 1,430 - Forks: 363
AlisamTechnology/ATSCAN
Advanced dork Search & Mass Exploit Scanner
Language: Perl - Size: 3.38 MB - Last synced: 3 months ago - Pushed: 11 months ago - Stars: 1,303 - Forks: 362
prokunal/WebThemez-LFI
LFI on WebThemez CMS.
Language: Python - Size: 5.86 KB - Last synced: 4 days ago - Pushed: 10 months ago - Stars: 2 - Forks: 0
dotPY-hax/gitlab_RCE
RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1
Language: Python - Size: 46.9 KB - Last synced: 3 months ago - Pushed: over 3 years ago - Stars: 156 - Forks: 29
opabravo/dfuf
Dump files via Directory Traversal / LFI in a breeze with the help of ffuf
Language: Python - Size: 18.6 KB - Last synced: 5 months ago - Pushed: 5 months ago - Stars: 1 - Forks: 0
paralax/lfi-labs
small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns
Language: PHP - Size: 29.3 KB - Last synced: 6 months ago - Pushed: over 3 years ago - Stars: 302 - Forks: 81
EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion
CVE-2018-12031 | LFI in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file, it can lead to sensitive information disclosure, denial of service and code execution.
Size: 3.91 KB - Last synced: 7 months ago - Pushed: over 5 years ago - Stars: 5 - Forks: 3
TheBugFather/LFI-Chef
Takes input wordlist in native path format to generate encoding evasion, path traversals, and null byte injections
Language: Python - Size: 1.32 MB - Last synced: 6 months ago - Pushed: 8 months ago - Stars: 0 - Forks: 1
LoryPack/SBI_gen_networks_SRs Fork of mackelab/gatsbi
Code for the paper: "Simulation-Based Inference with Generative Neural Networks via Scoring Rule Minimization"
Language: Jupyter Notebook - Size: 67.4 MB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 2 - Forks: 1
storenth/lazyrecon Fork of jhaddix/lazyrecon
Wicked sick v2.0 script is intended to automate your reconnaissance process in an organized fashion.
Language: Shell - Size: 55.4 MB - Last synced: 6 months ago - Pushed: about 1 year ago - Stars: 134 - Forks: 47
4L4K4Z4/Mass-Local-File-Inclusion-LFI-Scanner
Mass LFI Scanner By CodeB0ss
Size: 323 KB - Last synced: 7 months ago - Pushed: over 1 year ago - Stars: 5 - Forks: 3
4L4K4Z4/Private-Vulnerable-Scanner
Size: 1.95 KB - Last synced: 7 months ago - Pushed: over 1 year ago - Stars: 0 - Forks: 0
4L4K4Z4/MASS-LFI-TO-RCE
t.me/codeb0ss
Size: 313 KB - Last synced: 7 months ago - Pushed: over 1 year ago - Stars: 1 - Forks: 0
v4ss/Hacky_Nov_Write_Up_2022
Dépôt des challenges que j'ai réalisés pour l'évènement CTF Hacky'Nov à Aix-en-Provence 2022.
Language: PHP - Size: 2.89 MB - Last synced: 8 months ago - Pushed: about 2 years ago - Stars: 0 - Forks: 1
VeryLazyBoy/phpmyadmin-4.8.2 Fork of vulnspy/phpmyadmin-4.8.1
Patch demo for CVE-2018-12613
Language: Shell - Size: 2.93 KB - Last synced: 8 months ago - Pushed: over 5 years ago - Stars: 0 - Forks: 0
TargetPackage/lazyParam Fork of aniqfakhrul/lazyParam
A simple automation tool to detect LFI, RCE and SSTI vulnerabilities.
Language: Python - Size: 59.6 KB - Last synced: 8 months ago - Pushed: over 1 year ago - Stars: 1 - Forks: 0
vandycknick/gitlab-cve-2020-10977
GitLab Arbitrary File Read Exploit
Language: Python - Size: 28.3 KB - Last synced: 8 months ago - Pushed: about 3 years ago - Stars: 1 - Forks: 2
simplyYan/TunnelLight
An efficient, easy and fast way to protect and defend your site/project from various forms of attack or data leaks.
Size: 16.6 KB - Last synced: 8 months ago - Pushed: 8 months ago - Stars: 1 - Forks: 0
abaykan/Labs
Repositori ini berisi file-file vulnerable terhadap bug tertentu yang saya jadikan demo pada artikel yang saya tulis di abaykan.com
Language: PHP - Size: 388 KB - Last synced: 8 months ago - Pushed: over 3 years ago - Stars: 5 - Forks: 5
alp55/Vulnerability-SCAN-TOOL-SQL-XSS-LFI
SQL XSS LFI Zafiyet Tespit Aracı
Language: Python - Size: 68.4 KB - Last synced: 8 months ago - Pushed: over 1 year ago - Stars: 4 - Forks: 2
raadfhaddad/Insecure-Deserialization
Insecure Deserialization, PDF and lab
Language: Hack - Size: 534 KB - Last synced: 9 months ago - Pushed: over 4 years ago - Stars: 16 - Forks: 6
12345qwert123456/CVE-2021-42013
Vulnerable configuration Apache HTTP Server version 2.4.49/2.4.50
Language: Dockerfile - Size: 1.95 KB - Last synced: 9 months ago - Pushed: over 1 year ago - Stars: 0 - Forks: 0
Sybil-Scan/imagemagick-lfi-poc
ImageMagick LFI PoC [CVE-2022-44268]
Language: Python - Size: 2.93 KB - Last synced: 9 months ago - Pushed: 9 months ago - Stars: 36 - Forks: 7
fanbyprinciple/ImageMagick-lfi-poc
ImageMagick Arbitrary Read Files - CVE-2022-44268
Language: Python - Size: 262 KB - Last synced: 10 months ago - Pushed: 10 months ago - Stars: 0 - Forks: 1
sergiovks/LFI-RCE-Unauthenticated-Apache-2.4.49-2.4.50
LFI / RCE Unauthenticated - Apache 2.4.49 & 2.4.50
Language: Python - Size: 14.6 KB - Last synced: 11 months ago - Pushed: 11 months ago - Stars: 1 - Forks: 0
AmoloHT/TTWAF
「🧱」Test a list of payloads and see if you can bypass it
Language: Rust - Size: 4.74 MB - Last synced: 12 months ago - Pushed: almost 2 years ago - Stars: 22 - Forks: 7
capture0x/Lfi-Space
Lfi Scan Tool
Language: Python - Size: 66.4 KB - Last synced: almost 1 year ago - Pushed: almost 1 year ago - Stars: 28 - Forks: 7
0bfxgh0st/lfienum
Local File Inclusion Enumeration (PoC)
Language: Python - Size: 149 KB - Last synced: 8 months ago - Pushed: 8 months ago - Stars: 56 - Forks: 1
machine1337/lfiscan
A small and fast bash script to automate LFI vulnerability.
Language: Shell - Size: 7.81 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 9 - Forks: 8
iilegacyyii/PoC-CVE-2021-41773
Language: Python - Size: 27.3 KB - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 44 - Forks: 38
AngelSecurityTeam/SQLiDumper-AngelSecurityTeam
Dork Search , Vulnerability Scanner ,SQL Injection , XSS , LFI ,RFI
Size: 5.79 MB - Last synced: about 1 year ago - Pushed: about 3 years ago - Stars: 67 - Forks: 20
aryanrtm/Crascan
Crascan is a simple LFI, RFI, RCE, and Joomla Components vulnerability scanner.
Language: Shell - Size: 244 KB - Last synced: about 1 year ago - Pushed: over 5 years ago - Stars: 26 - Forks: 12
moeinfatehi/lfi-to-rce-scenario
This repository is a Dockerized php application containing a LFI (Local File Inclusion) vulnerability which can lead to RCE (Remote Code Execution).
Language: PHP - Size: 404 KB - Last synced: about 1 year ago - Pushed: almost 2 years ago - Stars: 2 - Forks: 0
akincibor/SSRFexploit
Extract metadata with SSRF (Server-Side Request Forgery)
Size: 35.2 KB - Last synced: about 1 year ago - Pushed: almost 2 years ago - Stars: 9 - Forks: 4
thehackersbrain/CVE-2021-41773
Apache2 2.4.49 - LFI & RCE Exploit - CVE-2021-41773
Language: Python - Size: 4.29 MB - Last synced: about 1 year ago - Pushed: about 2 years ago - Stars: 60 - Forks: 27
sergiovks/Wordpress-LFI-MailMasta-1.0-Bash-Script
This script is used for taking advantage of a Local File Inclusion in the Wordpress mail masta plugin version 1.0, it's made in bash
Language: Shell - Size: 12.7 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 1 - Forks: 0
sergiovks/Wordpress-LFI-Site-Editor-1.1.1-Bash-Script-
This script is used for taking advantage of a Local File Inclusion in the Wordpress site editor plugin version 1.1.1, it's made in bash
Language: Shell - Size: 6.84 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 1 - Forks: 1
JhonnyLusonode/VulnFinder
Vulnerabilities Finder made in Bash (SQLI, LFD, LFI, COSI, Shellshock, Struts)
Language: Shell - Size: 5.86 KB - Last synced: 11 months ago - Pushed: over 1 year ago - Stars: 3 - Forks: 0
LoaiEsam37/Lazyxss
LazyXSS is a tool that can help you scan for reflected XSS, LFI without any effort.
Language: Python - Size: 137 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 3 - Forks: 0
Mr-xn/thinkphp_lang_RCE
about thinkphp lang RCE QVD-2022-46174 v6.0.1 <= Thinkphp <= v6.0.13 Thinkphp v5.0.x Thinkphp v5.1.x
Size: 12.7 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 23 - Forks: 2
pranatdayal/pentesting-scripts
Useful scripts for pen testing. Require modification to run
Language: Python - Size: 16.6 KB - Last synced: 11 months ago - Pushed: over 3 years ago - Stars: 12 - Forks: 7
12345qwert123456/CVE-2021-41773
Vulnerable configuration Apache HTTP Server version 2.4.49
Language: Dockerfile - Size: 1.95 KB - Last synced: 9 months ago - Pushed: over 1 year ago - Stars: 0 - Forks: 0
darkerego/pwnkit
Python Pkexec pwnkit
Language: Python - Size: 1000 Bytes - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 1 - Forks: 1
RobinTrigon/lfite
confdedential lfi scanner with screenshot capture tool.
Language: Shell - Size: 151 KB - Last synced: about 1 year ago - Pushed: almost 2 years ago - Stars: 0 - Forks: 0
R3LI4NT/LFIscanner
Local File Inclusion (LFI) scanner.
Language: Python - Size: 757 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 1 - Forks: 1
iamazrael/Dezhql
This is hacking script :3
Language: Python - Size: 818 KB - Last synced: about 1 year ago - Pushed: over 3 years ago - Stars: 2 - Forks: 2
halitAKAYDIN/LfiScan
A small and fast bash script for automatic LFI vulnerability detection.
Language: Shell - Size: 516 KB - Last synced: about 1 year ago - Pushed: about 2 years ago - Stars: 0 - Forks: 1
daedalus/paranoicscan
Language: Perl - Size: 31.3 KB - Last synced: about 1 year ago - Pushed: almost 7 years ago - Stars: 3 - Forks: 1
S1lkys/Auto_LFI
A simple Script which tests for LFI (Local File Inclusion) via Curl
Language: Shell - Size: 137 KB - Last synced: 12 months ago - Pushed: about 5 years ago - Stars: 17 - Forks: 7
storenth/LFI-Payload-List Fork of emadshanab/LFI-Payload-List
LFI Payloads List collected from Github and write-ups.
Size: 413 KB - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 0 - Forks: 0
zerodaywolf/CVE-2021-41773_42013
Lab setup for CVE-2021-41773 (Apache httpd 2.4.49) and CVE-2021-42013 (Apache httpd 2.4.50).
Language: Dockerfile - Size: 7.81 KB - Last synced: 12 months ago - Pushed: over 2 years ago - Stars: 1 - Forks: 2
A1-exe/lfi-brute-forcer
brute force LFI using python
Language: Python - Size: 6.84 KB - Last synced: about 1 year ago - Pushed: about 3 years ago - Stars: 0 - Forks: 0
brokensound77/lfi_injector
Local File Inclusion
Language: Python - Size: 13.7 KB - Last synced: about 1 year ago - Pushed: over 6 years ago - Stars: 1 - Forks: 0
stefan2200/Bud
Automated exploitation of Local File Inclusion bugs
Language: Python - Size: 5.86 KB - Last synced: 3 days ago - Pushed: over 5 years ago - Stars: 0 - Forks: 0