VulnPro is a Python-based vulnerability scanner and exploitation toolkit . It detects common web and system vulnerabilities like SQLi, XSS, LFI, and misconfigurations. Designed for ethical hackers, it streamlines recon, scanning, and PoC-based exploitation in one place.

poison.py - Tool to search for available log files for LFI/RFI vulnerabilities, and automatic escalation to RCE/Shell.

Local File Inclusion Finder Tool

A simple automation tool to detect LFI, RCE and SSTI vulnerability. Forked for PR and customization

Oracle WebLogic Server (LFI)

LfiDump is a Python-based Local File Inclusion (LFI) vulnerability scanner that helps security professionals detect potential LFI vulnerabilities in web applications

🐍 Tool to find Local File Inclusion (LFI) vulnerabilities

confdedential lfi scanner with screenshot capture tool.

ScanShield is an advanced vulnerability scanner built to identify common web security flaws such as SQL Injection, XSS, LFI, RFI, directory listing issues, and security header misconfigurations.

Sonatype Nexus Repository Manager 3 (LFI)

Midnight is bash script that conducts subdomain enumeration and attack surface mapping and then tests for XSS with payload injection and reflection verification, it also tests for local file inclusion and SQL injection with a comprehensive library of over 300 payloads.

LFI Finder

A automated penetration testing tool

Script to brute force a potential LFI vulnerability

A small and fast bash script for automatic LFI vulnerability detection.

SQLi & LFI Scanner is a powerful security testing tool designed to detect SQL Injection (SQLi) vulnerabilities and Local File Inclusion (LFI) flaws in web applications. It helps ethical hackers and security researchers identify security weaknesses efficiently.

🦖 PTScanner is a powerful tool for detecting Path Traversal and Local File Inclusion (LFI) vulnerabilities. developed as part of the ApachSAL project, it has been fully ported to Node.js, featuring significant enhancements and extended capabilities for modern penetration testing workflows.

This repository is a Dockerized php application containing a LFI (Local File Inclusion) vulnerability which can lead to RCE (Remote Code Execution).

Brahmastra empowers security teams to fortify their defenses and identify potential vulnerabilities in their systems. This comprehensive tool ensures the utmost protection against cyber threats, making it an indispensable asset in the field of cybersecurity.

OSTE WLA automate the process of analyzing web server logs with the Python Web Log Analyzer.