This repository is a Dockerized php application containing a LFI (Local File Inclusion) vulnerability which can lead to RCE (Remote Code Execution).

LFI / RCE Unauthenticated - Apache 2.4.49 & 2.4.50

SQLi & LFI Scanner is a powerful security testing tool designed to detect SQL Injection (SQLi) vulnerabilities and Local File Inclusion (LFI) flaws in web applications. It helps ethical hackers and security researchers identify security weaknesses efficiently.

ScanShield is an advanced vulnerability scanner built to identify common web security flaws such as SQL Injection, XSS, LFI, RFI, directory listing issues, and security header misconfigurations.

LFI Exploitation tool

LFI Finder

Sonatype Nexus Repository Manager 3 (LFI)

LfiDump is a Python-based Local File Inclusion (LFI) vulnerability scanner that helps security professionals detect potential LFI vulnerabilities in web applications

This script is used for taking advantage of a Local File Inclusion in the Wordpress mail masta plugin version 1.0, it's made in bash

This script is used for taking advantage of a Local File Inclusion in the Wordpress site editor plugin version 1.1.1, it's made in bash

LFI Fuzzer automates the detection of Local File Inclusion (LFI) vulnerabilities in web apps by appending common file paths to a target URL, supporting custom paths, traversal, and multithreading.