Lfi

A web-based payload repository that generates and encodes ready-to-use exploits for SQL injection, XSS, file inclusion, and command injection vulnerabilities.

Node.js Goof is a vulnerable Node.js demo application containing multiple security vulnerabilities for testing and educational purposes.

A Python-based tool that automates the identification and exploitation of file inclusion and directory traversal vulnerabilities in web applications.

A collection of Local File Inclusion (LFI) vulnerability tests and exploitation techniques designed for use with Burp Suite.

A tool for Local File Inclusion (LFI) exploitation and scanning

A wordlist to bruteforce for Local File Inclusion (LFI) vulnerabilities

Scripts to automate the process of enumerating a Linux system through a Local File Inclusion (LFI) vulnerability.

A honeypot for remote file inclusion (RFI) and local file inclusion (LFI) using fake URLs to catch scanning bots and malwares.

A set of PHP scripts for practicing LFI, RFI, and CMD injection vulnerabilities.

A comprehensive reference guide covering various web application vulnerabilities, testing techniques, and resources for bug bounty hunters and security researchers.