LFI-Labs Logo

LFI-Labs

0
Free
Updated 14 August 2025
Resources
Lfi
Vulnerability Testing
Exploitation
Php
Apache
Visit Website

A small set of PHP scripts designed for practicing exploiting LFI, RFI, and CMD injection vulnerabilities, primarily used for training and testing purposes. It allows users to test detection products, exploit tools, etc., by adding them to an Apache VirtualHost directive for testing purposes. Can be set up on UN*X + Apache + PHP, run as a Docker instance using the Dockerfile, or as a Vagrant instance using the Vagrantfile. Inspired by Jose Nazario, it provides useful links for LFI/RFI/CMD injection background.

FEATURES

EXPLORE BY TAGS

Lfi

Vulnerability Testing

Exploitation

Php

Apache

SIMILAR TOOLS

Boston Key Party CTF Logo
Boston Key Party CTF

Boston Key Party CTF 2013 - cybersecurity competition with challenges in various domains.

Free
Resources
LAMPSecurity Training Logo
LAMPSecurity Training

A series of vulnerable virtual machine images with documentation to teach Linux, Apache, PHP, MySQL security.

Free
Resources
Modern Binary Exploitation - CSCI 4968 Logo
Modern Binary Exploitation - CSCI 4968

A university course focused on vulnerability research, reverse engineering, and binary exploitation to teach practical offensive security skills.

Free
Resources
OWASP Testing Checklist v4 Markdown Logo
OWASP Testing Checklist v4 Markdown

Markdown version of OWASP Testing Checklist v4 for various platforms.

Free
Resources
hackxor Logo
hackxor

A platform offering hacking missions to test and enhance skills.

Free
Resources
DFIR CTF: Precision Widgets of North Dakota Intrusion Logo
DFIR CTF: Precision Widgets of North Dakota Intrusion

A cybersecurity challenge where you play the role of an incident response consultant investigating an intrusion at Precision Widgets of North Dakota.

Free
Resources
Cyber Warfare Range LLC Logo
Cyber Warfare Range LLC

A non-profit organization providing live-fire cyber warfare ranges for training and up-skilling cybersecurity professionals.

Free
Resources
Applied Incident Response Logo
Applied Incident Response

A comprehensive guide to incident response, providing effective techniques for responding to advanced attacks against local and remote network resources.

Free
Resources
Workshop Hacking Bluetooth Smart locks Logo
Workshop Hacking Bluetooth Smart locks

A workshop on hacking Bluetooth Smart locks, covering architecture, vulnerabilities, and exploitation techniques.

Free
Resources

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy