Skip to content

Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI

Notifications You must be signed in to change notification settings

anukulpandey/LFI-Hunter

Repository files navigation

LFI-Hunter

Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI A script written in python which gathers websites potentially vulnerable to local file inclusion & makes a file named as targets.txt for future reference or manual exploitation. This script later uses the targets.txt file & start fuzzing the endpoint to check whether the website is actually vulnerable or not.

Long story short : Run this script to get a list of websites along with the vulnerable endpoints.

Features

  • Searches for potentially vulnerable websites
  • Performs directory fuzzing at the vulnerable endpoints
  • Comes with built in searching algorithm
  • Requires an API key for more results

Screenshots

Loading Screen Banner: App Screenshot

Script while it is running: App Screenshot

Pre Requisites

Python Installed

version > 3.0

Installation

git clone https://github.com/anukulpandey/LFI-Hunter
cd LFI-Hunter
pip install requirements.txt

Run locally

python3 lfi-hunter.py

Authors

About

Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages