Written by TMRSWRR
How to use
LFI-FINDER is an open-source tool available on GitHub that focuses on detecting Local File Inclusion (LFI) vulnerabilities. Local File Inclusion is a common security vulnerability that allows an attacker to include files from a web server into the output of a web application. This tool automates the process of identifying LFI vulnerabilities by analyzing URLs and searching for specific patterns indicative of LFI. It can be a useful addition to a security professional’s toolkit for detecting and addressing LFI vulnerabilities in web applications.
This tool works with geckodriver, search url for LFI Vuln and when get an root text on the screen, it notifies you of the successful payload.
git clone https://github.com/capture0x/LFI-FINDER/
pip3 install -r requirements.txt
chmod -R 755 lfi.py
THIS IS FOR LATEST GOOGLE CHROME VERSION
Bugs and enhancements
For bug reports or enhancements, please open an issue here.
Source : KitPloit – PenTest Tools!