LFI exploitation tools


fimap (LFI discovery and exploitation)

fimap is a tool written in Python to find, prepare, audit, exploit local and remote file inclusion bugs in web applications.

» Fimap review and details

LFI Freak (LFI find and exploiter)

LFI Freak is a tool to help finding and exploiting local file inclusions (LFI). It has a particular focus on using PHP Input, PHP Filter, and Data URI methods.

» LFI Freak review and details