LSE toolsLSE toolsfimap (191)fimap (191)

Tool and Usage

fimap is a tool written in Python to find, prepare, audit, exploit local and remote file inclusion bugs in web applications.

Why this tool?

Fimap has the ability to search and exploit local (LFI) and remote (RFI) file inclusions bugs. It also can leverage Google during its usage.

Usage and audience

fimap is commonly used for penetration testing or web application analysis. Target users for this tool are pentesters and security professionals.


  • fimap is written in Python
  • Command line interface

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:


  • + The source code of this software is available

Author and Maintainers

Fimap is under development by Iman Karim.


Supported operating systems

Fimap is known to work on Linux.

fimap alternatives

Similar tools to fimap:


LFI Freak

LFI Freak is a tool to help finding and exploiting local file inclusions (LFI). It has a particular focus on using PHP Input, PHP Filter, and Data URI methods.

See all alternatives tools for fimap »

Found an improvement? Become an influencer and submit an update.
Project details
Latest releaseNo release found

Project health

This score is calculated by different factors, like project age, last release date, etc.


 fimap GitLab project
Twitter icon@fimap


This tool is categorized as a LFI discovery tool and LFI exploitation tool.