LFI Suite
Tool and Usage
Project details
Project health
Why this tool?
This tool is a useful addition to the pentesting toolbox of security professionals. It can help discover and exploit any local file inclusion weakness in applications. Upon success, a reverse shell can be used to get access to the system.
Usage and audience
LFI Suite is commonly used for penetration testing or web application analysis. Target users for this tool are pentesters and security professionals.
Features
- Command line interface
- Support for TOR
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
Strengths
- + The source code of this software is available
Weaknesses
- - Full name of author is unknown
History and highlights
| Year | Event |
|---|---|
| 2018 | First public version (1.13) released on GitHub |
Installation
Supported operating systems
LFI Suite is known to work on Linux, Microsoft Windows, and macOS.
LFI Suite alternatives
Similar tools to LFI Suite:
LFI Freak
LFI Freak is a tool to help finding and exploiting local file inclusions (LFI). It has a particular focus on using PHP Input, PHP Filter, and Data URI methods.
nycto-dork
Nycto-dork is dork scanner that can also test for SQL injections and local file injections (LFI). It can be used during security assessments like a penetration test.
fimap
fimap is a tool written in Python to find, prepare, audit, exploit local and remote file inclusion bugs in web applications.
This tool page was updated at . Found an improvement? Help the community by submitting an update.
Related tool information
Categories
This tool is categorized as a LFI discovery tool and LFI exploitation tool.