LFI Freak alternatives
Looking for an alternative tool to replace LFI Freak? During the review of LFI Freak we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.
Top 3
- LFI Suite (LFI scanner and exploiter)
- nycto-dork (dork tool with option to scan for SQLi and LFI)
- fimap (LFI discovery and exploitation)
These tools are ranked as the best alternatives to LFI Freak.
Alternatives (by score)
LFI Suite
Introduction
This tool is a useful addition to the pentesting toolbox of security professionals. It can help discover and exploit any local file inclusion weakness in applications. Upon success, a reverse shell can be used to get access to the system.
Project details
LFI Suite is written in Python.
Strengths and weaknesses
- + The source code of this software is available
- - Full name of author is unknown
Typical usage
- Penetration testing
- Web application analysis
nycto-dork
Introduction
This tool has limited documentation. For that reason, the review is limited at this time.
Project details
nycto-dork is written in Python.
Strengths and weaknesses
- + The source code of this software is available
- - Minimal or no documentation available
- - Full name of author is unknown
Typical usage
- Penetration testing
fimap
Introduction
Fimap has the ability to search and exploit local (LFI) and remote (RFI) file inclusions bugs. It also can leverage Google during its usage.
Project details
fimap is written in Python.
Strengths and weaknesses
- + The source code of this software is available
Typical usage
- Penetration testing
- Web application analysis
Damn Small FI Scanner (DSFS)
Introduction
NoneProject details
Damn Small FI Scanner is written in Python.
Strengths and weaknesses
- + The source code of this software is available
Typical usage
- Security assessment
- Vulnerability scanning
WPSeku
Introduction
With WPSeku a WordPress installation can be tested for the presence of security issues. Some examples are cross-site scripting (XSS), sql injection, and local file inclusion. The tool also tests for the presence of default configuration files. These files may reveal version numbers, used themes and plugins.
Project details
WPSeku is written in Python.
Strengths and weaknesses
- + The source code of this software is available
- - Unknown project license
Typical usage
- Penetration testing
- Security assessment
- Vulnerability scanning
Yasuo
Introduction
Yasuo is a Ruby script that scans for vulnerable and exploitable third-party web applications. There are many remotely exploitable vulnerabilities for web applications and their front-end components. Yasuo helps to make it easier to scan for the weaknesses like remote code execution (RCE), SQL injections, and file inclusions.
Project details
Yasuo is written in Ruby.
Strengths and weaknesses
- + The source code of this software is available
Typical usage
- Penetration testing
- Vulnerability scanning
- Web application analysis
Some relevant tool missing as an alternative to LFI Freak? Please contact us with your suggestion.