Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI A script written in python which gathers websites potentially vulnerable to local file inclusion & makes a file named as targets.txt for future reference or manual exploitation. This script later uses the targets.txt file & start fuzzing the endpoint to check whether the website is actually vulnerable or not.
Long story short : Run this script to get a list of websites along with the vulnerable endpoints.
- Searches for potentially vulnerable websites
- Performs directory fuzzing at the vulnerable endpoints
- Comes with built in searching algorithm
- Requires an API key for more results
Loading Screen Banner:
Script while it is running:
Python Installed
version > 3.0git clone https://github.com/anukulpandey/LFI-Hunter
cd LFI-Hunter
pip install requirements.txtpython3 lfi-hunter.py