Example Usage
usage: lfimap.py [-U [url]] [-F [urlfile]] [-R [reqfile]] [-C <cookie>] [-D <data>] [-H <header>]
[-M <method>] [-P <proxy>] [--useragent <agent>] [--referer <referer>]
[--placeholder <name>] [--delay <milis>] [--max-timeout <seconds>]
[--http-ok <number>] [--csrf-param <param>] [--csrf-method <method>]
[--csrf-url <url>] [--csrf-data <data>] [--second-method <method>]
[--second-url <url>] [--second-data <data>] [--force-ssl] [--no-stop] [-f] [-i]
[-d] [-e] [-t] [-r] [-c] [-file] [-heur] [-a] [-n <U|B>] [-q] [-x]
[--lhost <lhost>] [--lport <lport>] [--callback <hostname>] [-wT <path>]
[--use-long] [--log <file>] [-v] [-h]
LFImap, Local File Inclusion discovery and exploitation tool
TARGET OPTIONS:
-U [url] Single url to test
-F [urlfile] Load multiple urls to test from a file
-R [reqfile] Load single request to test from a file
REQUEST OPTIONS:
-C <cookie> HTTP session Cookie header
-D <data> HTTP request FORM-data
-H <header> Additional HTTP heade
See also
GraphQL Voyager / InQL
Open Source
InQL is a Burp Suite and standalone GraphQL security scanner. Analyzes introspection queries, genera…
ExploitDB / SearchSploit
Open Source
Kali
Archive of public exploits and vulnerable software maintained by Offensive Security. SearchSploit pr…
Certipy
Open Source
Offensive tool for Active Directory Certificate Services (AD CS) enumeration and abuse. Finds and ex…
ffuf
Open Source
Kali
Fast web fuzzer written in Go. Supports directory discovery, parameter fuzzing, virtual host discove…
BlackFriday-GPTs-Prompts
Open Source
List of free GPTs that doesn't require plus subscription…
Ligolo-ng
Open Source
Advanced tunneling/pivoting tool that creates a VPN-like tunnel from the agent to the operator witho…