#LFI-Striker

LFI Striker is a powerful framework designed to detect and exploit Local File Inclusion (LFI) vulnerabilities effortlessly, providing security professionals with a streamlined approach to identifying and exploiting these critical security flaws.

LFI, short for Local File Inclusion, represents a critical vulnerability that allows attackers to include and execute arbitrary files on a target server, potentially leading to unauthorized access and sensitive data exposure.

• Modules
• Install
• Examples
• Payloads
• Recommended

  _       _____   ___           ____    _            _   _
 | |     |  ___| |_ _|         / ___|  | |_   _ __  (_) | | __   ___
 | |     | |_     | |   _____  \___ \  | __| | '__| | | | |/ /  / _ \
 | |___  |  _|    | |  |_____|  ___) | | |_  | |    | | |   <  |  __/
 |_____| |_|     |___|         |____/   \__| |_|    |_| |_|\_\  \___|


							https://github.com/MouathA
usage: java -jar LFI-Striker.jar -i <input_file_path> [-d <delay_time_ms>]
 `-d,--delay <arg>`   Delay time in milliseconds
 `-i,--input <arg>`   Input file path

Basic install from releases

You can download the latest release of LFI-Striker from the GitHub repository.

Initially, you'll need to download ParamFinder to obtain all domains and parameters for scanning.

[!] java -jar LFI-Strike.jar -i domains.txt 

[!] java -jar LFI-Strike.jar -i domains.txt -d 1000

Payloads from -- > https://raw.githubusercontent.com/capture0x/LFI-FINDER/main/lfi.txt

Use Java 11 to avoid errors.