Skip to content
/ lazyParam Public
forked from aniqfakhrul/lazyParam

A simple automation tool to detect LFI, RCE and SSTI vulnerabilities.

1 star 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

TargetPackage/lazyParam

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
cores
cores
 
 
db
db
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
lazyparam.py
lazyparam.py
 
 

Repository files navigation

What is lazyParam?

lazyParam is a simple automation tool with the implementation of multi-threading to check for hidden parameters. This tool is still in testing phase and more implementations are soon to be made. note: Works with python3

Features

  • Fuzz parameters for both GET and POST method
  • Multi-threaded (Default: 4)
  • Use intensive mode with character bypassing techniques
  • Check for LFI, RCE and SSTI

Todo

  • XSS checking
  • Add examples to prove effectiveness

Usage

Fuzz parameters with build-in wordlists:

python3 lazyparam.py -u http://example.com/file.php

Specify custom wordlists:

python3 lazyparam.py -u http://example.com/file.php -w wordlists.lst

About

A simple automation tool to detect LFI, RCE and SSTI vulnerabilities.

Topics

scanner rce vulnerability-scanners lfi ssti

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy