I wanted to automate vulnerability identification using some scripting languages and python helped me a lot.Since I am beginner, I have started with small scripts. However, I would like to definitely create full fledged automation scripts as I learn more.
Here, I have provided small script for automating LFI vulnerability identification.Below is the script.
We need to feed in URL path to the script to identify whether or not the application is vulnerable for LFI attack. I have tested this using DVWA(Damn Vulnerable Web Application).
The URL Path:
Note: we need to set the cookie manually in the script as the cookie value will be changed after login to the application.
Output:
If you like the content, please follow me on medium and LinkedIn
LinkedIn: https://www.linkedin.com/in/pravin-r-p-oscp-28497712b/
