Skills
.Work. You
Rest

hunt-lfi

Community

Exploit LFI/RFI to reveal hidden data.

Education & Research#rce#lfi#rfi#path-traversal#php-wrappers#log-poisoning
Authorsseshachala
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Web applications frequently expose file access parameters that, if misconfigured, allow attackers to read sensitive files, perform local file inclusion, or include remote content. This Skill teaches hunters to identify LFI/RFI and path-traversal weaknesses and to chain techniques for escalation.

Core Features & Use Cases

  • Methodical detection of LFI/RFI and path traversal vectors across common parameter patterns.
  • Demonstrations of bypass techniques (e.g., double encoding, log-based payloads) and chain templates leading to read-side exposure or RCE.
  • Real-world workflows for validating vulnerabilities and building exploitation chains against test targets.

Quick Start

Test file-access parameters with safe payloads to verify LFI/RFI and path-traversal chains on the target.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: hunt-lfi
Download link: https://github.com/sseshachala/Claude-BugHunter-archive/archive/main.zip#hunt-lfi

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 510,000+ vetted skills library on demand.