mirror of https://github.com/0x5t4l1n/hunting.git synced 2026-05-26 11:35:51 +00:00

Files

T

copilot-swe-agent[bot] b58ed035c8 Enhance existing vulnerabilities with comprehensive payloads (XSS, Auth Bypass, Path Traversal) and update README

Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>

2026-01-05 14:53:43 +00:00

path-traversal-payloads.txt

Enhance existing vulnerabilities with comprehensive payloads (XSS, Auth Bypass, Path Traversal) and update README

2026-01-05 14:53:43 +00:00

README.md

Restructure repository: Remove OWASP categorization, organize by vulnerability type

2026-01-04 19:01:04 +00:00

README.md

Path Traversal

Description

Path traversal (also known as directory traversal) is a web security vulnerability that allows an attacker to read arbitrary files on the server that is running an application. This might include application code and data, credentials for back-end systems, and sensitive operating system files.

Common Attack Vectors

File download functionality
File upload functionality
Template inclusion
Image/document display features
Static resource serving

Testing Approach

Submit path traversal sequences (../, ...., etc.) in file parameters to attempt to access files outside the intended directory.

Payloads

See path-traversal-payloads.txt for a comprehensive list of path traversal payloads.