mirror of https://github.com/0x5t4l1n/hunting.git synced 2026-05-26 19:36:33 +00:00

Files

T

copilot-swe-agent[bot] ba72efbc5e Restructure repository: Remove OWASP categorization, organize by vulnerability type

Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>

2026-01-04 19:01:04 +00:00

743 B

Raw Blame History

Path Traversal

Description

Path traversal (also known as directory traversal) is a web security vulnerability that allows an attacker to read arbitrary files on the server that is running an application. This might include application code and data, credentials for back-end systems, and sensitive operating system files.

Common Attack Vectors

File download functionality
File upload functionality
Template inclusion
Image/document display features
Static resource serving

Testing Approach

Submit path traversal sequences (../, ...., etc.) in file parameters to attempt to access files outside the intended directory.

Payloads

See path-traversal-payloads.txt for a comprehensive list of path traversal payloads.

743 B Raw Blame History