Directory Traversal Attacks

Directory traversal, also known as path traversal, is a web security vulnerability that allows attackers to access files and directories stored outside of the intended web server's root directory. It exploits insufficient security validation of user-supplied filenames, enabling attackers to navigate the file system and potentially gain access to sensitive information, execute arbitrary code, or compromise the entire server.

Visit the following resources to learn more:

• @course@TryHackMe's room on Path Traversal & File Inclusion
• @course@HackTheBox Academy's module on File Inclusion & Path Traversal
• @official@OWASP's article on Path Traversal
• @article@Portswigger's guide on File Path Traversal