Add content to directory-traversal@L0ROYh2DNlkybNDO2ezJY.md (#6817)
Added content to Directory traversal.pull/6823/head
parent
33c9cb1ca3
commit
985ee8eed7
1 changed files with 13 additions and 0 deletions
@ -0,0 +1,13 @@ |
||||
# Directory Traversal |
||||
|
||||
Directory Traversal, also known as Path Traversal, is a vulnerability that allows attackers to read files on a system without proper authorization. These attacks typically exploit unsecured paths using "../" (dot-dot-slash) sequences and their variations, or absolute file paths. The attack is also referred to as "dot-dot-slash," "directory climbing," or "backtracking." |
||||
|
||||
While Directory Traversal is sometimes combined with other vulnerabilities like Local File Inclusion (LFI) or Remote File Inclusion (RFI), the key difference is that Directory Traversal doesn't execute code, whereas LFI and RFI usually do. |
||||
|
||||
Visit the following resources to learn more: |
||||
|
||||
- [@article@Portswigger's guide on File Path Traversal](https://portswigger.net/web-security/file-path-traversal) |
||||
- [@official@OWASP's article on Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal) |
||||
- [@course@TryHackMe's room on Path Traversal & File Inclusion](https://tryhackme.com/r/room/filepathtraversal) |
||||
- [@article@Acunetix's article on directory traversal](https://www.acunetix.com/websitesecurity/directory-traversal/) |
||||
- [@course@HackTheBox Academy's module on File Inclusion & Path Traversal](https://academy.hackthebox.com/course/preview/file-inclusion) |
Loading…
Reference in new issue