Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Directory Traversal
Introduction
Course Introduction (2:26)
Course Slides and Scripts
Getting Help
Answering Your Questions (3:11)
Join the Discord Server
Directory Traversal - Technical Deep Dive
Agenda (0:49)
What is Directory Traversal (8:18)
How to Find Directory Traversal Vulnerabilities (6:08)
How to Exploit Directory Traversal Vulnerabilities (3:39)
How to Prevent Directory Traversal Vulnerabilities (1:28)
Additional Resources (0:20)
Lab Environment Setup
Lab Environment Setup (7:21)
Step-by-Step Guide
Hands-On Directory Traversal Labs
Lab #1 File path traversal, simple case (13:58)
Lab #2 File path traversal, traversal sequences blocked with absolute path bypass (10:55)
Lab #3 File path traversal, traversal sequences stripped non-recursively (14:26)
Lab #4 File path traversal, traversal sequences stripped with superfluous URL-decode (12:19)
Lab #5 File path traversal, validation of start of path (10:28)
Lab #6 File path traversal, validation of file extension with null byte bypass (9:54)
Thank You!
Thank You!
How to Find Directory Traversal Vulnerabilities
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock