00 — Overview

Path Traversal

Apps that read files based on user-supplied filenames can be tricked into reading any file on the server. Learn how ../ sequences escape the intended directory.

Beginner·45 min·8 tasks

// By the end of this module

→Understand how directory traversal breaks out of the intended file root

→Exploit path traversal to read /etc/passwd and application config files

→Bypass filters using URL encoding, null bytes, and path normalisation

→Escalate file read to RCE via log poisoning or SSH key disclosure

// Prerequisites

Foundation · Beginner

Linux & CLI Fundamentals

45 min

→

Foundation · Beginner

How the Web Works

45 min

→