Skills
.Work. You
Rest

pentest-path-traversal

Community

Detect and exploit path traversal flaws.

Software Engineering#penetration testing#web security#lfi#rfi#path traversal#file inclusion
Authoryhy0
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill helps identify and exploit path traversal and file inclusion vulnerabilities in web applications, crucial for penetration testing.

Core Features & Use Cases

  • Attack Surface Discovery: Identifies high-risk functionalities like file downloads, template selection, and log viewers.
  • Exploitation Techniques: Provides methods for basic path traversal, encoding bypasses, Windows-specific tricks, and language-specific vulnerabilities (Node.js, Java/Spring, PHP).
  • Use Case: During a penetration test, you suspect a file download endpoint might be vulnerable to path traversal. You would use this Skill to test various payloads like ../../../etc/passwd and its encoded variants to confirm and exploit the vulnerability.

Quick Start

Use the pentest-path-traversal skill to test for path traversal vulnerabilities on the endpoint '/download?file='.

Dependency Matrix

Required Modules

None required

Components

scriptsreferences

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: pentest-path-traversal
Download link: https://github.com/yhy0/ghsa-skill-builder/archive/main.zip#pentest-path-traversal

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.