BillOct 16, 2025
Hey #directorytraversal folks. Love the memes. Is dotdotpwn still the zen tool for testing?
Simone:cthulhu:Sep 3, 2025
#meme #directorytraversal
BillApr 20, 2025
Easter has been hacked. #directorytraversal
buheratorApr 16, 2025
I've been wondering for a long time if #DirectoryTraversal vulnerabilities could be mitigated by a safe path handling library (similarly to e.g. ORM's). As a side-quest, I stared to implement a prototype for Python, and I'm super interested in your unfiltered opinions:

https://github.com/v-p-b/SafePath/
GitHub - v-p-b/SafePath: Experimental library for safe filesystem path handling

Experimental library for safe filesystem path handling - v-p-b/SafePath

GitHub
0xberserkrSep 30, 2023
File Inclusion - I have just completed this room! Check it out: https://tryhackme.com/room/fileinc #tryhackme #Vulnerabilities #LFI #RFI #DirectoryTraversal #Fileinclusion #Webapp #fileinc via @RealTryHackMe

#infosec #infosecurity #Hacking
TryHackMe | Cyber Security Training

TryHackMe is a free online platform for learning cyber security, using hands-on exercises and labs, all through your browser!

TryHackMe
Christopher Bauer   Aug 9, 2023

I was today years old when I first learned that windows hosts accept both ..\ *and* ../ for executing local file inclusion.

Whoa.  #directorytraversal #pentesting

Anastasis VasileiadisJul 6, 2023

Grafana Attack Surface: How a Visualization and Monitoring Platform Can Expose Your Organization's Data and File System to Attackers

Article: https://hadess.io/grafana-attack-surface/

#grafana #ssrf #directorytraversal #bugbountytips

Grafana Attack Surface

How a Visualization and Monitoring Platform Can Expose Your Organization’s Data and File System to Attackers Directory Traversal in Grafana 7.5.1(CVE-2021-29408)SSRF in Grafana 7.5.1(CVE-2021-29409) Executive Summary Grafana 7.5.1, a popular open-source analytics and monitoring platform, contains two critical vulnerabilities that can be exploited by attackers. The first vulnerability is a server-side request forgery (SSRF) found … Grafana Attack Surface Read More »

HADESS
Tarnkappe.infoMay 20, 2023
📬 Malware-Gefahren im Jahr 2023: Qbot unangefochten auf Platz eins
#ITSicherheit #Malware #AgentTesla #CheckPointSoftware #DirectoryTraversal #log4j #NanoCore #Qakbot #RemoteCodeExecution #RemoteAccessTrojaner https://tarnkappe.info/artikel/it-sicherheit/malware/malware-gefahren-im-jahr-2023-qbot-unangefochten-auf-platz-eins-275138.html
Malware-Gefahren im Jahr 2023: Qbot unangefochten auf Platz eins

Die wichtigsten Malware-Gefahren 2023: Qbot führt die Liste an. Mit am stärksten betroffen sind das Bildungswesen und die IT-Dienstleister.

Tarnkappe.info
Boing BoingJun 6, 2018
Zip Slip: a sneaky way to install malware using zip and other packing utilities https://boingboing.net/2018/06/06/zip-slip.html #directorytraversal #security #infosec #youtube #zipslip #videos #Video #floss
Zip Slip: a sneaky way to install malware using zip and other packing utilities

Zip Slip: a sneaky way to install malware using zip and other packing utilities

Boing Boing