P4n1cThreads
CtrlK
Purple Book of Tricks
Purple Book of Tricks
  • 🏴‍☠️Welcome!
    • 🔮Prelude
    • 📚Bookmarks
    • 🚨Licence and Disclaimer
  • Stepping Stone
    • Arch Linux (On Construction :))
    • Git
    • Code
      • Flutter/Dart
      • Python Essentials
      • C & C++
      • GO
    • Steganography
    • 💾Regex
    • Wordlists
    • 🌐Network Protocols
      • Telnet
      • ICMP
      • SSH
      • IMAP
      • DNS
      • FTP
      • WebDAV
      • SMB
      • SNMP
      • SMTP
      • NFS
      • IPP
      • WinRM
      • LLMNR
      • JDWP
    • Network Analysis
      • tcpdump
      • Nmap
      • 🦈Wireshark
    • Shells/TTYs
    • Databases
      • SQLite
      • MySQL
      • NoSQL
        • MongoDB
        • Redis
    • Metasploit
    • OPSEC
      • VPS Hardening
      • Metadata Removal
  • Web Exploitation
    • Web Reconnaissance
      • Curl Commands
      • Dorks
      • Shodan
      • Registrants & Certificates
      • User Endpoints
      • Web Fuzzing
        • ffuf
        • feroxbuster
        • Gobuster
        • GoWitness
      • CORS
      • Middleware Security
      • Python Web Shells
    • Servers & Proxies
      • Apache
      • Nginx
      • Werkzeug
      • Squid Proxy
    • Web APIs
      • API Endpoint Enumeration
      • GraphQL
    • Java-based web application
      • JAR
      • Apache Struts
      • .WAR
    • Web Services/Frameworks
      • Spring-Boot
      • Neo4j
      • Ghost CMS
      • BackDrop CMS
      • DaloRADIUS
      • Gitea
      • Wordpress
      • Laravel
      • Express
      • Magento
      • AIOHTTP
      • HashiCorp
      • Tiny File Manager
      • Joomla
      • CMS Made Simple
      • Cacti
      • Tomcat
      • ImageMagick
      • LimeSurvey
    • Vulnerabilities
      • Broken Access Control and Application Logic Errors
        • Path Traversal
        • LFI
        • IDOR
        • Email Verification Bypass
      • Client-Side Attacks
        • HTML Injection
        • XSS
        • Clickjacking
      • Server-Side Attacks
        • Command Injection
        • SSRF
        • SQLi
          • NoSQLi
          • SQLite
          • SQLmap
        • SSTI
        • SSI
        • XXE
        • Log Poisoning
        • Deserialization
        • SSRF
        • Prototype Pollution
      • Session Hijacking
      • Template Manipulation
    • Password Spray
  • Cloud Exploitation
    • Kubernetes
    • AWS
  • Linux Exploitation
    • Confirming and Verifying RCE
    • File Transfer
    • Credential Dumping
      • Thunderbird
    • Lateral Movement
    • Persistence
    • Linux Privilege Escalation
      • Static Binaries
      • Enumeration
      • Hijacks
      • Jailbreaks
      • Binary Exploitation - Linux
      • Kernel Exploits
      • Buffer Overflow - Linux
      • Docker
      • Abusing Wildcards
  • Wireless Exploitation
    • NFC
  • Android Exploitation
    • Android Debug Bridge
    • Create Malicious Applications
  • Social Engineering
    • Phishing Attacks
  • Reverse Engineering
    • Binaries
    • GDB
    • radare2
  • Cryptanalysis
    • Cryptosystems
    • Investigation Methodology
    • Chinese Remainder Theorem Applications
    • Pollard's Rho
    • RSA Attacks
Powered by GitBook
On this page
Edit
  1. Web Exploitation
  2. Vulnerabilities
  3. Broken Access Control and Application Logic Errors

Path Traversal

PreviousBroken Access Control and Application Logic ErrorsNextLFI