agentskills.codes
FI

File Path Traversal Testing

This skill should be used when the user asks to "test for directory traversal", "exploit path traversal vulnerabilities", "read arbitrary files through web applications", "find LFI vulnerabilities", or "access files outside web root". It provides comprehensive file path traversal attack and testing

Install

mkdir -p .claude/skills/file-path-traversal-testing-h4d3zs && curl -L -o skill.zip "https://agentskills.codes/api/skills/download/14236" && unzip -o skill.zip -d .claude/skills/file-path-traversal-testing-h4d3zs && rm skill.zip

Installs to .claude/skills/file-path-traversal-testing-h4d3zs

Activation

This is the description your AI agent reads to decide when to run this skill — the better it matches your request, the more reliably it fires.

This skill should be used when the user asks to "test for directory traversal", "exploit path traversal vulnerabilities", "read arbitrary files through web applications", "find LFI vulnerabilities", or "access files outside web root". It provides comprehensive file path traversal attack and testing methodologies.
314 chars✓ has a “when” triggerlonger than Claude Code's old 250-char listing cap (fine on current versions)

About this skill

File Path Traversal Testing

Purpose

Identify and exploit file path traversal (directory traversal) vulnerabilities that allow attackers to read arbitrary files on the server, potentially including sensitive configuration files, credentials, and source code. This vulnerability occurs when user-controllable input is passed to filesystem APIs without proper validation.

Prerequisites

🧠 Knowledge Modules (Fractal Skills)

1. Required Tools

2. Required Knowledge

3. Phase 1: Understanding Path Traversal

4. Phase 2: Identifying Traversal Points

5. Phase 3: Basic Exploitation Techniques

6. Phase 4: Bypass Techniques

7. Phase 5: Linux Target Files

8. Phase 6: Windows Target Files

9. Phase 7: Automated Testing

10. Phase 8: LFI to RCE Escalation

11. Phase 9: Testing Methodology

12. Phase 10: Prevention Measures

13. Common Payloads

14. Target Files

15. Encoding Variants

16. Permission Restrictions

17. Application Restrictions

18. Testing Considerations

Search skills

Search the agent skills registry