[WEB SECURITY] local file inclusion and path transversal

Matt Parsons mparsons1980 at gmail.com
Mon Feb 22 04:47:54 EST 2010

I think you can do it with Burp Suite regular version.  But if not you can
do it with Burp Suite Pro.  I think it cost 200 dollars US which is well
worth the price.  It is not like one of those 25K dollar licenses.   

Matt Parsons, MSM, CISSP
315-559-3588 Blackberry
817-294-3789 Home office 
mailto:mparsons1980 at gmail.com



-----Original Message-----
From: Taras [mailto:naplanetu at gmail.com] 
Sent: Sunday, February 21, 2010 2:40 PM
To: Miguel González Castaños
Cc: websecurity at webappsec.org
Subject: Re: [WEB SECURITY] local file inclusion and path transversal

* PGP - S/MIME Signed by an unverified key: 02/21/10 at 14:40:05

On 02/14/2010 06:47 PM, Miguel González Castaños wrote:
> Hi all,
> I keep on studying different hacking techniques. The next assignment is
> to scan a website to find local file inclusion and path transversal
> vulnerabilities. I have used the free edition of n-stalker, acunetix and
> nikto and I haven't found anything. Any howto or (free) vulnerability
> scanner anyone of you recommend me?
W3AF and of course last version of nikto.

"Software is like sex: it's better when it's free.", - Linus Torvalds.

* Taras Ivashchenko <naplanetu at gmail.com>
* Issuer: The USERTRUST Network - Unverified

Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn

More information about the websecurity mailing list