Lately, I’ve noticed ../ stripping being used to patch Path Traversal in our Attack & Defense AppSec challenges. While it might seem like a quick fix, it doesn’t tackle the root cause of this vulnerability. Plus, there are clever ways to bypass it as I demonstrate in this short video.
