Directory Listing _

Directory Listing Vulnerability Demo

Directory Listing Vulnerability

Directory listing vulnerabilities occur when web servers are configured to display the contents of directories when no index file is present. This can expose sensitive files and information to attackers.

Try to find the hidden directory on this server that contains sensitive files.

The hidden directory is located at:

/hidden/

Navigate to this URL to see the directory listing and access the secret files.

Company Website Files

Below are the public files available on our website:

/index.html
/about.html
/contact.html
/images/
/css/
/js/

Can you find the hidden directory that contains sensitive files?

How to Prevent Directory Listing Vulnerabilities

To prevent directory listing vulnerabilities:

Disable directory listing in web server configuration
Add index files to all directories
Use .htaccess files to restrict access
Implement proper access controls
Store sensitive files outside the web root