This is a thorough path traversal and LFI exploitation playbook that covers the full chain from basic directory traversal to remote code execution. It walks through encoding bypass techniques (URL, double-URL, overlong UTF-8), OS-specific targets like /proc/self/environ for credential leaks, and the critical PHP wrapper attacks using php://filter for source code extraction and php://input for RCE. The log poisoning section is especially useful, showing how to inject PHP into Apache logs via User-Agent headers then include them for execution. It also routes you to the ghost-bits-cast-attack skill when you're hitting Java backends where standard traversal sequences get blocked by WAFs. Good reference when you need to escalate from read-only file access to actual code execution.
npx skills add https://github.com/yaklang/hack-skills --skill path-traversal-lfi