Nginx

Path traversal via misconfigured NGINX alias

Path traversal via misconfigured NGINX alias - Vulnerabilities - AcunetixAcunetix

https://example.com/static../ returns the same response as https://example.com/

NginxHackTricks

Burp extension

GitHub - bayotop/off-by-slash: Burp extension to detect alias traversal via NGINX misconfiguration at scale.GitHub