Hello there,

I'm doing a pentest on web application, this have a local file include, but, web app have a modsecurity.

I tried bypass filter using double url encoding, but without success.
Someone can help me ?

Any direction are appreciated.

Cheers,