An attacker crafts a request to a target that results in the target
						listing the content of a directory as output. One common method of
						triggering directory contents as output is to construct a request containing
						a path that terminates in a directory name rather than a file name since
						many applications are configured to provide a list of the directory's
						contents when such a request is received. An attacker can use this to
						explore the directory tree on a target as well as learn the names of files.
						This can often end up revealing test files, configuration files, as well as
						naming patterns, all of which can be used by an attacker to mount additional
						attacks.