added various invalid filenames and characters that can cause path revealing error messages. Added more filter bypass patterns for all platforms.

attack-payloads/file-upload/invalid-filenames-linux.txt

@@ -0,0 +1,2 @@
+# Invalid filenames - these can be used to attempt to cause an error condition during file upload bypass attempts which might reveal an absolute path. Useful if you're not sure where your files are landing.
+

attack-payloads/file-upload/invalid-filenames-microsoft.txt

@@ -0,0 +1,33 @@
+# Useful for causing error messages that contain an absolute drivepath, such as if you don't know where the file uploader puts files
+# regex replace {EXT} with allowed extension type 
+CON
+PRN
+AUX
+CLOCK$
+NUL
+COM1
+COM2
+COM3
+COM4
+COM5
+COM6
+COM7
+COM8
+COM9
+LPT1
+LPT2
+LPT3
+LPT4
+LPT5
+LPT6
+LPT7
+LPT8
+LPT9
+*.{EXT}
+".{EXT}
+[.{EXT}
+].{EXT} 
+:.{EXT} 
+|.{EXT} 
+=.{EXT} 
+,.{EXT}

attack-payloads/file-upload/invalid-filesystem-chars-microsoft.txt

@@ -0,0 +1,14 @@
+# list of invalid characters for windows filesystem - these can be used to attempt to cause an error condition during file upload bypass attempts which might reveal an absolute path. Useful if you're not sure where your files are landing.
+# fuzz these into a filename during upload attempts
+* 
+. 
+" 
+/ 
+\ 
+[ 
+] 
+: 
+; 
+| 
+= 
+,

attack-payloads/file-upload/invalid-filesystem-chars-osx.txt

@@ -0,0 +1,3 @@
+# list of invalid characters for osx - these can be used to attempt to cause an error condition during file upload bypass attempts which might reveal an absolute path. Useful if you're not sure where your files are landing.
+# fuzz these into a filename during upload attempts
+: