Skip to content

Scomurr's Blog

Play for serendipity…

  • Main Blog
  • Web Attacks
  • Web Dev
  • SCOM
  • Game Dev
  • About
  • Disclaimer

Category: Security

HTTP Request Smuggling – HTTP/2 Request Tunnelling

03/19/2023 scomurr Security, Web Attacks

Time for another one of the advanced labs on the PortSwigger Web Security Academy. For this lab, we are dealing[…]

Read more

HTTP Request Smuggling – Web Cache Poisoning for Deception

03/12/2023 scomurr Security, Web Attacks

This lab is a bit similar to the last, however, it has a completely different purpose. In the previous, we[…]

Read more

HTTP Request Smuggling – Web Cache Poisoning

03/05/2023 scomurr Security, Web Attacks

This lab is a lot of fun and requires chaining together techniques to fully exploit. First, we have to identify[…]

Read more

HTTP Request Smuggling – Admin Access via CL.0 Vulnerability

02/25/2023 scomurr Security, Web Attacks

This next lab represents an interesting vulnerability where specific paths/routes within an application are vulnerable to desync when there is[…]

Read more

HTTP Request Smuggling–H2 CRLF Header Injection Part 2

02/20/2023 scomurr Security, Web Attacks

In the previous post, we looked at an HTTP/2 downgrade attack where we injected CRLF characters into a header and[…]

Read more

Posts navigation

1 2 3 … 5 Next Posts»
  • Automation (6)
  • Azure (4)
  • Hack Job (6)
  • MCAS (2)
  • PowerShell (2)
  • Presentation (3)
  • Productivity (2)
  • Security (25)
  • System Center (32)

Recent Posts

  • HTTP Request Smuggling – HTTP/2 Request Tunnelling
  • HTTP Request Smuggling – Web Cache Poisoning for Deception
  • HTTP Request Smuggling – Web Cache Poisoning
  • HTTP Request Smuggling – Admin Access via CL.0 Vulnerability
  • HTTP Request Smuggling–H2 CRLF Header Injection Part 2

Categories

  • Activities
  • ARM
  • Automation
  • Azure
  • Developement
  • Hack Job
  • Infrastructure as Code
  • Integration Packs
  • Management Packs
  • MCAS
  • MITRE
  • MP Authoring
  • OffSec
  • OSCP
  • PowerShell
  • PowerShell
  • Presentation
  • Productivity
  • Reporting
  • SC Operations Manager
  • SC Orchestrator
  • SC Service Manager
  • Security
  • System Center
  • Web Attacks
WordPress Theme: Poseidon by ThemeZee.