Play for serendipity...
Play for serendipity...
This is the continuation of the series I am publishing that aligns to the PortSwigger Web Security Academy labs on Request Smuggling or Desync vulnerabilities and attacks (here). In this post, I will be dealing with identifying and exploiting these…
This is blog post #3 in a series that covers HTTP Request Smuggling or HTTP Desync attacks. This post focuses on the 3rd HTTP Request Smuggling lab on the PortSwigger Web Security Academy focused on obfuscating the TE header. The…
I am continuing my blog series on HTTP Request Smuggling or HTTP Desync attacks. These vulnerabilities arise when there is a mismatch in handling between the frontend and backend servers. Understanding where a request ends and where the next request…
In my preparation for taking the Burp Certified Professional test, I ran through the majority of the content on Web Security Academy. I have learned a ton of information and I am thankful for such a great learning resource. If…
The Internet seems to run on advertising – and that is fair. Companies and individuals need to find a way to monetize their products and data without hiding everything behind paywalls. With that being said, there are plenty of sites…