Scomurr's Blog – Page 3 – Play for serendipity…

HTTP Request Smuggling – HTTP/2 Request Tunnelling

03/19/2023 scomurr Security, Web Attacks
HTTP Request Smuggling – Web Cache Poisoning for Deception

03/12/2023 scomurr Security, Web Attacks
HTTP Request Smuggling – Web Cache Poisoning

03/05/2023 scomurr Security, Web Attacks
HTTP Request Smuggling – Admin Access via CL.0 Vulnerability

02/25/2023 scomurr Security, Web Attacks
HTTP Request Smuggling–H2 CRLF Header Injection Part 2

02/20/2023 scomurr Security, Web Attacks
HTTP Request Smuggling – H2 CRLF Injection

01/27/2023 scomurr Security, Web Attacks
HTTP Request Smuggling – HTTP/2 Downgrade Attack Part 2

01/25/2023 scomurr Security, Web Attacks
HTTP Request Smuggling – HTTP/2 Downgrade Attack

01/23/2023 scomurr Security, Web Attacks

HTTP Request Smuggling – Identifying Frontend Request Rewriting and Exploiting

01/02/2023 scomurr Security, Web Attacks

This is the 7th blog post in the series I am publishing dealing with Request Smuggling or Desync vulnerabilities and[…]

Read more

HTTP Request Smuggling – Bypassing Frontend Security Controls Part 2

12/23/2022 scomurr Security, Web Attacks

This is the 6th blog post in the series I am publishing dealing with Request Smuggling or Desync vulnerabilities and[…]

Read more

HTTP Request Smuggling – Bypassing Frontend Security Controls

12/21/2022 scomurr Security, Web Attacks

This is the next blog post in the series I am publishing dealing with Request Smuggling or Desync vulnerabilities and[…]

Read more

HTTP Request Smuggling – Finding and Exploiting via Differential Responses

12/19/2022 scomurr Security, Web Attacks

This is the continuation of the series I am publishing that aligns to the PortSwigger Web Security Academy labs on[…]

Read more

HTTP Request Smuggling – Obfuscated TE Header

12/16/2022 scomurr Security, Web Attacks

This is blog post #3 in a series that covers HTTP Request Smuggling or HTTP Desync attacks. This post focuses[…]

Read more