Skip to content
No results
  • Main Blog
  • Offensive Security
  • Ops and Dev
    • SCOM
    • Web Dev
  • Other
    • SEO
  • About
scomurr.com logo banner

Play for serendipity...

  • Main Blog
  • Offensive Security
  • Ops and Dev
    • SCOM
    • Web Dev
  • Other
    • SEO
  • About
scomurr.com minimal logo

Play for serendipity...

  • Security, Web Attacks

HTTP Request Smuggling – Obfuscated TE Header

This is blog post #3 in a series that covers HTTP Request Smuggling or HTTP Desync attacks. This post focuses on the 3rd HTTP Request Smuggling lab on the PortSwigger Web Security Academy focused on obfuscating the TE header. The…

  • scomurr
  • 12/16/2022
  • Security, Web Attacks

HTTP Request Smuggling – TE.CL Vulnerability

I am continuing my blog series on HTTP Request Smuggling or HTTP Desync attacks. These vulnerabilities arise when there is a mismatch in handling between the frontend and backend servers. Understanding where a request ends and where the next request…

  • scomurr
  • 12/13/2022
  • Security, Web Attacks

HTTP Request Smuggling – CL.TE Vulnerability

In my preparation for taking the Burp Certified Professional test, I ran through the majority of the content on Web Security Academy. I have learned a ton of information and I am thankful for such a great learning resource. If…

  • scomurr
  • 12/12/2022
  • Automation, Azure, Security

Microsoft Sentinel – Incident Enrichment with urlscan.io

Helping a SOC Analyst get the data they need during an investigation is critical in helping drive down security incident response time. Microsoft Sentinel provides a fantastic place to do incident investigation and response, but there are additional 3rd party…

  • scomurr
  • 09/27/2022
  • Productivity

Browser Tip: Pinning Sites as Applications

This is a trick I use pretty heavily to control the amount of tabs I have open and allows me to quickly navigate back to my critical sites without having to sift through the insane amount of tabs I seem…

  • scomurr
  • 08/24/2022
Prev
1 … 6 7 8 9 10 11 12 … 19
Next
  • ssti lab 7 - featured image
    SSTI – Server-side template injection with a custom exploit03/11/2025
  • ssti lab 6 - featured image
    SSTI – Server-side template injection in a sandboxed environment03/04/2025
  • ssti lab 5 featured image
    SSTI – Server-side template injection with information disclosure via user-supplied objects02/25/2025
  • monkey riding a bike - ssti lab 4 - featured image
    SSTI – Server-side template injection in an unknown language with a documented exploit02/20/2025
  • SSTI lab 3 - featured image
    SSTI – Server-side template injection using documentation02/17/2025

Scomurr.com is partially supported by readers like you. When you purchase products or services through our affiliate links, we may receive a commission. This will bring no extra costs to you and helps us to keep on creating content.

Legal

  • Terms and Conditions
  • Terms of Use
  • Privacy Policy
  • Cookie Policy
  • DMCA
  • GDPR
  • Disclaimer

My Favorites

  • VistaSocial
  • NeuronWriter
  • Canva

Socials

Copyright © 2025 - WordPress Theme by CreativeThemes