all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling

Add to bookmarks
Aug. 10, 2022, 6 p.m. |

PortSwigger Research portswigger.net

The recent rise of HTTP Request Smuggling has seen a flood of critical findings enabling near-complete compromise of numerous major websites. However, the threat has been confined to attacker-accessib

attacks browser frontier http http request smuggling request request smuggling smuggling

Visit resource

More from portswigger.net / PortSwigger Research

Refining your HTTP perspective, with bambdas 3 days, 21 hours ago | portswigger.net
clue cors headers http +9
Introducing SignSaboteur: forge signed web tokens with ease 1 week, 3 days ago | portswigger.net
authentication authorization beyond depth +9
Making Desync attacks easy with TRACE 2 months, 1 week ago | portswigger.net
attacks can constraints easy +8
Using form hijacking to bypass CSP 2 months, 3 weeks ago | portswigger.net
bypass can configuration csp +6
Top 10 web hacking techniques of 2023 3 months, 1 week ago | portswigger.net
community hacking identify research +7
Hiding payloads in Java source code strings 4 months, 1 week ago | portswigger.net
abuse can code conceal +5
Top 10 web hacking techniques of 2023 - nominations open 4 months, 3 weeks ago | portswigger.net
blog blog posts community hacking +8
Finding that one weird endpoint, with Bambdas 5 months, 2 weeks ago | portswigger.net
act balancing act concepts endpoint +6
Blind CSS Exfiltration: exfiltrate unknown web pages 5 months, 3 weeks ago | portswigger.net
css discover exfiltration gif +3

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
View on infosec-jobs.com