all InfoSec news
Http2Smugl - Tool to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -> HTTP/1.1 conversion
Jan. 24, 2022, 8:30 p.m. | noreply@blogger.com (Unknown)
KitPloit - PenTest Tools! www.kitploit.com
This tool helps to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -> HTTP/1.1 conversion by the frontend server.
The scheme is as follows:
- An attacker sends a crafted HTTP/2 request to the target server, which we call frontend.
- The request is (presumably) converted to HTTP/1.1 and transmitted to another, backend server.
The attacker wants to find such a request that it will be seen as two separate requests by the backend server. …
cases exploit http http request smuggling smuggling tool vulnerability detection
More from www.kitploit.com / KitPloit - PenTest Tools!
Radamsa - A General-Purpose Fuzzer
3 days, 6 hours ago |
www.kitploit.com
Sr2T - Converts Scanning Reports To A Tabular Format
5 days, 6 hours ago |
www.kitploit.com
Jobs in InfoSec / Cybersecurity
Cybersecurity Skills Challenge -- Sponsored by DoD
@ Correlation One | United States
Security Operations Center (SOC) Analyst
@ GK Cybersecurity Group | Remote
Azure Security Architect
@ First Quality | Remote US - Eastern or Central Timezone
Lead Security Analyst
@ OpenText | Virtual, CA
Cybersecurity Research Engineer
@ Peraton | Silver Spring, MD, United States
Enterprise Security Engineer
@ Salesforce | California - San Francisco