all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Making Desync attacks easy with TRACE

Add to bookmarks
March 19, 2024, 2 p.m. |

PortSwigger Research portswigger.net

Have you ever found an HTTP desync vulnerability that seemed impossible to exploit due to its complicated constraints? In this blogpost we will explore a new exploitation technique that can be used to

attacks can constraints easy exploit exploitation found http http desync making trace vulnerability

Visit resource

More from portswigger.net / PortSwigger Research

Making Desync attacks easy with TRACE 1 month, 1 week ago | portswigger.net
attacks can constraints easy +8
Using form hijacking to bypass CSP 1 month, 3 weeks ago | portswigger.net
bypass can configuration csp +6
Top 10 web hacking techniques of 2023 2 months, 1 week ago | portswigger.net
community hacking identify research +7
Hiding payloads in Java source code strings 3 months ago | portswigger.net
abuse can code conceal +5
Top 10 web hacking techniques of 2023 - nominations open 3 months, 2 weeks ago | portswigger.net
blog blog posts community hacking +8
Finding that one weird endpoint, with Bambdas 4 months, 2 weeks ago | portswigger.net
act balancing act concepts endpoint +6
Blind CSS Exfiltration: exfiltrate unknown web pages 4 months, 3 weeks ago | portswigger.net
css discover exfiltration gif +3
The single-packet attack: making remote race-conditions 'local' 6 months, 1 week ago | portswigger.net
attack conditions effectively http +10
How to build custom scanners for web security research automation 6 months, 3 weeks ago | portswigger.net
aid attack automation build +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Compliance Advisor

@ SAP | Budapest, HU, 1031
View on infosec-jobs.com

DevSecOps Engineer

@ Qube Research & Technologies | London
View on infosec-jobs.com

Software Engineer, Security

@ Render | San Francisco, CA or Remote (USA & Canada)
View on infosec-jobs.com

Associate Consultant

@ Control Risks | Frankfurt, Hessen, Germany
View on infosec-jobs.com

Senior Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com
View more jobs