0xsh logo

Pentest Reference: HTTP Request Smuggling

Published Feb 20, 2022

Contents

  • References

References

  • Portswigger: HTTP Request Smuggling
  • h2c Smuggling: Request Smuggling Via HTTP/2 Cleartext (h2c)
  • XXE-scape through the front door: circumventing the firewall with HTTP request smuggling
  • Account takeover via HTTP Request Smuggling
  • HTTP Desync Attacks: Request Smuggling Reborn
  • HTTP Request Smuggling + IDOR
© 2023 0xsh
twitter/github