HTTP Request Smuggling in 2020 – New Variants, New Defenses and New Challenges

Дата: 26.02.2021. Автор: CISO CLUB. Категории: Подкасты и видео по информационной безопасности

HTTP Request Smuggling (AKA HTTP Desyncing) is an attack technique invented in 2005 that exploits different interpretations of a stream non-standard HTTP requests among various HTTP devices between the client (attacker) and the server (including the server itself). It can be used to smuggle requests across WAFs and security solutions, poison HTTP caches, inject responses to users and hijack user requests.

By Amit Klein

Full Abstract & Presentation Materials: https://www.blackhat.com/us-20/briefings/schedule/#http-request-smuggling-in—new-variants-new-defenses-and-new-challenges-20019

CISO CLUB

Об авторе CISO CLUB

Редакция портала cisoclub.ru. Добавляйте ваш материал на сайт в разделе "Разместить публикацию".
Читать все записи автора CISO CLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *