Sam Paredes (CoffeeJunkie)

Sam Paredes (CoffeeJunkie)

Cybersecurity student and pentester in continuous development.

Day 89/100 Hack and Improvement

less than 1 minute read

Day 89 comes with some readings on HTTP Smuggling.

Hacking companies through help desk

From Rajesh Ranjan. Day 88 comes with a simple bug, which was leaking the sensitive data of the user.

Here is the link for the article

HTTP Smuggling Must Reads

From Sam (CoffeeJunkie). Learning lately a little bit more about HTTP Desync Attacks, it seems so interesting all the capabilities that these attacks can provide in a great base. From account take overs, web cache poisoning, DOM and reflected XSS, to other kind of information disclosure. This topic can be a little confused, that’s why albinowax’s research has come handy at this time. In order to have a better understanding of these kind of attacks, I strongly suggest to reading the following resources.

  1. HTTP Desync Attacks: Request Smuggling Reborn
  2. HTTP Desync Attacks: what happened next

That’s it for today, happy taco Tuesday.

via GIPHY

Leave a comment

You may also enjoy

Day 97/100 Hack and Improvement

less than 1 minute read

Due to travel reasons #100daystohackandimprove moved to twitter. The following days will be posted on Twitter till day 97.