HTTP.Request.Smuggling.Desync.Attack
Request Smuggling Attack
An attacker exploits HTTP request smuggling to manipulate the sequence of requests and deceive both front-end and back-end security controls.
14 stars
1 watching
4 forks
last commit: over 3 years ago Related projects:
Repository | Description | Stars |
---|---|---|
anshumanpattnaik/http-request-smuggling | Detects HTTP Request Smuggling vulnerabilities in web applications | 472 |
portswigger/http-request-smuggler | An extension for Burp Suite to help identify and exploit HTTP Request Smuggling vulnerabilities. | 958 |
defparam/smuggler | An HTTP Request Smuggling / Desync testing tool written in Python 3 | 1,819 |
defparam/tiscripts | Tools for generating custom request smuggling payloads to exploit vulnerabilities in web applications. | 215 |
detectify/varnish-h2-request-smuggling | A Docker-based test environment for simulating a Varnish HTTP/2 request smuggling vulnerability | 55 |
bishopfox/h2csmuggler | Smuggling HTTP traffic past proxy rules to bypass access controls | 650 |
amirnsahmad/smuggler | A tool for testing HTTP request smuggling and desync issues in web servers. | 13 |
nullhypothesis/scramblesuit | A protocol for protecting online communications against traffic analysis and active probing attacks | 92 |
vp777/metahttp | Automates scanning of HTTP resources in a target network using XML External Entity (XXE) attacks | 37 |
jlopp/physical-bitcoin-attacks | Compiles known physical attacks on Bitcoin and cryptocurrency owners | 577 |
penumbra-x/rquest | An asynchronous HTTP client with TLS and fingerprint spoofing capabilities | 75 |
0ang3el/websocket-smuggle | A tool to expose security vulnerabilities in WebSocket reverse proxying allowing HTTP requests to be smuggled through | 337 |
trycatchhcf/packetwhisper | A tool for stealthy data transfer using DNS queries and text-based steganography to evade attribution and detection. | 623 |
nxenon/h2spacex | A low-level HTTP/2 library for exploiting race conditions in web servers | 140 |
cure53/httpleaks | Project to identify all possible ways a website can leak HTTP requests through HTML | 1,980 |