A rapid HTTP downgrade smuggling scanner written in Go.
-
Updated
May 16, 2024 - Go
A rapid HTTP downgrade smuggling scanner written in Go.
A curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! 🍻
HTTP request smuggling attack helper/CLI tools to manipulate HTTP packets
Blog about HTTP Request Smuggling, including a demo application.
Automated Discovery of Parsing Discrepancy Related Bypasses in Web Application Firewalls Using HTTP Request Fuzzing.
Burp extension to calculate the byte size of selections made in text windows
Lab didático de HTTP Request Smuggling (TE.CL) — servidor vulnerável em C + exploits Python
Detect and confirm HTTP/S desync vulnerabilities
HTTP Request Smuggling & Client-Side Desync framework for Exchange OWA. CL.TE/TE.CL detection, email spoofing, cache poisoning.
automatic HTTP request smuggling vulnerability detection
8-phase cache & transport attack scanner — cache poison, request smuggling, H2C, CDN bypass
Phage: an evolutionary HTTP/3-to-HTTP/1 request-smuggling desync fuzzer. A fork of CyberArk QuicDrawH3 that adds a MAP-Elites engine, QUIC-state genes (bare FIN, RESET), and H3/H2 downgrade operators on top of the Quic-Fin-Sync primitive.
Add a description, image, and links to the request-smuggling topic page so that developers can more easily learn about it.
To associate your repository with the request-smuggling topic, visit your repo's landing page and select "manage topics."