Abstract

HTTP Request Smuggling was first documented back in 2005 by Watchfire, but a fearsome reputation for difficulty and collateral damage left it mostly ignored for years while the web's susceptibility grew. Alongside new attack variants and exploitation vectors, I'll help you tackle this legacy with custom open source tooling and a refined methodology for relaible black-box detection, assessment and exploitation with minimal risk of collateral damage.

Speaker

Abhyuday singh

Timing

Starts at Saturday January 11 2020, 10:45 AM. The sessions runs for about 1 hour.

Resources