# HTTP Desync Attacks

* <https://memn0ps.github.io/2019/11/02/HTTP-Request-Smuggling-CL-TE.html>
* <https://t.co/L5doH8H9oY?amp=1>
* <https://www.youtube.com/watch?v=vkfBFuH54G4&feature=youtu.be>
* <https://twitter.com/0ffensivemitthu/status/1167445370835742720>
* HTTP Request Smuggling - <https://twitter.com/SpiderSec/status/1200413390339887104>
* Tool - <https://twitter.com/gwendallecoguic/status/1198931102137753602>
* HTTP Smuggling Lab - <https://github.com/ZeddYu/HTTP-Smuggling-Lab>
* Smuggler.py - <https://github.com/gwen001/pentest-tools/blob/master/smuggler.py>
* <https://blog.zeddyu.info/2019/12/08/HTTP-Smuggling-en/>
* <https://bertjwregeer.keybase.pub/2019-12-10%20-%20error_page%20request%20smuggling.pdf>
* <https://twitter.com/Unknownuser1806/status/1220552064478011394>
* <https://www.pentestpartners.com/security-blog/http-request-smuggling-a-how-to/> - Request Sumggling
* HTTP Request Smuggling on Nginx <=1.8.0 (CVE-2020-12440)[ - https://gist.github.com/Glassware123/1023720bf4787375a04f32a0c12e956a](https://gist.github.com/Glassware123/1023720bf4787375a04f32a0c12e956a)
* <https://infosecwriteups.com/exploiting-http-request-smuggling-te-cl-xss-to-website-takeover-c0fc634a661b>
* <https://twitter.com/SpiderSec/status/1200413390339887104>
* <https://github.com/nachiketrathod/HTTP.Request.Smuggling.Desync.Attack/>

{% embed url="<https://twitter.com/fasthm00/status/1435248480516296704?s=20>" %}

u