HTTP Desync Attacks

• https://memn0ps.github.io/2019/11/02/HTTP-Request-Smuggling-CL-TE.html

• https://t.co/L5doH8H9oY?amp=1

• https://www.youtube.com/watch?v=vkfBFuH54G4&feature=youtu.be

• https://twitter.com/0ffensivemitthu/status/1167445370835742720

• HTTP Request Smuggling - https://twitter.com/SpiderSec/status/1200413390339887104

• Tool - https://twitter.com/gwendallecoguic/status/1198931102137753602

• HTTP Smuggling Lab - https://github.com/ZeddYu/HTTP-Smuggling-Lab

• Smuggler.py - https://github.com/gwen001/pentest-tools/blob/master/smuggler.py

• https://blog.zeddyu.info/2019/12/08/HTTP-Smuggling-en/

• https://bertjwregeer.keybase.pub/2019-12-10%20-%20error_page%20request%20smuggling.pdf

• https://twitter.com/Unknownuser1806/status/1220552064478011394

• https://www.pentestpartners.com/security-blog/http-request-smuggling-a-how-to/ - Request Sumggling

• HTTP Request Smuggling on Nginx <=1.8.0 (CVE-2020-12440) - https://gist.github.com/Glassware123/1023720bf4787375a04f32a0c12e956a

• https://infosecwriteups.com/exploiting-http-request-smuggling-te-cl-xss-to-website-takeover-c0fc634a661b

• https://twitter.com/SpiderSec/status/1200413390339887104

• https://github.com/nachiketrathod/HTTP.Request.Smuggling.Desync.Attack/

u