Ctrlk

Enumeration
Content Discovery
API hacking
CORS Misconfiguration
XSS
SSRF
Account take over
IDOR
Access control vulnerabilities and privilege escalation
HTTP Request Smuggling / HTTP Desync Attack
Subdomain Takeovers
Resources
403 Bypass
Log4J
Bypassing Client-Side Controls
BACKUP FILES /Backup Archives:
Attacking Authentication
DNS enumeration/DNS recon-reading
Subdomain Enumeration-reading
Subdomain Takeover
File upload vulnerabilities
CRLF

Powered by GitBook

On this page

HTTP Request Smuggling / HTTP Desync Attack

https://book.hacktricks.xyz/pentesting-web/abusing-hop-by-hop-headers

PreviousAccess control vulnerabilities and privilege escalation NextSubdomain Takeovers

Last updated 2 years ago