writeups.xyz
/
Anthony Gavazzi
Title
Vulnerabilities
Programs
Authors
Gudifu: Guided Differential Fuzzing for HTTP Request Parsing Discrepancies
Web Cache Poisoning
CPDoS
HTTP Request Smuggling
Access Control Bypass
ATS
Nginx
HAProxy
Bahruz Jabiyev (@BahruzJabiyev)
Anthony Gavazzi
Kaan Onarlioglu
Engin Kirda
http: properly reject empty http header field names
HTTP Header Attack
HTTP Request Smuggling
Access Control Bypass
HAProxy
Bahruz Jabiyev (@BahruzJabiyev)
Anthony Gavazzi
Engin Kirda
Kaan Onarlioglu
Adi Peleg
Harvey Tuch
FRAMESHIFTER: Security Implications of HTTP/2-to-HTTP/1 Conversion Anomalies
HTTP Request Smuggling
DoS
Undisclosed
Bahruz Jabiyev (@BahruzJabiyev)
Steven Sprecher (@StevenSprecher)
Anthony Gavazzi
Tommaso Innocenti (@Innotommy)
Kaan Onarlioglu
Engin Kirda
Page 1 of 1
writeups.xyz
/
Anthony Gavazzi