Dark Reading

Researcher Details Vulnerabilities Found in AWS API Gateway

BLACK HAT EUROPE 2021 — London — All it took was a space between characters and a few random letters, and Web researcher Daniel Thatcher was able to modify the HTTP header sent to Amazon API Gateway.
Dark Reading

Free Tool Scans Web Servers for Vulnerability to HTTP Header-Smuggling Attacks

A researcher has created a method for testing and identifying how HTTP/HTTPS headers can be abused to sneak malicious code into back-end servers. Daniel Thatcher, researcher and penetration tester at ...