What security risks are involved in using older HTTP protocols such as HTTP/1.x that would justify upgrading to HTTP/2 or HTTP/3?

As of 2023, still many webservers support HTTP/1.0 and HTTP/1.1 while not supporting recent HTTP/2 and/or HTTP/3 protocols. I understand that newer HTTP versions offer various performance enhancements, but I’m particularly interested in th… Continue reading What security risks are involved in using older HTTP protocols such as HTTP/1.x that would justify upgrading to HTTP/2 or HTTP/3?

Establishing a reverse shell without any software tools like Netcat (by the server)

Has it ever happened or is it possible that just by configuring custom code on the attacker’s listener like with Python or any other programming language, if a victim just connects to it using TCP, a reverse shell can happen without the vi… Continue reading Establishing a reverse shell without any software tools like Netcat (by the server)