Collaborate Disseminate
The security team at my company has set a limit on the number of headers a HTTP request can contain (not header size, but an actual hard count limit on the number of headers).
A vendor has added a few headers for request tracing purposes, … Continue reading Is there a reason for a server-side limit on the number of HTTP headers allowed for each request?
I had a log from my web server like this
[28/Aug/2022:12:57:02] "GET / HTTP/1.0" 200 1684 "" "<title>(.*?)<\/title>"
What is this meaning and what exactly did the attacker want to do?
Continue reading What is <title>(.*?)<\/title> and how the attacker use that?
I have a pretty good understanding of HTTP Request Smuggling vulnerabilities but one thing I still need some clarification on is if they are domain/subdomain wide or directory wide?
Here’s what I mean: If HTTP Request Smuggling vulnerabili… Continue reading Is HTTP Request Smuggling domain/subdomain wide or directory wide?
There’s a website I have an account on, and I needed to change my username. They said they were unable to change that. I requested to just have my account deleted, and then I would create a new account with the same email (As the email I u… Continue reading Site "can’t" change username, why? [closed]
I have an Http web service running on IIS. The Http service will be exposed to the public internet, but only authenticated client requests will be processed by the web service. The service allows clients to write complex queries using quer… Continue reading Why is it a security concern to modify http.sys registry entries to allow web service to accept a longer query string?
I’m learning SSRF. I learnt that typing &x= kinda turn off the rest of an URL (like https://some.website.com/user?id=9&x=.website.com/api/item?id=9)
Everything that comes after the &x= part gets ignored. Why is that? Or, if it’… Continue reading What is the effect of the "&x=" in a SSRF? Is it something related to encoding?
I’m working on an assignment that I’m not sure how to approach. I have to emulate a network-attached storage server (NAS) with a possibly compromised server. In practice, I’m creating a local Laravel website to demonstrate security feature… Continue reading Transmission and storage of data on a compromised server
I know about the usual port sniffers and mass scanners that just pop up on any web server, but this one looks interesting to me.
I figured out so far that those requests aren’t really an issue for my Development Flask Webserver, but I am … Continue reading What is the intent behind these unknown HTTP Requests into my AWS Web Server?
I’m using Cloudflare and I want to protect my origin server from accepting any traffic that is not Cloudflare.
I was thinking to just IP whitelist https://www.cloudflare.com/ips/
However, I notice that they add/remove IPs every year or two… Continue reading Configure server to only accept traffic from Cloudflare [migrated]
I am using a public wifi network.
When I start a nodejs express server at my local system at port 3000, I can access that website on another device (that is connected to the same public wifi network) by going to the http://(private ip addr… Continue reading Can attacker gain access to my private network application through pivoting and/or lateral movement?