James Kettle
@jameskettle.com
Have you done all the Web Security Academy labs? These are key.
October 11, 2025 at 9:24 AM
Have you done all the Web Security Academy labs? These are key.
This might be because there are separate connection pools for with-cookies and without to prevent fingerprinting. It's detailed briefly here: portswigger.net/research/bro...
Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling
The recent rise of HTTP Request Smuggling has seen a flood of critical findings enabling near-complete compromise of numerous major websites. However, the threat has been confined to attacker-accessib
portswigger.net
October 2, 2025 at 8:15 AM
This might be because there are separate connection pools for with-cookies and without to prevent fingerprinting. It's detailed briefly here: portswigger.net/research/bro...