HTTP/1.1 Must Die: What This Means for Bug Bounty Hunters
ATT&CK techniques detected
T1588.006Vulnerabilities
70%
"http / 1. 1 must die : what this means for bug bounty hunters research academy my account customers about blog careers legal contact resellers attack surface visibility improve security posture, prioritize manual testing, free up time. ci - driven scanning more proactive security…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
45%
"regex - based defenses don ' t cut it when the flaw is buried in protocol - level behavior. one of the best findings came from a simple mistake that turned into control over 24 million websites via a cdn cache poisoning. - dive into the whitepaper the 2025 whitepaper is packed wi…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
44%
"center at black hat usa and defcon 2025, portswigger ' s director of research, james kettle, issued a stark warning : request smuggling isn ' t dying out, it ' s evolving and thriving. despite years of defensive efforts, new research unveiled by kettle proves that http request sm…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
At Black Hat USA and DEFCON 2025, PortSwigger's Director of Research, James Kettle, issued a stark warning: request smuggling isn't dying out, it's evolving and thriving. Despite years of defensive ef