This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Learn to Defend Against HTTP Desync Attacks at Black Hat USA
Save the Date: Black Hat USA returns to the Mandalay Bay in Las Vegas August 3-8.
Black Hat USA is returning to the Mandalay Bay Convention Center in Las Vegas this August, and it's already shaping up to be one of our best events yet!
This is a premier opportunity to learn about the latest cybersecurity threats, research and trends firsthand. In a newly-confirmed Black Hat USA Briefing on HTTP Desync Attacks: Smashing into the Cell Next Door, security researcher James Kettle will introduce techniques remote, unauthenticated attackers can use to splice their HTTP requests into others.
Using examples from his own case studies, Kettle will show you how attackers delicately amend victim's requests to route them into malicious territory, invoke harmful responses, and steal credentials. Although documented over a decade ago, Kettle believes this is an attack for which the Internet is unprepared. If you come to this Briefing he'll help you tackle this legacy by sharing a refined methodology and open source tooling for black-box detection, assessment and exploitation with minimal risk of collateral damage. These will be developed from core concepts, ensuring you leave equipped to devise your own desync techniques and tailor (or thwart) attacks against your target of choice.
You can find more details about this Briefing and many others over on the Black Hat USA Briefings page, which is regularly updated with new content.
Black Hat USA will return to the Mandalay Bay in Las Vegas August 3-8, 2019. For more information on what's happening at the event and how to register, check out the Black Hat website.