t0xodile
diff --git a/‎_posts/2025-09-19-how-to-join-the-desync-endgame.md‎
Lines changed: 15 additions & 0 deletions b/‎_posts/2025-09-19-how-to-join-the-desync-endgame.md‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎assets/http1mustdie2.webp‎
5.87 KB b/‎assets/http1mustdie2.webp‎
5.87 KB
@@ -0,0 +1,15 @@
+---
+title: "How to join the desync endgame"
+date: 2025-09-19
+categories: [Thoughts]
+tags: [bug-bounty]
+image: ../assets/http1mustdie2.webp
+---
+
+[Blog](https://portswigger.net/blog/how-to-join-the-desync-endgame-practical-tips-from-pentester-tom-stacey)
+
+I had the awesome oppertunity to head to DEFCON 33 this year with some help from Portswigger! As a result of the trip, I also got the chance to absolutely nerd out about their latest research paper [HTTP/1 must die: The desync endgame](https://http1mustdie.com) on their blog. The post covers how to get stuck in with desync vulnerabilities as a pentester or a bug bounty hunter. In particular, how to adapt the [HTTP Request Smuggler extension](https://github.com/PortSwigger/http-request-smuggler) in order to find novel desync attacks. 
+
+
+
+