- Wtf is HTTP Request Smuggling?
- Fuzzing for XSS (cross-side scripting) via nested parsers
- HTTP smuggling via higher HTTP versions
- Practical HTTP header smuggling
- JSON interoperability vulnerabilities
- Cache poisoning at scale
- Hidden OAuth attack vectors
- Includes enumaration, session poisoning and SSRF (server-side request forgery)
- Exploiting client-side prototype pollution in the wild
- A new attack surface on MS Exchange
- HTTP/2: the sequel is always worse
- Dependency confusion
Inspired by many lectures, articles and talks, so below is a list of some sources.