FlagThis

Abstract

This research explores "header smuggling," a technique where attackers exploit discrepancies in how front-end proxies and back-end servers interpret malformed HTTP headers. By utilizing specific mutations—such as adding whitespace or junk characters to header names—attackers can sneak unauthorized headers past security controls like WAFs and load balancers. The talk demonstrates critical impacts including IP restriction bypasses in AWS API Gateway, rate-limit circumvention in AWS Cognito, and large-scale cache poisoning via CDN manipulation. It provides a black-box detection methodology and actionable defense strategies for modern web architectures.