HTTP Response Smuggling

HTTP Response Smuggling is a technique that attackers use to manipulate and inject malicious content in the form of unauthorized HTTP responses, into a single HTTP response from a vulnerable or compromised back-end HTTP agent.

In the maliciously manipulated HTTP response, an attacker can add duplicate header fields that HTTP agents interpret as belonging to separate responses. The combined HTTP response ends up being parsed or interpreted as two or more HTTP responses by the targeted client HTTP agent. This allows malicious HTTP responses to bypass security controls.

Research

Hacker’s Almanac Series II: Tactics, Techniques and Procedures

This is part two of a three part field guide to understanding cybercriminals/threat actors and their tactics, techniques and procedures.

Research

Hacker’s Almanac

A field guide to understanding and applying threat intelligence for a modern security strategy

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
CyberPedia

HTTP Response Smuggling

Hacker’s Almanac Series II: Tactics, Techniques and Procedures

Hacker’s Almanac

Contact Radware Sales

Already a Customer?

Get Social

By Industry

By Use Case

Application Protection

DDoS Protection

Application Delivery

Application Protection

DDoS Protection

Application Delivery

Protect Your Website From Dangerous Bad Bots

Documents

Blog

Free Assessment Tools

Events

Security Research Center

WHY RADWARE? Learn how Radware EPIC-AI™ rapidly resolves issues

CUSTOMERS Read case studies, reviews and customer testimonials

DIVERSITY & INCLUSION Get to know Radware’s fair and supportive culture

INVESTORS Get the latest news, earnings and upcoming events

PARTNERS Access the new partner tools, services and expertise

LOCATIONS Discover Radware’s offices and strong global presence

CAREERS Learn about our team, values and latest job openings

TRAINING Join in-depth training, live classes, workshops and more

CONTACT US Connect with a Radware expert today

Watch Radware’s New Series: Threat Bytes

HTTP Response Smuggling

Hacker’s Almanac Series II: Tactics, Techniques and Procedures

Hacker’s Almanac

Contact Radware Sales

Already a Customer?

Get Social

What are you looking for?

Protect Your Website From Dangerous Bad Bots

WHY RADWARE? Learn how Radware EPIC-AI™ rapidly resolves issues

CUSTOMERS Read case studies, reviews and customer testimonials

DIVERSITY & INCLUSION Get to know Radware’s fair and supportive culture

INVESTORS Get the latest news, earnings and upcoming events

PARTNERS Access the new partner tools, services and expertise

LOCATIONS Discover Radware’s offices and strong global presence

CAREERS Learn about our team, values and latest job openings

TRAINING Join in-depth training, live classes, workshops and more

CONTACT US Connect with a Radware expert today

Watch Radware’s New Series: Threat Bytes