← Back to All Scanners
Advanced AttacksCritical Severity

Request Smuggling - TE.TE Scanner

Identifies TE.TE request smuggling through header obfuscation.

Try This Scanner

What is Request Smuggling - TE.TE?

TE.TE request smuggling exploits differences in how servers handle malformed or obfuscated Transfer-Encoding headers. Both servers support TE, but attackers use variations (extra spaces, different cases, duplicate headers) that one server processes and the other ignores, causing parsing desynchronization.

Why is This Important?

TE.TE attacks expand the smuggling attack surface. Even when both servers prefer Transfer-Encoding, subtle differences in header parsing can be exploited. This makes request smuggling relevant to more infrastructure combinations and harder to prevent with simple configuration changes.

How It Works

1. Attack Surface Mapping

Identifies complex attack vectors including race conditions, desync points, and logic flaws in your application.

2. Advanced Exploitation

Executes sophisticated attack techniques that bypass traditional security controls and detection mechanisms.

3. Impact Assessment

Demonstrates real-world impact with detailed exploitation chains and business risk analysis.

Key Capabilities

Expert-level security testing for sophisticated vulnerabilities that evade traditional scanning tools.

  • Race condition and timing attack detection
  • Request smuggling and desync analysis
  • Business logic flaw identification
  • Chained exploit development
  • Protocol-level vulnerability testing

Frequently Asked Questions

What obfuscation techniques work for TE.TE?

Techniques include: Transfer-Encoding: xchunked, Transfer-Encoding: chunked with extra spaces, Transfer-Encoding: chunked (tab), X: ignored Transfer-Encoding: chunked, multiple TE headers, mixed case (Transfer-ENCODING), and null bytes or other special characters.

Why do servers parse these headers differently?

HTTP specifications have edge cases. Servers implement parsers differently: some are lenient, others strict. Some process the first header, others the last. Some ignore unrecognized variations, others treat them as valid. These small differences enable exploitation.

How do I test for TE.TE vulnerabilities?

Testing requires trying many header variations systematically. Tools like Burp's HTTP Request Smuggler automate this. Test each obfuscation against your specific front-end/back-end combination, as vulnerabilities are infrastructure-specific.

How do I prevent TE.TE attacks?

Prevention: standardize all HTTP components to the same software/version, implement strict header parsing at the edge (reject malformed headers), use HTTP/2 which has different framing, regularly test with smuggling tools, and consider normalizing headers at the front-end.

Related Scanners

Race Condition - TOCTOUHigh
Learn more →
Race Condition - Limit BypassMedium
Learn more →
Race Condition - Double SpendCritical
Learn more →
Request Smuggling - CL.TECritical
Learn more →

Ready to secure your application?

Start testing for request smuggling - te.te vulnerabilities today.

Get Started Free