Abstract:
HTTP Headers are an often overlooked, though very powerful way to improve the security of your application. We’ll take a look at what headers can be used to find vulnerabilities in your site, look at some examples I’ve seen while scanning thousands of sites, and demo a live scan of a site.