W-PARSER-DIFFERENTIALDefense Evasion

Parser Differential

Frontend, backend, and WAF parse the request differently (URL normalization, HTTP body framing) — payload survives one parser, hits another.

§ Where this technique fits

W-PARSER-DIFFERENTIAL is catalogued under the Defense Evasion tactic of the offensive-security kill-chain. It appears in 1 approved dossier in the registry, typically at step 1 on average.

§ Dossiers chaining this technique

HTTP request smuggling (CL.TE) → admin panel bypass
Frontend uses Content-Length, backend uses Transfer-Encoding. Smuggle a request whose path bypasses the frontend's authentication checks.
step 1 / 6

§ What commonly comes next

01
HTTP Request Smuggling — CL.TE
W-REQUEST-SMUGGLE-CLTE · Impact
seen 1×

§ Where this technique fits

§ Dossiers chaining this technique

HTTP request smuggling (CL.TE) → admin panel bypass

§ What commonly comes next