Utilizing a blend of header smuggling and header fuzzing, sophisticated HTTP attack techniques can effectively deliver DDoS payloads, either by evading detection by Web Application Firewalls (WAFs) or by targeting the WAF-encoders themselves
New TTP allows booterservice to mitigate GeoFencing
a comparison of HTTP/2 RapidReset vector-potential vs established vectors: IoT/HTTP/2 Multiplexing
zeroBS continuously collects informations and status reports on the subject of infrastructure and application security vs DDoS-Threats and showcases an condensed overview of trends and developments.
A comparison of IoT-Bots, Pseudobrowsers and Browserbots used in Layer-7-DDoS-Attacks