This talk explains how I discovered an Apache reverse proxy vulnerability. It describes how to bypass an existing patch to create a new PoC and provides a glimpse into discovering new vulnerabilities. It describes the tools that went behind discovering the new vulnerability and constructing a PoC to exploit it.