HTTP Headers are the least protected areas in a Web Application. Nathan will discuss weaknesses with current HTTP Header Security, and will demonstrate techniques to bypass HTTP Header Security Controls. During the presentation, Nathan will also dissect, analyze, and educate the audience on advanced HTTP Header Attack Payloads. A live demonstration will be performed during the presentation.