Ethan Henderson

Based in San Jose, CA. Eight years in cybersecurity, six in computer science -- most of it spent at the intersection of network and systems engineering, design, and security. I care about how systems actually behave, not just how they're supposed to.

parlov grew out of work on httprift -- a state engine for detecting and exploiting HTTP desync vulnerabilities by tracking diffs across the request/response lifecycle. Watching servers leak state through correct RFC behavior was interesting enough that it became its own project. parlov is that project: a systematic tool for observing what a well-behaved server quietly reveals.

Links

• gnu.foo — internal repo for thoughts, tools, and APIs — this is just where parlov runs
• gtfo.dev — source
• blog.gtfo.dev — writing