# CVE-2023-44487 (HTTP/2 Rapid Reset)
There are some examples in this repo which are not tested completely to analyse the impact, but I just wanted to perform the concept of this attack `(starting many streams and immediately sending RST_STREAM frame to avoid reaching MAX_CONCURRENT_STREAMS)`.

# H2SpaceX
I use [H2SpaceX]( low level HTTP/2 library which I created for exploiting Single Packet Attack

# Examples

- There are 2 examples:
  - [Example 1](
    - Sending 10000 GET requests and sending RESET STREAM frames after each request immediately
  - [Example 2](
    - Sending 100000 POST requests (with single packet attack technique) which causes server to wait for last byte, and then sending RESET STREAM frame after each request
    - This Example also uses threading to open more H2 connections.

# Read & Do More

- Do More
  - You can read more about using [H2SpaceX]( to send raw frames.
  - [Quick Start Example for Single Packet Attack](
  - [H2Frames](
- Read More
  - [HTTP/2 Rapid Reset Attack by Cloudflare](
  - [Lots of References at](