commit
e552d8ebfe
@ -106,6 +106,11 @@ X-Host: attacker.com
|
|||||||
|
|
||||||
Learn here about how to perform [Cache Poisoning attacks abusing HTTP Request Smuggling](http-request-smuggling/#using-http-request-smuggling-to-perform-web-cache-poisoning).
|
Learn here about how to perform [Cache Poisoning attacks abusing HTTP Request Smuggling](http-request-smuggling/#using-http-request-smuggling-to-perform-web-cache-poisoning).
|
||||||
|
|
||||||
|
## Automated testing for Web Cache Poisoning
|
||||||
|
The [Web Cache Vulnerability Scanner](https://github.com/Hackmanit/Web-Cache-Vulnerability-Scanner) can be used to test automated for web cache poisoning. It supports many different techniques and is highly customizable.
|
||||||
|
|
||||||
|
Example usage: `wcvs -u example.com`
|
||||||
|
|
||||||
# Cache Deception
|
# Cache Deception
|
||||||
|
|
||||||
The goal of Cache Deception is to make clients **load resources that are going to be saved by the cache with their sensitive information**.
|
The goal of Cache Deception is to make clients **load resources that are going to be saved by the cache with their sensitive information**.
|
||||||
|
Loading…
Reference in New Issue
Block a user