Web Cache Deception is a vulnerability that occurs when an attacker tricks a web server into caching pages with different content under the same URL. This can lead to a variety of attacks, such as accessing sensitive user data or performing unauthorized actions.
- Clone this repository
git clone https://github.com/zAbuQasem/web-cache-deception.git- Run
docker-compose up --build- Access the application
firefox -new-tab http://127.0.0.1:5000/index.php- https://gosecure.github.io/presentations/2019-02-26-confoo_mtl/Cache_Me_If_You_Can.pdf
- http://omergil.blogspot.com/2017/02/web-cache-deception-attack.html
- https://www.blackhat.com/docs/us-17/wednesday/us-17-Gil-Web-Cache-Deception-Attack-wp.pdf
- https://book.hacktricks.xyz/pentesting-web/cache-deception#cache-deception
- https://bxmbn.medium.com/how-i-test-for-web-cache-vulnerabilities-tips-and-tricks-9b138da08ff9