all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Detect Web Cache Deception vulnerabilities

Add to bookmarks
Dec. 23, 2022, 12:37 p.m. | /u/mgoli97

cybersecurity www.reddit.com

[https://github.com/Golim/wcde](https://github.com/Golim/wcde)

This tool is an automated crawler that detects Web Cache Deception vulnerabilities in websites in a black-box manner by simply providing the domain name. Optionally, you can provide authentication cookies in a JSON file to perform the tests in an authenticated way.

We used this tool to perform a large-scale analysis on the Alexa Top 10k and found more than 1k vulnerable sites. You can find the results in our paper [Web Cache Deception Escalates!](https://www.usenix.org/conference/usenixsecurity22/presentation/mirheidari). We were able to …

cache cybersecurity deception vulnerabilities web web cache

Visit resource

More from www.reddit.com / cybersecurity

CISA Releases Fact Sheet on Defending OT Environments 8 hours ago | www.reddit.com
cisa cybersecurity defending environments +3
For those actively in the job market and having trouble, what specifically is the hardest … 9 hours ago | www.reddit.com
bad current cybersecurity experience +9
Dropbox Says Hackers Breached Digital-Signature Product 10 hours ago | www.reddit.com
breached cybersecurity digital dropbox +3
Creating a breach search website? 14 hours ago | www.reddit.com
breach breached breaches companies +11
Is it normal to see your tools lie? 16 hours ago | www.reddit.com
alert cybersecurity dig expect +10
Remediation Timelines for different types of Network Devices 16 hours ago | www.reddit.com
best practices business business continuity challenges +16
Need to vent. Mantrap to be used as auxiliary office… 20 hours ago | www.reddit.com
cybersecurity intern key leadership +7
DNS + Webfiltering solution(s) 20 hours ago | www.reddit.com
cybersecurity dns don love +8
Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks 20 hours ago | www.reddit.com
compromised cybercriminals cybersecurity nation +6

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC

@ SAP | Dublin 24, IE, D24WA02
View on infosec-jobs.com

Product Security Response Engineer

@ Intel | CRI - Belen, Heredia
View on infosec-jobs.com

Application Security Architect

@ Uni Systems | Brussels, Brussels, Belgium
View on infosec-jobs.com

Sr Product Security Engineer

@ ServiceNow | Hyderabad, India
View on infosec-jobs.com

Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)

@ FiscalNote | United Kingdom (UK)
View on infosec-jobs.com
View more jobs