all InfoSec news
Detect Web Cache Deception vulnerabilities
Dec. 23, 2022, 12:37 p.m. | /u/mgoli97
cybersecurity www.reddit.com
This tool is an automated crawler that detects Web Cache Deception vulnerabilities in websites in a black-box manner by simply providing the domain name. Optionally, you can provide authentication cookies in a JSON file to perform the tests in an authenticated way.
We used this tool to perform a large-scale analysis on the Alexa Top 10k and found more than 1k vulnerable sites. You can find the results in our paper [Web Cache Deception Escalates!](https://www.usenix.org/conference/usenixsecurity22/presentation/mirheidari). We were able to …
More from www.reddit.com / cybersecurity
Creating a breach search website?
14 hours ago |
www.reddit.com
Is it normal to see your tools lie?
16 hours ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC
@ SAP | Dublin 24, IE, D24WA02
Product Security Response Engineer
@ Intel | CRI - Belen, Heredia
Application Security Architect
@ Uni Systems | Brussels, Brussels, Belgium
Sr Product Security Engineer
@ ServiceNow | Hyderabad, India
Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)
@ FiscalNote | United Kingdom (UK)