web-cache-deception
OfficialMaster web cache deception and poisoning tactics.
Authoryaklang
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Web cache deception and poisoning threaten to leak authenticated data or serve malicious content through CDN edges. This playbook helps security professionals identify, reason about, and defend against these caching vulnerabilities in real-world deployments.
Core Features & Use Cases
- Clear distinction between web cache deception and cache poisoning, with attack-flow mappings.
- Coverage of unkeyed inputs (headers like X-Forwarded-Host, X-Original-URL), unkeyed parameters, fat GETs, Vary header manipulation, and CDN-specific behaviors.
- Practical testing, defense recommendations, and remediation steps for dynamic sites and APIs.
Quick Start
Load this playbook and begin applying the techniques to assess and remediate a target cache deployment.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: web-cache-deception Download link: https://github.com/yaklang/hack-skills/archive/main.zip#web-cache-deception Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.