- Joined
- Jan 8, 2019
- Messages
- 56,602
- Solutions
- 2
- Reputation
- 32
- Reaction score
- 100,445
- Points
- 2,313
- Credits
- 32,540
6 Years of Service
76%
Web Cache Vulnerability Scanner
Web Cache Vulnerability Scanner (WCVS) is a fast and versatile CLI scanner for web cache poisoning developed by Hackmanit.
The scanner supports many different web cache poisoning techniques, includes a crawler to identify further URLs to test, and can adapt to a specific web cache for more efficient testing. It is highly customizable and can be easily integrated into existing CI/CD pipelines.
Features
Support for 9 web cache poisoning techniques:
Unkeyed header poisoning
Unkeyed parameter poisoning
Parameter cloaking
Fat GET
HTTP response splitting
HTTP request smuggling
HTTP header oversize (HHO)
HTTP meta character (HMC)
HTTP method override (HMO)
Analyzing a web cache before testing and adapting to it for more efficient testing
Generating a report in JSON format
Crawling websites for further URLs to scan
Routing traffic through a proxy (e.g., Burp Suite)
Limiting requests per second to bypass rate limiting