BestHub
Sign in
Tag

Cache Poisoning

0 views collected around this technical thread.

vivo Internet Technology
vivo Internet Technology
Mar 8, 2023 · Information Security

Web Cache Poisoning and HTTP Request Smuggling: Principles, Attack Scenarios, and Defenses

The article explains how misconfigured caches and inconsistent front‑end/back‑end parsing enable web cache poisoning and HTTP request smuggling attacks, illustrates practical exploitation scenarios, and recommends disabling caching, unifying request‑boundary logic, and adopting HTTP/2 or strict configurations to defend against these high‑impact threats.

Cache PoisoningDefense StrategiesHTTP Request Smuggling
0 likes · 16 min read
Web Cache Poisoning and HTTP Request Smuggling: Principles, Attack Scenarios, and Defenses
Laravel Tech Community
Laravel Tech Community
Feb 6, 2022 · Information Security

Understanding and Exploiting HTTP Host Header Attacks

This article explains the purpose of the HTTP Host header, how Host header attacks arise when the header is trusted or altered, demonstrates exploitation techniques such as modifying, duplicating, or injecting alternative header fields, and provides mitigation strategies to protect web applications.

Attack TechniquesCache PoisoningHTTP Host Header
0 likes · 19 min read
Understanding and Exploiting HTTP Host Header Attacks
System Architect Go
System Architect Go
Mar 6, 2021 · Information Security

Understanding and Exploiting HTTP Host Header Attacks

This article explains how misconfigured HTTP Host headers can be abused for attacks such as cache poisoning, SSRF, password‑reset poisoning and other server‑side exploits, and provides practical detection methods and defensive recommendations for developers and security engineers.

Cache PoisoningHTTPHost header
0 likes · 26 min read
Understanding and Exploiting HTTP Host Header Attacks
Baidu Tech Salon
Baidu Tech Salon
Aug 6, 2014 · Information Security

Security Risks of Traditional vs. Fancy Login Boxes: HTTPS, XSS, and Cache Poisoning

While traditional login pages that redirect to HTTPS offer limited protection, modern floating login boxes embedded in insecure HTTP pages expose users to HTTPS‑downgrade attacks, XSS hijacking, and cache‑poisoning that can harvest credentials, making full‑site HTTPS the only reliable defense.

Cache PoisoningHTTPSLogin Forms
0 likes · 12 min read
Security Risks of Traditional vs. Fancy Login Boxes: HTTPS, XSS, and Cache Poisoning
Baidu Tech Salon
Baidu Tech Salon
Apr 15, 2014 · Information Security

Web Traffic Hijacking: Risks, Techniques, and Defenses

Web traffic hijacking exploits the plaintext nature of HTTP to inject malicious scripts, steal cookies and saved passwords, poison caches or offline storage, bypass HTTPS redirects, and even compromise downloads, making unauthenticated browsing, auto‑fill features, and public Wi‑Fi especially dangerous without proper defenses.

Cache PoisoningHTTPSInformation Security
0 likes · 27 min read
Web Traffic Hijacking: Risks, Techniques, and Defenses