Expanded Library

Web App Hacking: Caching Problems

by Dawid Czagan

Caching problems can lead to very severe consequences. This course will teach you different types of problems, common mistakes, and countermeasures related to cache processing in modern web applications.

Preview this course

What you'll learn

Caching problems are underestimated by developers and security engineers. In this course, Web App Hacking: Caching Problems, you'll learn why this subject is important and how severe consequences can happen as a result of caching problems. First, you'll see that sensitive data from your web application can be exposed to everyone on the Internet as a result of Google Caching. Next, you'll discover how your password can be cached in plaintext as a result of cacheable HTTPS responses. After that, you'll see how credit card data can be insecurely processed in terms of cache. Then, you'll learn why sensitive data should never be sent in the URL. Finally, you'll explore how the caching problems, that are discussed in this course, are related to industry best practices. By the end of the course, you'll know how to test web applications for different types of caching problems.

Table of contents

Course Overview
2mins
Introduction
5mins
Google Caching
8mins
Cacheable HTTPS Responses
10mins
Caching of Credit Card Data
7mins
Sensitive Data in the URL
6mins
Industry Best Practices
7mins
Summary
5mins

About the author

Dawid Czagan

Dawid Czagan is listed among the Top 10 Hackers by HackerOne. He has found security vulnerabilities in Google, Yahoo, Mozilla, Microsoft, Twitter, and other companies. Due to the severity of these bugs, he has received numerous awards for his findings.

See more courses by Dawid Czagan

Trending courses

Linux: System Security (LPIC-2)

Linux: System Security (LPIC-2)

by Andrew Mallett
  • 3h 6m Duration
  • Intermediate Skills Level
  • (16)
Expanded
Information Systems Auditor: Operations, Maintenance, and Service

Information Systems Auditor: Operations, Maintenance, and Service

by Kevin Henry
  • 3h 6m Duration
  • Intermediate Skills Level
  • (12)
Expanded
Network Interface Layer and Ethernet Operation for Cisco CCNA 200-125/100-105

Network Interface Layer and Ethernet Operation for Cisco CCNA 200-125/100-105

by Ross Bagurdes
  • 3h 5m Duration
  • Intermediate Skills Level
  • (53)
Building Packet Tracer Labs for CCNA Study: Fundamentals

Building Packet Tracer Labs for CCNA Study: Fundamentals

by Ross Bagurdes
  • 5h 20m Duration
  • Intermediate Skills Level
  • (12)
STP and EtherChannel Operation and Configuration

STP and EtherChannel Operation and Configuration

by Ross Bagurdes
  • 2h 46m Duration
  • Intermediate Skills Level
  • (14)
SCCM Current Branch: Deploy Clients and Manage Inventory

SCCM Current Branch: Deploy Clients and Manage Inventory

by Greg Shields
  • 3h 15m Duration
  • Intermediate Skills Level
  • (27)
SCCM Current Branch: Deploy and Maintain Operating Systems

SCCM Current Branch: Deploy and Maintain Operating Systems

by Greg Shields
  • 4h 15m Duration
  • Intermediate Skills Level
  • (20)
Managing Software in Linux with Debian Software Management

Managing Software in Linux with Debian Software Management

by Andrew Mallett
  • 1h 58m Duration
  • Beginner Skills Level
  • (23)
Conducting Passive Reconnaissance for CompTIA PenTest+

Conducting Passive Reconnaissance for CompTIA PenTest+

by Dale Meredith
  • 3h 1m Duration
  • Beginner Skills Level
  • (33)
Securing the Switch

Securing the Switch

by Ross Bagurdes
  • 2h 25m Duration
  • Intermediate Skills Level
  • (13)
Ready to upskill? Get started