This is a comprehensive playbook for exploiting cache layer vulnerabilities, split into two attack classes: cache deception (tricking a CDN into caching authenticated user data so attackers can retrieve it) and cache poisoning (injecting malicious content via unkeyed headers like X-Forwarded-Host). The methodology is thorough, covering path confusion tricks, CDN-specific behaviors across Cloudflare and Akamai, and normalization mismatches between proxies and applications. Use this when testing applications behind CDNs or reverse proxies where routing logic might treat /account/profile and /account/profile/x.css differently. The testing checklist and real-world patterns (especially the semicolon path separator tricks) make this immediately actionable for security assessments.
npx skills add https://github.com/yaklang/hack-skills --skill web-cache-deception