View Issue Details

IDProjectCategoryView StatusLast Update
0007531Kali Linux[All Projects] New Tool Requestspublic2022-01-12 10:47 Assigned To 
Status newResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0007531: Web Cache Vulnerability Scanner (WCVS) is a fast and versatile CLI scanner for web cache poisoning
Description[Name] - Web Cache Vulnerability Scanner (WCVS)

[Version] - 1.0.0 or newer if available

[Homepage] -

[Download] -

[Author] -

[Licence] - Apache 2.0

[Description] - The scanner supports many different web cache poisoning techniques, includes a crawler to identify further URLs to test, and can adapt to a specific web cache for more efficient testing. It is highly customizable and can be easily integrated into existing CI/CD pipelines.

[Dependencies] - A standalone binary can be compiled with go

[Similar tools] - The burp suite plugin "Param Miner" comes nearest to it, however doesn't support all features and web cache poisoning techniques that

[Activity] - It is actively deployed and what started April 2021

[How to install] - Compile a binary yourself using go >= 1.16 or use a precompiled binary from the release page

Go version >= 1.17: go install -v
Go version <= 1.16: go get -u

[How to use] - What are some basic commands/functions to demonstrate it?
Scan for web cache poisoning using a specified header and parameter wordlist:
wcvs -u -hw "file:/home/user/Documents/wordlist-header.txt" -pw "file:/home/user/Documents/wordlist-parameter.txt"

Generate a JSON report while scanning:
wcvs -u -hw "file:/home/user/Documents/wordlist-header.txt" -pw "file:/home/user/Documents/wordlist-parameter.txt" -gr

Route the traffic through a proxy (e.g. Burp Suite)
wcvs -u -hw "file:/home/user/Documents/wordlist-header.txt" -pw "file:/home/user/Documents/wordlist-parameter.txt" -ppath /home/user/Documents/cacert.pem -purl

[Packaged] - No



2022-01-12 10:47

reporter   ~0015628


Issue History

Date Modified Username Field Change
2022-01-10 14:59 New Issue
2022-01-12 10:47 antbhlk Note Added: 0015628