Hunt cache poisoning vulnerabilities
hunt-cache-poisonskillsetup L1★1,791
elementalsouls/Claude-BugHunter ↗What it does
Hunting skill for cache poison vulnerabilities. Built
Best for
Use for hunting skill for cache poison vulnerabilities. built from 10 public bug bounty reports including x-forwarded-host poisoning, x-http-method-override / gcs cache, reflected→stored xss via cache, classic omer-gil web cache deception, cloudflare cache deception armor bypass, session-token cache deception, akamai hop-by-hop smuggling → server-side edge poisoning, and kettle's 2024 path-normalization wcd against cloudflare/fastly/gcp. use when hunting cache poisoning, web cache deception, cdn-fronted apps.
Inputs
- · target
- · test vectors
- · payloads
Outputs
- · vulnerability report
- · PoC code
- · impact assessment
Requires
- · curl
- · HTTP client
Preconditions
Required dependencies and environment setup — see body for details
Failure modes
See documentation for known limitations and edge cases
Trust signals
- · Skill: skill
- · Repository: elementalsouls/Claude-BugHunter