SlideShare a Scribd company logo

Web Cache Deception Attack

Download as PPTX, PDF
O
Omer Gil

This document describes a web cache deception attack where an attacker can exploit how web servers and caching mechanisms handle requests for non-existent files. Specifically, if a request is made for a page plus a non-existent file extension, like http://www.example.com/account.php/stylesheet.css, some systems will return the content of the page rather than a 404. This allows an authenticated user's private page to be cached and then accessed by an attacker. The document provides examples of frameworks like Django and servers like IIS that can be exploited this way. It also discusses how caching services like Cloudflare have addressed this issue. Mitigations are proposed like only caching files if headers allow it and returning 302/404

Technology
1 of 41
WEB CACHE DECEPTION ATTACK Omer Gil
No SID
About me • Omer Gil • 28 • Married + Java • PT team leader at EY • Student @omer_gil omergil.blogspot.com
About caching
About caching CDN
About caching CDN
About caching CDN
About caching Load Balancer
About caching Load Balancer
About caching Load Balancer
About caching Load Balancer
About caching Reverse Proxy DMZ
About caching Reverse Proxy DMZ
About caching Stylesheet.css https://www.example.com/stylesheet.css
About caching Stylesheet.css https://www.example.com/stylesheet.css Stylesheet.css
About caching https://www.example.com/stylesheet.css Stylesheet.css
About caching https://www.example.com/stylesheet.css Stylesheet.cssStylesheet.css
/nonexistent.css Servers’ reactions http://www.example.com/account.php account.php The Spanner: http://www.thespanner.co.uk/2014/03/21/rpo/ XSS Jigsaw: http://blog.innerht.ml/page/2/
Servers’ reactions account.php /nonexistent.csshttp://www.example.com/account.php
Getting down to business “Hey, access https://www.bank.com/account.do/stylesheet.css” WAF!
Getting down to business The user browses to https://www.bank.com/account.do/stylesheet.css
Getting down to business https://www.bank.com/account.do/stylesheet.css returns with the content of account.do and the private page is cached
Getting down to business The attacker browses to https://www.bank.com/account.do/stylesheet.css and gets the content of the user’s account.do page
Getting down to business The attacker browses to https://www.bank.com/account.do/stylesheet.css and gets the content of the user’s account.do page
Demo
Conditions • Web cache functionality is set for the web application to cache static files based on their extensions, disregarding any caching header. • When accessing a page like http://www.example.com/home.php/nonexistent.css, the web server will return the content of home.php for that URL. • Victim has to be authenticated while accessing the triggering URL.
Why the HELL #1 would a web application react like this?
Why the HELL #1 Django: http://www.sampleapp.com/inbox/
Why the HELL #1 Django: http://www.sampleapp.com/inbox/test.css urls.py
Why the HELL #1 Django: urls.py http://www.sampleapp.com/inbox.css
Why the HELL #1 Django: http://www.sampleapp.com/inbox/test.css urls.py
Why the HELL #2 would a caching mechanism react like this?
Why the HELL #2 IIS ARR:
Why the HELL #2 IIS ARR: http://www.sampleapp.com/welcome.php/test.css
Why the HELL #2 IIS ARR: http://www.sampleapp.com/welcome.php/test.css
Why the HELL #2 Cloudflare: • Eligibility phase class, css, jar, js, jpg, jpeg, gif, ico, png, bmp, pict, csv, doc, docx, xls, xlsx, ps, pdf, pls, ppt, pptx, tif, tiff, ttf, otf, webp, woff, woff2, svg, svgz, eot, eps, ejs, swf, torrent, midi, mid https://blog.cloudflare.com/understanding-our-cache-and-the-web-cache-deception-attack/ https://blogs.akamai.com/2017/03/on-web-cache-deception-attacks.html
Why the HELL #2 Cloudflare: • Disqualification phase ‘Edge cache expire TTL’ to the rescue!
Why the HELL #2 Cloudflare: https://blog.cloudflare.com/edge-cache-expire-ttl-easiest-way-to-override/
Mitigation • Only cache files if their HTTP caching headers allow • Store all static files in a designated directory • Cache files by their content type • Don’t accept this! http://www.example.com/home.php/non-existent.css. Return 302 or 404 instead
THANKS @omer_gil Icon vectors created by Freepik.com omergil.blogspot.com

Recommended

SSRF For Bug Bounties
SSRF For Bug BountiesSSRF For Bug Bounties
SSRF For Bug BountiesOWASP Nagpur
 
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ BehaviourWAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ BehaviourSoroush Dalili
 
Охота на уязвимости Hadoop
Охота на уязвимости HadoopОхота на уязвимости Hadoop
Охота на уязвимости HadoopPositive Hack Days
 
Emv chip software Writer/Reader ( CHIPSO EMV)
Emv chip software Writer/Reader ( CHIPSO EMV)Emv chip software Writer/Reader ( CHIPSO EMV)
Emv chip software Writer/Reader ( CHIPSO EMV)chipso emv
 
Neat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protectionNeat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protectionMikhail Egorov
 
Waf bypassing Techniques
Waf bypassing TechniquesWaf bypassing Techniques
Waf bypassing TechniquesAvinash Thapa
 
[cb22] Lets Dance in the Cache Destabilizing Hash Table on Microsoft IIS by O...
[cb22] Lets Dance in the Cache Destabilizing Hash Table on Microsoft IIS by O...[cb22] Lets Dance in the Cache Destabilizing Hash Table on Microsoft IIS by O...
[cb22] Lets Dance in the Cache Destabilizing Hash Table on Microsoft IIS by O...CODE BLUE
 
XSS Magic tricks
XSS Magic tricksXSS Magic tricks
XSS Magic tricksGarethHeyes
 

Recommended

SSRF For Bug Bounties
SSRF For Bug BountiesSSRF For Bug Bounties
SSRF For Bug BountiesOWASP Nagpur
 
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ BehaviourWAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ BehaviourSoroush Dalili
 
Охота на уязвимости Hadoop
Охота на уязвимости HadoopОхота на уязвимости Hadoop
Охота на уязвимости HadoopPositive Hack Days
 
Emv chip software Writer/Reader ( CHIPSO EMV)
Emv chip software Writer/Reader ( CHIPSO EMV)Emv chip software Writer/Reader ( CHIPSO EMV)
Emv chip software Writer/Reader ( CHIPSO EMV)chipso emv
 
Neat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protectionNeat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protectionMikhail Egorov
 
Waf bypassing Techniques
Waf bypassing TechniquesWaf bypassing Techniques
Waf bypassing TechniquesAvinash Thapa
 
[cb22] Lets Dance in the Cache Destabilizing Hash Table on Microsoft IIS by O...
[cb22] Lets Dance in the Cache Destabilizing Hash Table on Microsoft IIS by O...[cb22] Lets Dance in the Cache Destabilizing Hash Table on Microsoft IIS by O...
[cb22] Lets Dance in the Cache Destabilizing Hash Table on Microsoft IIS by O...CODE BLUE
 
XSS Magic tricks
XSS Magic tricksXSS Magic tricks
XSS Magic tricksGarethHeyes
 
Live Hacking like a MVH – A walkthrough on methodology and strategies to win big
Live Hacking like a MVH – A walkthrough on methodology and strategies to win bigLive Hacking like a MVH – A walkthrough on methodology and strategies to win big
Live Hacking like a MVH – A walkthrough on methodology and strategies to win bigFrans Rosén
 
Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020Moataz Kamel
 
Building Advanced XSS Vectors
Building Advanced XSS VectorsBuilding Advanced XSS Vectors
Building Advanced XSS VectorsRodolfo Assis (Brute)
 
Hacking identity: A Pen Tester's Guide to IAM
Hacking identity: A Pen Tester's Guide to IAMHacking identity: A Pen Tester's Guide to IAM
Hacking identity: A Pen Tester's Guide to IAMJerod Brennen
 
Penetration testing web application web application (in) security
Penetration testing web application web application (in) securityPenetration testing web application web application (in) security
Penetration testing web application web application (in) securityNahidul Kibria
 
REST API Pentester's perspective
REST API Pentester's perspectiveREST API Pentester's perspective
REST API Pentester's perspectiveSecuRing
 
Pentesting like a grandmaster BSides London 2013
Pentesting like a grandmaster BSides London 2013Pentesting like a grandmaster BSides London 2013
Pentesting like a grandmaster BSides London 2013Abraham Aranguren
 
HTTP HOST header attacks
HTTP HOST header attacksHTTP HOST header attacks
HTTP HOST header attacksDefconRussia
 
Detection Rules Coverage
Detection Rules CoverageDetection Rules Coverage
Detection Rules CoverageSunny Neo
 
Real-time Web Application with Socket.IO, Node.js, and Redis
Real-time Web Application with Socket.IO, Node.js, and RedisReal-time Web Application with Socket.IO, Node.js, and Redis
Real-time Web Application with Socket.IO, Node.js, and RedisYork Tsai
 
Getting a live_transcript_of_your_call_using_the_ari
Getting a live_transcript_of_your_call_using_the_ariGetting a live_transcript_of_your_call_using_the_ari
Getting a live_transcript_of_your_call_using_the_ariPascal Cadotte-Michaud
 
Java Shellcode Execution
Java Shellcode ExecutionJava Shellcode Execution
Java Shellcode ExecutionRyan Wincey
 
Attacking thru HTTP Host header
Attacking thru HTTP Host headerAttacking thru HTTP Host header
Attacking thru HTTP Host headerSergey Belov
 
Hunting for Credentials Dumping in Windows Environment
Hunting for Credentials Dumping in Windows EnvironmentHunting for Credentials Dumping in Windows Environment
Hunting for Credentials Dumping in Windows EnvironmentTeymur Kheirkhabarov
 
Threat Hunting Web Shells Using Splunk
Threat Hunting Web Shells Using SplunkThreat Hunting Web Shells Using Splunk
Threat Hunting Web Shells Using Splunkjamesmbower
 
Draft: building secure applications with keycloak (oidc/jwt)
Draft: building secure applications with keycloak (oidc/jwt)Draft: building secure applications with keycloak (oidc/jwt)
Draft: building secure applications with keycloak (oidc/jwt)Abhishek Koserwal
 
LFI to RCE
LFI to RCELFI to RCE
LFI to RCEn|u - The Open Security Community
 
Cryptography 101 for Java Developers - JavaZone2019
Cryptography 101 for Java Developers - JavaZone2019Cryptography 101 for Java Developers - JavaZone2019
Cryptography 101 for Java Developers - JavaZone2019Michel Schudel
 
Pentesting ReST API
Pentesting ReST APIPentesting ReST API
Pentesting ReST APINutan Kumar Panda
 
Pentesting Modern Web Apps: A Primer
Pentesting Modern Web Apps: A PrimerPentesting Modern Web Apps: A Primer
Pentesting Modern Web Apps: A PrimerBrian Hysell
 
腾讯大讲堂09 如何建设高性能网站
腾讯大讲堂09 如何建设高性能网站腾讯大讲堂09 如何建设高性能网站
腾讯大讲堂09 如何建设高性能网站areyouok
 
腾讯大讲堂09 如何建设高性能网站
腾讯大讲堂09 如何建设高性能网站腾讯大讲堂09 如何建设高性能网站
腾讯大讲堂09 如何建设高性能网站topgeek
 

More Related Content

What's hot

Live Hacking like a MVH – A walkthrough on methodology and strategies to win big
Live Hacking like a MVH – A walkthrough on methodology and strategies to win bigLive Hacking like a MVH – A walkthrough on methodology and strategies to win big
Live Hacking like a MVH – A walkthrough on methodology and strategies to win bigFrans Rosén
 
Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020Moataz Kamel
 
Hacking identity: A Pen Tester's Guide to IAM
Hacking identity: A Pen Tester's Guide to IAMHacking identity: A Pen Tester's Guide to IAM
Hacking identity: A Pen Tester's Guide to IAMJerod Brennen
 
Penetration testing web application web application (in) security
Penetration testing web application web application (in) securityPenetration testing web application web application (in) security
Penetration testing web application web application (in) securityNahidul Kibria
 
REST API Pentester's perspective
REST API Pentester's perspectiveREST API Pentester's perspective
REST API Pentester's perspectiveSecuRing
 
Pentesting like a grandmaster BSides London 2013
Pentesting like a grandmaster BSides London 2013Pentesting like a grandmaster BSides London 2013
Pentesting like a grandmaster BSides London 2013Abraham Aranguren
 
HTTP HOST header attacks
HTTP HOST header attacksHTTP HOST header attacks
HTTP HOST header attacksDefconRussia
 
Detection Rules Coverage
Detection Rules CoverageDetection Rules Coverage
Detection Rules CoverageSunny Neo
 
Real-time Web Application with Socket.IO, Node.js, and Redis
Real-time Web Application with Socket.IO, Node.js, and RedisReal-time Web Application with Socket.IO, Node.js, and Redis
Real-time Web Application with Socket.IO, Node.js, and RedisYork Tsai
 
Getting a live_transcript_of_your_call_using_the_ari
Getting a live_transcript_of_your_call_using_the_ariGetting a live_transcript_of_your_call_using_the_ari
Getting a live_transcript_of_your_call_using_the_ariPascal Cadotte-Michaud
 
Java Shellcode Execution
Java Shellcode ExecutionJava Shellcode Execution
Java Shellcode ExecutionRyan Wincey
 
Attacking thru HTTP Host header
Attacking thru HTTP Host headerAttacking thru HTTP Host header
Attacking thru HTTP Host headerSergey Belov
 
Hunting for Credentials Dumping in Windows Environment
Hunting for Credentials Dumping in Windows EnvironmentHunting for Credentials Dumping in Windows Environment
Hunting for Credentials Dumping in Windows EnvironmentTeymur Kheirkhabarov
 
Threat Hunting Web Shells Using Splunk
Threat Hunting Web Shells Using SplunkThreat Hunting Web Shells Using Splunk
Threat Hunting Web Shells Using Splunkjamesmbower
 
Draft: building secure applications with keycloak (oidc/jwt)
Draft: building secure applications with keycloak (oidc/jwt)Draft: building secure applications with keycloak (oidc/jwt)
Draft: building secure applications with keycloak (oidc/jwt)Abhishek Koserwal
 
Cryptography 101 for Java Developers - JavaZone2019
Cryptography 101 for Java Developers - JavaZone2019Cryptography 101 for Java Developers - JavaZone2019
Cryptography 101 for Java Developers - JavaZone2019Michel Schudel
 
Pentesting Modern Web Apps: A Primer
Pentesting Modern Web Apps: A PrimerPentesting Modern Web Apps: A Primer
Pentesting Modern Web Apps: A PrimerBrian Hysell
 

What's hot (20)

Live Hacking like a MVH – A walkthrough on methodology and strategies to win big
Live Hacking like a MVH – A walkthrough on methodology and strategies to win bigLive Hacking like a MVH – A walkthrough on methodology and strategies to win big
Live Hacking like a MVH – A walkthrough on methodology and strategies to win big
 
Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020
 
Building Advanced XSS Vectors
Building Advanced XSS VectorsBuilding Advanced XSS Vectors
Building Advanced XSS Vectors
 
Hacking identity: A Pen Tester's Guide to IAM
Hacking identity: A Pen Tester's Guide to IAMHacking identity: A Pen Tester's Guide to IAM
Hacking identity: A Pen Tester's Guide to IAM
 
Penetration testing web application web application (in) security
Penetration testing web application web application (in) securityPenetration testing web application web application (in) security
Penetration testing web application web application (in) security
 
REST API Pentester's perspective
REST API Pentester's perspectiveREST API Pentester's perspective
REST API Pentester's perspective
 
Pentesting like a grandmaster BSides London 2013
Pentesting like a grandmaster BSides London 2013Pentesting like a grandmaster BSides London 2013
Pentesting like a grandmaster BSides London 2013
 
HTTP HOST header attacks
HTTP HOST header attacksHTTP HOST header attacks
HTTP HOST header attacks
 
Detection Rules Coverage
Detection Rules CoverageDetection Rules Coverage
Detection Rules Coverage
 
Real-time Web Application with Socket.IO, Node.js, and Redis
Real-time Web Application with Socket.IO, Node.js, and RedisReal-time Web Application with Socket.IO, Node.js, and Redis
Real-time Web Application with Socket.IO, Node.js, and Redis
 
Getting a live_transcript_of_your_call_using_the_ari
Getting a live_transcript_of_your_call_using_the_ariGetting a live_transcript_of_your_call_using_the_ari
Getting a live_transcript_of_your_call_using_the_ari
 
Java Shellcode Execution
Java Shellcode ExecutionJava Shellcode Execution
Java Shellcode Execution
 
Attacking thru HTTP Host header
Attacking thru HTTP Host headerAttacking thru HTTP Host header
Attacking thru HTTP Host header
 
Hunting for Credentials Dumping in Windows Environment
Hunting for Credentials Dumping in Windows EnvironmentHunting for Credentials Dumping in Windows Environment
Hunting for Credentials Dumping in Windows Environment
 
Threat Hunting Web Shells Using Splunk
Threat Hunting Web Shells Using SplunkThreat Hunting Web Shells Using Splunk
Threat Hunting Web Shells Using Splunk
 
Draft: building secure applications with keycloak (oidc/jwt)
Draft: building secure applications with keycloak (oidc/jwt)Draft: building secure applications with keycloak (oidc/jwt)
Draft: building secure applications with keycloak (oidc/jwt)
 
LFI to RCE
LFI to RCELFI to RCE
LFI to RCE
 
Cryptography 101 for Java Developers - JavaZone2019
Cryptography 101 for Java Developers - JavaZone2019Cryptography 101 for Java Developers - JavaZone2019
Cryptography 101 for Java Developers - JavaZone2019
 
Pentesting ReST API
Pentesting ReST APIPentesting ReST API
Pentesting ReST API
 
Pentesting Modern Web Apps: A Primer
Pentesting Modern Web Apps: A PrimerPentesting Modern Web Apps: A Primer
Pentesting Modern Web Apps: A Primer
 

Similar to Web Cache Deception Attack

腾讯大讲堂09 如何建设高性能网站
腾讯大讲堂09 如何建设高性能网站腾讯大讲堂09 如何建设高性能网站
腾讯大讲堂09 如何建设高性能网站areyouok
 
腾讯大讲堂09 如何建设高性能网站
腾讯大讲堂09 如何建设高性能网站腾讯大讲堂09 如何建设高性能网站
腾讯大讲堂09 如何建设高性能网站topgeek
 
Csdn Drdobbs Tenni Theurer Yahoo
Csdn Drdobbs Tenni Theurer YahooCsdn Drdobbs Tenni Theurer Yahoo
Csdn Drdobbs Tenni Theurer Yahooguestb1b95b
 
High Performance Websites By Souders Steve
High Performance Websites By Souders SteveHigh Performance Websites By Souders Steve
High Performance Websites By Souders Stevew3guru
 
High Performance Web Sites
High Performance Web SitesHigh Performance Web Sites
High Performance Web SitesPáris Neto
 
Migration strategies 4
Migration strategies 4Migration strategies 4
Migration strategies 4Wenhua Wang
 
Best Practices for WordPress in Enterprise
Best Practices for WordPress in EnterpriseBest Practices for WordPress in Enterprise
Best Practices for WordPress in EnterpriseTaylor Lovett
 
Performance automation 101 @LDNWebPerf MickMcGuinness
Performance automation 101 @LDNWebPerf MickMcGuinnessPerformance automation 101 @LDNWebPerf MickMcGuinness
Performance automation 101 @LDNWebPerf MickMcGuinnessStephen Thair
 
Windycityrails page performance
Windycityrails page performanceWindycityrails page performance
Windycityrails page performanceJohn McCaffrey
 
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014Amazon Web Services
 
Best practices-wordpress-enterprise
Best practices-wordpress-enterpriseBest practices-wordpress-enterprise
Best practices-wordpress-enterpriseTaylor Lovett
 
WordPress Coding Standards
WordPress Coding StandardsWordPress Coding Standards
WordPress Coding StandardsCurtiss Grymala
 
10 Tips to make your Website lightning-fast - SMX Stockholm 2012
10 Tips to make your Website lightning-fast - SMX Stockholm 201210 Tips to make your Website lightning-fast - SMX Stockholm 2012
10 Tips to make your Website lightning-fast - SMX Stockholm 2012Bastian Grimm
 
JavaScript Performance Patterns
JavaScript Performance PatternsJavaScript Performance Patterns
JavaScript Performance PatternsStoyan Stefanov
 
Apache Roller, Acegi Security and Single Sign-on
Apache Roller, Acegi Security and Single Sign-onApache Roller, Acegi Security and Single Sign-on
Apache Roller, Acegi Security and Single Sign-onMatt Raible
 
Web 2.0 Expo: Even Faster Web Sites
Web 2.0 Expo: Even Faster Web SitesWeb 2.0 Expo: Even Faster Web Sites
Web 2.0 Expo: Even Faster Web SitesSteve Souders
 

Similar to Web Cache Deception Attack (20)

腾讯大讲堂09 如何建设高性能网站
腾讯大讲堂09 如何建设高性能网站腾讯大讲堂09 如何建设高性能网站
腾讯大讲堂09 如何建设高性能网站
 
腾讯大讲堂09 如何建设高性能网站
腾讯大讲堂09 如何建设高性能网站腾讯大讲堂09 如何建设高性能网站
腾讯大讲堂09 如何建设高性能网站
 
Csdn Drdobbs Tenni Theurer Yahoo
Csdn Drdobbs Tenni Theurer YahooCsdn Drdobbs Tenni Theurer Yahoo
Csdn Drdobbs Tenni Theurer Yahoo
 
High Performance Websites By Souders Steve
High Performance Websites By Souders SteveHigh Performance Websites By Souders Steve
High Performance Websites By Souders Steve
 
Plop
PlopPlop
Plop
 
High Performance Web Sites
High Performance Web SitesHigh Performance Web Sites
High Performance Web Sites
 
Oscon 20080724
Oscon 20080724Oscon 20080724
Oscon 20080724
 
Migration strategies 4
Migration strategies 4Migration strategies 4
Migration strategies 4
 
Best Practices for WordPress in Enterprise
Best Practices for WordPress in EnterpriseBest Practices for WordPress in Enterprise
Best Practices for WordPress in Enterprise
 
Performance automation 101 @LDNWebPerf MickMcGuinness
Performance automation 101 @LDNWebPerf MickMcGuinnessPerformance automation 101 @LDNWebPerf MickMcGuinness
Performance automation 101 @LDNWebPerf MickMcGuinness
 
Windycityrails page performance
Windycityrails page performanceWindycityrails page performance
Windycityrails page performance
 
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
 
Best practices-wordpress-enterprise
Best practices-wordpress-enterpriseBest practices-wordpress-enterprise
Best practices-wordpress-enterprise
 
Speed = $$$
Speed = $$$Speed = $$$
Speed = $$$
 
WordPress Coding Standards
WordPress Coding StandardsWordPress Coding Standards
WordPress Coding Standards
 
10 Tips to make your Website lightning-fast - SMX Stockholm 2012
10 Tips to make your Website lightning-fast - SMX Stockholm 201210 Tips to make your Website lightning-fast - SMX Stockholm 2012
10 Tips to make your Website lightning-fast - SMX Stockholm 2012
 
JavaScript Performance Patterns
JavaScript Performance PatternsJavaScript Performance Patterns
JavaScript Performance Patterns
 
Apache Roller, Acegi Security and Single Sign-on
Apache Roller, Acegi Security and Single Sign-onApache Roller, Acegi Security and Single Sign-on
Apache Roller, Acegi Security and Single Sign-on
 
Web 2.0 Expo: Even Faster Web Sites
Web 2.0 Expo: Even Faster Web SitesWeb 2.0 Expo: Even Faster Web Sites
Web 2.0 Expo: Even Faster Web Sites
 
21 05-2018
21 05-201821 05-2018
21 05-2018
 

Recently uploaded

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Recently uploaded (20)

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

Web Cache Deception Attack