The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.

Automatic CSRF protection for JavaScript apps using a Symfony API

🚀 CSRFShark - a utility for manipulating cross-site request forgery attacks

This app is an advanced XSS panel, this is used for session grabbing with XSS exploit and <img src="grabber_url">

A definitely (read: not) secure online banking site. Built for demo purposes as an example of common security vulnerabilities / what NOT to do.

👾 monitor web server's log files against CSRF attacks (a modification of apache's mod_security to log these attacks)

Hackable website for teaching/training purposes. Includes my undergraduate thesis.

(csrf) google just got a idea to bypass or manipulate the 2fa in gmail service but was successfull in bypassing the device name in gmail 2fa

A PHP Library for Cryptographically Secure Token Generation and Management

Automated Blackbox CSRF vulnerability detection tools

Bruteforce HTTP POST with CSRF token bypass (anti-CSRF)

A PSR-15 compatible middleware that is designed to simplify CSRF verifcation process

A service to handle csrf on POST|PULL\DELETE request for php application

📔 Simple blog project vulnerable to CSRF attacks

🔒| Evaluating the security (exploiting and fixing vulnerabilities) of Open eClass 2.3 (University of Athens) platform.

This project is an educational example of a CSRF (Cross-Site Request Forgery) attack to demonstrate how a web application can be vulnerable to this type of attack.

A CSRF attack involves a victim user, a trusted site, and a malicious site. The victim user holds an active session with a trusted site and simultaneously visits a malicious site. The malicious site injects a HTTP request for the trusted site into the victim user session compromising its integrity. In this lab, you will be attacking a web-based message board system using CSRF attacks. We modi- fied an open-source message board application called phpBB to make it vulnerable to CSRF attacks. The original application has implemented several countermeasures for avoiding CSRF attacks

Orthosecure: Secure Dentistry Appointment Booking and Management System. It is designed to be robust and secure application with enhanced security and compliance checks within containerized environments. It leverages cutting-edge technologies to monitor, analyze, and secure workloads in real-time.

CSRF Attender is a Burp Suite extension that illustrates a PoC for automatically generating CSRF attacks on a WebSite (works only for GET requests and HTTP1.1)

Hyperlogout!

A sample application that shows three ways to mitigate CSRF attacks in ASP.NET Core applications

It is a desktop application made in PYQT5 and various python libraries, basically it is a kind of GUI version of lazyhack. It also contains advance backdoor and can perform various attack.

A web crawler and vulnerability scanner tool developed by Rohit Ajariwal

How to apply antiforgery request validation to the ASP.NET Core Dashboard control.

Demonstration of some attacks exploiting security vulnerabilities of websites and OSs as tasks of Computer Security LAB, CSE 406 in Level-4, Term-1 of CSE, BUET

Online service application for book trading. Application was originally developed for 'Web Technologies' course @ETF_Sarajevo. After that, I have created XSS and CSRF omissions in the application in order to present how are mentioned attacks done on the web application.

This repository includes Buffer Overflow, SQL Injection, Cross-Site Scripting, Cross-Site Request Factory Attacks implementations and Smart Contract Vulnerabilities

Immerse yourself in a practical hacking exercise to gain valuable experience with prevalent security exploits. Explore six key vulnerabilities, including SQL injection, session hijacking, username enumeration, IDOR, XSS, and CSRF, for a comprehensive cybersecurity learning experience.

Đây là một trong số những giải pháp để ngăn chặn lỗi CSRF tồn tại trên webapplication hiện nay 🚀

No description provided.