The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.

Package gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services 🔒

CSRF Scanner

Tornado project generator. Start a project with tornado, mako/jinjia2 and sqlalchemy/peewee in a minute.

Automatic CSRF protection for JavaScript apps using a Symfony API

Stateless implementation of Cross-Site Request Forgery (XSRF) Protection by using Double Submit Cookie mitigation pattern

🔐 basics on making php applications secure

Keep your forms alive, avoid `TokenMismatchException` by gently poking your Laravel app.

A crate built on top of `axum-sessions`, implementing the CSRF Synchronizer Token Pattern

Symfony bundle that provides Cross Site Request Forgery (CSRF or XSRF) protection for client-side applications

Implement secure login application in React using REST API

Create secure authentication REST API in Node.js

React Axios Token Provider package is a make easy what repetitive processes.

A library which stores login credentials in Redux to allow a user to login to a Spring Boot application.

ASP.NET Core MVC 2.0 & Angular 4 project for testing payments via Stripe & Braintree

Cross-Site Request Forgery (CSRF) middleware for Express

super simple, single-file anti-cross-site request forgery (CSRF) module for server APIs

Cross-site request forgery is a common malicious exploit of websites. It occurs when unauthorised commands are transmitted from a user that a web application trusts. The user is usually logged into the website, so they have a higher level of privileges, allowing the hacker to transfer funds, obtain account information or gain access to sensitive information. There are many ways for hackers to transmit forged commands including hidden forms, AJAX, and image tags. The user is not aware that the command has been sent and the website believes that the command has come from an authenticated user. The main difference between an XSS and CSRF attack is that the user must be logged in and trusted by a website for a CSRF wesbite hacking attack to work. Website owners can prevent CSRF attacks by checking HTTP headers to verify where the request is coming from and check CSRF tokens in web forms. These checks will ensure that the request has come from a page inside the web application and not an external source.

CSRF Middleware for the Elysia Framework

An addon to integrate Project Foxhound with the Zed Attack Proxy (ZAP), enabling precision detection of client-side injection vulnerabilities during dynamic testing.

Cross-Site Request Forgery (CSRF) attack

Sample Angular-enabled ASP.NET Core application with separated backend and frontend structure

OWASP CSRFProtector Project Landing Page

JWT-token registration app based on Angular 4 & ASP.NET Core 2.0

This repository contains spring-security playgroung projects https://daggerok.github.io/spring-security-examples/

[READ ONLY] Subtree split of the Vuro Csrf Protector component (see vuro-framework/vuro-framework)

A full web application that allows you to perform HTTP requests on demand.

Đề tài thực tập CSRF 2017

FRI - 2018/2019 - Information Security and Privacy - Mitigating Cross-Site Request Forgery Attacks

Antiforgery Middleware to solve the problem of client based web applications