There are 0 repository under csrf-attacks topic.
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
Automatic CSRF protection for JavaScript apps using a Symfony API
This app is an advanced XSS panel, this is used for session grabbing with XSS exploit and <img src="grabber_url">
A definitely (read: not) secure online banking site. Built for demo purposes as an example of common security vulnerabilities / what NOT to do.
This repository contains the reports of Seed Lab 2.0 projects which includes Breaking a Simple Cipher, TCP Attacks, Buffer Overflow Attack (Server), Request Forgery (CSRF) Attack, SQL Injection Attack, Meltdown Attack
👾 𝗠𝗼𝗻𝗶𝘁𝗼𝗿 𝘄𝗲𝗯 𝘀𝗲𝗿𝘃𝗲𝗿'𝘀 𝗹𝗼𝗴 𝗳𝗶𝗹𝗲𝘀 𝗮𝗴𝗮𝗶𝗻𝘀𝘁 𝗖𝗦𝗥𝗙 𝗮𝘁𝘁𝗮𝗰𝗸𝘀: 𝗮 𝗺𝗼𝗱𝗶𝗳𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗼𝗳 𝗔𝗽𝗮𝗰𝗵𝗲'𝘀 𝗺𝗼𝗱_𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝘁𝗼 𝗹𝗼𝗴 𝘁𝗵𝗲𝘀𝗲 𝗮𝘁𝘁𝗮𝗰𝗸.
Automated Blackbox CSRF vulnerability detection tools
Exploit Code, notes, and resources to accompany PortSwiggers' WebAcademy Labs.
Bruteforce HTTP POST with CSRF token bypass (anti-CSRF)
Web CTF CheatSheet 🐈
📔 Simple blog project vulnerable to CSRF attacks
A CSRF attack involves a victim user, a trusted site, and a malicious site. The victim user holds an active session with a trusted site and simultaneously visits a malicious site. The malicious site injects a HTTP request for the trusted site into the victim user session compromising its integrity. In this lab, you will be attacking a web-based message board system using CSRF attacks. We modi- fied an open-source message board application called phpBB to make it vulnerable to CSRF attacks. The original application has implemented several countermeasures for avoiding CSRF attacks
A PHP Library for Cryptographically Secure Token Generation and Management
A PSR-15 compatible middleware that is designed to simplify CSRF verifcation process
Online service application for book trading. Application was originally developed for 'Web Technologies' course @ETF_Sarajevo. After that, I have created XSS and CSRF omissions in the application in order to present how are mentioned attacks done on the web application.
It is a desktop application made in PYQT5 and various python libraries, basically it is a kind of GUI version of lazyhack. It also contains advance backdoor and can perform various attack.
Collection of labs that were done while taking a cyber security course. I was able to do real cyber attacks in a controlled environment. Various types of attacks are documented, XSS, TCP, CSRF, ect.
How to apply antiforgery request validation to the ASP.NET Core Dashboard control.
A sample application that shows three ways to mitigate CSRF attacks in ASP.NET Core applications
CSRF Attender is a Burp Suite extension that illustrates a PoC for automatically generating CSRF attacks on a WebSite (works only for GET requests and HTTP1.1)
🔒| Evaluating the security (exploiting and fixing vulnerabilities) of Open eClass 2.3 (University of Athens) platform.
Demonstration of some attacks exploiting security vulnerabilities of websites and OSs as tasks of Computer Security LAB, CSE 406 in Level-4, Term-1 of CSE, BUET
An express project to demonstrate the ways of providing authentication to users along with some authentication related mechanism like reset password, edit details etc. Additional : CSRF protection
CSRF Helper is a tool designed to generate and test proofs of concept for Cross-Site Request Forgery (CSRF) attacks. It allows users to input a specific HTTP request and automatically generates a CSRF attack scenario. The generated proof of concept can be copied to the clipboard or downloaded as an HTML file for further testing and analysis.
Đây là một trong số những giải pháp để ngăn chặn lỗi CSRF tồn tại trên webapplication hiện nay 🚀
Comprehensive Information Security Project on GitHub: Fortify your web app with robust JWT Token, CORS, and role-based access controls. Defend against CSRF, XSS, and more for enhanced protection.
In this repository, I discuss the CSRF vulnerability and how to do execute a CSRF attack.
Ce projet est un exemple pédagogique d'attaque CSRF (Cross-Site Request Forgery) pour démontrer comment une application web peut être vulnérable à ce type d'attaque.
Fixing the CSRF(Cross-Site Request Forgery Attacks) vulnerabilities on the web forms (Ordering form and the Contact form) of a Confectioneries website.