There are 2 repositories under xsrf topic.
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
Automatic CSRF protection for JavaScript apps using a Symfony API
🔐 basics on making php applications secure
Symfony bundle that provides Cross Site Request Forgery (CSRF or XSRF) protection for client-side applications
Create secure authentication REST API in Node.js
Implement secure login application in React using REST API
A crate built on top of `axum-sessions`, implementing the CSRF Synchronizer Token Pattern
React Axios Token Provider package is a make easy what repetitive processes.
A library which stores login credentials in Redux to allow a user to login to a Spring Boot application.
ASP.NET Core MVC 2.0 & Angular 4 project for testing payments via Stripe & Braintree
Cross-site request forgery is a common malicious exploit of websites. It occurs when unauthorised commands are transmitted from a user that a web application trusts. The user is usually logged into the website, so they have a higher level of privileges, allowing the hacker to transfer funds, obtain account information or gain access to sensitive information. There are many ways for hackers to transmit forged commands including hidden forms, AJAX, and image tags. The user is not aware that the command has been sent and the website believes that the command has come from an authenticated user. The main difference between an XSS and CSRF attack is that the user must be logged in and trusted by a website for a CSRF wesbite hacking attack to work. Website owners can prevent CSRF attacks by checking HTTP headers to verify where the request is coming from and check CSRF tokens in web forms. These checks will ensure that the request has come from a page inside the web application and not an external source.
Cross-Site Request Forgery (CSRF) middleware for Express
This repository contains spring-security playgroung projects https://daggerok.github.io/spring-security-examples/
Cross-Site Request Forgery (CSRF) attack
Sample Angular-enabled ASP.NET Core application with separated backend and frontend structure
JWT-token registration app based on Angular 4 & ASP.NET Core 2.0
Sample Rest-full API with ui in angular generated using openapi and backend in golang.
Antiforgery Middleware to solve the problem of client based web applications
[READ ONLY] Subtree split of the Vuro Csrf Protector component (see vuro-framework/vuro-framework)
Penetration testing report for BUMBLR (a webapp built using DVWA). Part of penetration testing clsswork
FRI - 2018/2019 - Information Security and Privacy - Mitigating Cross-Site Request Forgery Attacks
ASP.NET Core でクロスサイトリクエストフォージェリ (XSRF/CSRF) 対策を行うサンプルです。