roflcer/Cross-Site-Request-Forgery-Attack

A CSRF attack involves a victim user, a trusted site, and a malicious site. The victim user holds an active session with a trusted site and simultaneously visits a malicious site. The malicious site injects a HTTP request for the trusted site into the victim user session compromising its integrity. In this lab, you will be attacking a web-based message board system using CSRF attacks. We modi- fied an open-source message board application called phpBB to make it vulnerable to CSRF attacks. The original application has implemented several countermeasures for avoiding CSRF attacks