csrf-attacks

dunglas/DunglasAngularCsrfBundle

Automatic CSRF protection for JavaScript apps using a Symfony API

csrfshark/app

🚀 CSRFShark - a utility for manipulating cross-site request forgery attacks

Inplex-sys/cookies-sniffer

This app is an advanced XSS panel, this is used for session grabbing with XSS exploit and <img src="grabber_url">

vzhou842/definitely-secure-bank

A definitely (read: not) secure online banking site. Built for demo purposes as an example of common security vulnerabilities / what NOT to do.

robjtede/webpwn

Hackable website for teaching/training purposes. Includes my undergraduate thesis.

autistic-symposium/csrf-apache-modsecurity-rb

👾 monitor web server's log files against CSRF attacks (a modification of apache's mod_security to log these attacks)

AyemunHossain/CSRF-vulnerability-detection

Automated Blackbox CSRF vulnerability detection tools

toggio/SecureTokenizer

A PHP Library for Cryptographically Secure Token Generation and Management

LinuxUser255/Web-Security-Academy-Series

Exploit Code, notes, and resources to accompany PortSwiggers' WebAcademy Labs.

enriquetomasmb/bruteforce-bypass

Bruteforce HTTP POST with CSRF token bypass (anti-CSRF)

hack-with-ethics/csrf_google

(csrf) google just got a idea to bypass or manipulate the 2fa in gmail service but was successfull in bypassing the device name in gmail 2fa

julfiker/csrf-php

A service to handle csrf on POST|PULL\DELETE request for php application

phanatagama/Web-CTF-Cheatsheet

Web CTF CheatSheet 🐈

FREAKYBOBr/Basic-Penetration-Testing-Report-Ethical-Hacking

This repository contains a basic penetration testing report focusing on ethical hacking techniques and methodologies. It includes findings, analysis, and recommendations to improve the security posture of the tested system.

Pawel-Kica/csrf-university-project-starter

📔 Simple blog project vulnerable to CSRF attacks

roflcer/Cross-Site-Request-Forgery-Attack

A CSRF attack involves a victim user, a trusted site, and a malicious site. The victim user holds an active session with a trusted site and simultaneously visits a malicious site. The malicious site injects a HTTP request for the trusted site into the victim user session compromising its integrity. In this lab, you will be attacking a web-based message board system using CSRF attacks. We modi- fied an open-source message board application called phpBB to make it vulnerable to CSRF attacks. The original application has implemented several countermeasures for avoiding CSRF attacks

zakirullin/csrf-middleware

A PSR-15 compatible middleware that is designed to simplify CSRF verifcation process

AmerSurkovic/DrvenijaOnline

Online service application for book trading. Application was originally developed for 'Web Technologies' course @ETF_Sarajevo. After that, I have created XSS and CSRF omissions in the application in order to present how are mentioned attacks done on the web application.

ankushlakhani3/Ethical-Hacking-Security-Application

It is a desktop application made in PYQT5 and various python libraries, basically it is a kind of GUI version of lazyhack. It also contains advance backdoor and can perform various attack.

Charlot-DEDJINOU/CSRF-attack

Ce projet est un exemple pédagogique d'attaque CSRF (Cross-Site Request Forgery) pour démontrer comment une application web peut être vulnérable à ce type d'attaque.

DevExpress-Examples/asp-net-core-dashboard-antiforgery

How to apply antiforgery request validation to the ASP.NET Core Dashboard control.

MarcinHoppe/AspNetCore.Csrf.Sample

A sample application that shows three ways to mitigate CSRF attacks in ASP.NET Core applications

rohitajariwal/web-app-security-scanner

A web crawler and vulnerability scanner tool developed by Rohit Ajariwal

RudigerMorinDocter/CSRF-Attender

CSRF Attender is a Burp Suite extension that illustrates a PoC for automatically generating CSRF attacks on a WebSite (works only for GET requests and HTTP1.1)

Sitaras/eClass-Penetration-Testing

🔒| Evaluating the security (exploiting and fixing vulnerabilities) of Open eClass 2.3 (University of Athens) platform.

Subangkar/Computer-Security-CSE-406-BUET

Demonstration of some attacks exploiting security vulnerabilities of websites and OSs as tasks of Computer Security LAB, CSE 406 in Level-4, Term-1 of CSE, BUET

thewarpaint/hyperlogout

Hyperlogout!

Yo7cc/Basic-Penetration-Testing-Report-Ethical-Hacking

Basic Penetration Testing Report for Ethical Hacking covering key findings and recommendations for improving cybersecurity defenses. Detailed analysis of vulnerabilities identified during the testing process and steps to enhance overall security posture.

FaisalAhmed21/Basic-Penetration-Testing-Report-Ethical-Hacking

MachadoOtto/CSRF-Helper

CSRF Helper is a tool designed to generate and test proofs of concept for Cross-Site Request Forgery (CSRF) attacks. It allows users to input a specific HTTP request and automatically generates a CSRF attack scenario. The generated proof of concept can be copied to the clipboard or downloaded as an HTML file for further testing and analysis.

sal00ma/Client-side-attacks.

“Hi, I’m Salma Muhamed, and in this write-up, I’ll be going through client-side attack techniques. This write-up isn’t unique; many people may find better resources elsewhere, but it’s more of a personal note for myself. I’ve shared it with you, and I hope you find it useful.”

datletechxd/csrf-demo

A simple project that simulates a Cross-Site Request Forgery (CSRF) attack

deblunt/Basic-Penetration-Testing-Report-Ethical-Hacking

This repository contains a basic penetration testing report focusing on ethical hacking practices. It provides insights into identifying vulnerabilities and improving overall security measures.

fatin-farhan/Capture-The-Flag

Five CTF challenges, two easy, two medium, one hard

thayeeb9211/ortho-secure

Orthosecure: Secure Dentistry Appointment Booking and Management System. It is designed to be robust and secure application with enhanced security and compliance checks within containerized environments. It leverages cutting-edge technologies to monitor, analyze, and secure workloads in real-time.