csrf-attacks
There are 46 repositories under csrf-attacks topic.
0xInfection/XSRFProbe
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
dunglas/DunglasAngularCsrfBundle
Automatic CSRF protection for JavaScript apps using a Symfony API
Inplex-sys/cookies-sniffer
This app is an advanced XSS panel, this is used for session grabbing with XSS exploit and <img src="grabber_url">
csrfshark/app
🚀 CSRFShark - a utility for manipulating cross-site request forgery attacks
vzhou842/definitely-secure-bank
A definitely (read: not) secure online banking site. Built for demo purposes as an example of common security vulnerabilities / what NOT to do.
robjtede/webpwn
Hackable website for teaching/training purposes. Includes my undergraduate thesis.
autistic-symposium/csrf-apache-modsecurity
👾 monitor web server's log files against CSRF attacks (a modification of apache's mod_security to log these attacks)
AyemunHossain/CSRF-vulnerability-detection
Automated Blackbox CSRF vulnerability detection tools
LinuxUser255/Web-Security-Academy-Series
Exploit Code, notes, and resources to accompany PortSwiggers' WebAcademy Labs.
enriquetomasmb/bruteforce-bypass
Bruteforce HTTP POST with CSRF token bypass (anti-CSRF)
toggio/SecureTokenizer
A PHP Library for Cryptographically Secure Token Generation and Management
hack-with-ethics/csrf_google
(csrf) google just got a idea to bypass or manipulate the 2fa in gmail service but was successfull in bypassing the device name in gmail 2fa
julfiker/csrf-php
A service to handle csrf on POST|PULL\DELETE request for php application
phanatagama/Web-CTF-Cheatsheet
Web CTF CheatSheet 🐈
Pawel-Kica/csrf-university-project-starter
📔 Simple blog project vulnerable to CSRF attacks
roflcer/Cross-Site-Request-Forgery-Attack
A CSRF attack involves a victim user, a trusted site, and a malicious site. The victim user holds an active session with a trusted site and simultaneously visits a malicious site. The malicious site injects a HTTP request for the trusted site into the victim user session compromising its integrity. In this lab, you will be attacking a web-based message board system using CSRF attacks. We modi- fied an open-source message board application called phpBB to make it vulnerable to CSRF attacks. The original application has implemented several countermeasures for avoiding CSRF attacks
zakirullin/csrf-middleware
A PSR-15 compatible middleware that is designed to simplify CSRF verifcation process
AmerSurkovic/DrvenijaOnline
Online service application for book trading. Application was originally developed for 'Web Technologies' course @ETF_Sarajevo. After that, I have created XSS and CSRF omissions in the application in order to present how are mentioned attacks done on the web application.
ankushlakhani3/Ethical-Hacking-Security-Application
It is a desktop application made in PYQT5 and various python libraries, basically it is a kind of GUI version of lazyhack. It also contains advance backdoor and can perform various attack.
Charlot-DEDJINOU/CSRF-attack
Ce projet est un exemple pédagogique d'attaque CSRF (Cross-Site Request Forgery) pour démontrer comment une application web peut être vulnérable à ce type d'attaque.
DevExpress-Examples/asp-net-core-dashboard-antiforgery
How to apply antiforgery request validation to the ASP.NET Core Dashboard control.
MarcinHoppe/AspNetCore.Csrf.Sample
A sample application that shows three ways to mitigate CSRF attacks in ASP.NET Core applications
RudigerMorinDocter/CSRF-Attender
CSRF Attender is a Burp Suite extension that illustrates a PoC for automatically generating CSRF attacks on a WebSite (works only for GET requests and HTTP1.1)
Sitaras/eClass-Penetration-Testing
🔒| Evaluating the security (exploiting and fixing vulnerabilities) of Open eClass 2.3 (University of Athens) platform.
Subangkar/Computer-Security-CSE-406-BUET
Demonstration of some attacks exploiting security vulnerabilities of websites and OSs as tasks of Computer Security LAB, CSE 406 in Level-4, Term-1 of CSE, BUET
thewarpaint/hyperlogout
Hyperlogout!
DanielUAL/CyberAttackLabs
Collection of labs that were done while taking a cyber security course. I was able to do real cyber attacks in a controlled environment. Various types of attacks are documented, XSS, TCP, CSRF, ect.
harshitScript/authentication-demo
An express project to demonstrate the ways of providing authentication to users along with some authentication related mechanism like reset password, edit details etc. Additional : CSRF protection
MachadoOtto/CSRF-Helper
CSRF Helper is a tool designed to generate and test proofs of concept for Cross-Site Request Forgery (CSRF) attacks. It allows users to input a specific HTTP request and automatically generates a CSRF attack scenario. The generated proof of concept can be copied to the clipboard or downloaded as an HTML file for further testing and analysis.
NLoi7/NetworkSec_ArmorFramework
Đây là một trong số những giải pháp để ngăn chặn lỗi CSRF tồn tại trên webapplication hiện nay 🚀
rohitajariwal/web-app-security-scanner
A web crawler and vulnerability scanner tool developed by Rohit Ajariwal
salissalmann/OAuth-JWT-Backend-InfoSecurity
Comprehensive Information Security Project on GitHub: Fortify your web app with robust JWT Token, CORS, and role-based access controls. Defend against CSRF, XSS, and more for enhanced protection.
xamiron/CSRF-Vulnerability
In this repository, I discuss the CSRF vulnerability and how to do execute a CSRF attack.
galihap76/php-csrf
CSRF token menggunakan bahasa pemrograman PHP.
Sandhya80/Preventing_CSRF_Codey-s_ConfectioneryProject
Fixing the CSRF(Cross-Site Request Forgery Attacks) vulnerabilities on the web forms (Ordering form and the Contact form) of a Confectioneries website.
Wh1t3Fox/csrf.page
CSRF Testing