The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.

Automatic CSRF protection for JavaScript apps using a Symfony API

This app is an advanced XSS panel, this is used for session grabbing with XSS exploit and <img src="grabber_url">

A definitely (read: not) secure online banking site. Built for demo purposes as an example of common security vulnerabilities / what NOT to do.

🚀 CSRFShark - a utility for manipulating cross-site request forgery attacks

This repository contains the reports of Seed Lab 2.0 projects which includes Breaking a Simple Cipher, TCP Attacks, Buffer Overflow Attack (Server), Request Forgery (CSRF) Attack, SQL Injection Attack, Meltdown Attack

Hackable website for teaching/training purposes. Includes my undergraduate thesis.

👾 𝗠𝗼𝗻𝗶𝘁𝗼𝗿 𝘄𝗲𝗯 𝘀𝗲𝗿𝘃𝗲𝗿'𝘀 𝗹𝗼𝗴 𝗳𝗶𝗹𝗲𝘀 𝗮𝗴𝗮𝗶𝗻𝘀𝘁 𝗖𝗦𝗥𝗙 𝗮𝘁𝘁𝗮𝗰𝗸𝘀: 𝗮 𝗺𝗼𝗱𝗶𝗳𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗼𝗳 𝗔𝗽𝗮𝗰𝗵𝗲'𝘀 𝗺𝗼𝗱_𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝘁𝗼 𝗹𝗼𝗴 𝘁𝗵𝗲𝘀𝗲 𝗮𝘁𝘁𝗮𝗰𝗸.

Automated Blackbox CSRF vulnerability detection tools

Bruteforce HTTP POST with CSRF token bypass (anti-CSRF)

Exploit Code, notes, and resources to accompany PortSwiggers' WebAcademy Labs.

Web CTF CheatSheet 🐈

A service to handle csrf on POST|PULL\DELETE request for php application

📔 Simple blog project vulnerable to CSRF attacks

A CSRF attack involves a victim user, a trusted site, and a malicious site. The victim user holds an active session with a trusted site and simultaneously visits a malicious site. The malicious site injects a HTTP request for the trusted site into the victim user session compromising its integrity. In this lab, you will be attacking a web-based …

A PSR-15 compatible middleware that is designed to simplify CSRF verifcation process

A PHP Library for Cryptographically Secure Token Generation and Management

How to apply antiforgery request validation to the ASP.NET Core Dashboard control.

Brute-force CSRF

Hyperlogout!