Online service application for book trading. Application was originally developed for 'Web Technologies' course @ETF_Sarajevo. After that, I have created XSS and CSRF omissions in the application in order to present how are mentioned attacks done on the web application.

A sample application that shows three ways to mitigate CSRF attacks in ASP.NET Core applications

Hackable website for teaching/training purposes. Includes my undergraduate thesis.

A service to handle csrf on POST|PULL\DELETE request for php application

Pentesting Live Targets

A CSRF attack involves a victim user, a trusted site, and a malicious site. The victim user holds an active session with a trusted site and simultaneously visits a malicious site. The malicious site injects a HTTP request for the trusted site into the victim user session compromising its integrity. In this lab, you will be attacking a web-based …

Web CTF CheatSheet 🐈

Cross-Site Request Forgery (CSRF) Attack in CodeIgniter

Cross-Site Request Forgery (CSRF) Attack in CodeIgniter

CSRF - Bypass XSS

Hyperlogout!

Demonstration of some attacks exploiting security vulnerabilities of websites and OSs as tasks of Computer Security LAB, CSE 406 in Level-4, Term-1 of CSE, BUET

A PSR-15 compatible middleware that is designed to simplify CSRF verifcation process

A definitely (read: not) secure online banking site. Built for demo purposes as an example of common security vulnerabilities / what NOT to do.

LVS is a VAPT Simulator which acts like a Vulnerable Web Application covering all the Major Owasp Top 10 (2013) vulnerabilities.

Automatic CSRF protection for JavaScript apps using a Symfony API

Secures requests and blocks CSRF attempts.

This repository includes Buffer Overflow, SQL Injection, Cross-Site Scripting, Cross-Site Request Factory Attacks implementations and Smart Contract Vulnerabilities

Bruteforce HTTP POST with CSRF token bypass (anti-CSRF)