The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.

Automatic CSRF protection for JavaScript apps using a Symfony API

This app is an advanced XSS panel, this is used for session grabbing with XSS exploit and <img src="grabber_url">

🚀 CSRFShark - a utility for manipulating cross-site request forgery attacks

A definitely (read: not) secure online banking site. Built for demo purposes as an example of common security vulnerabilities / what NOT to do.

👾 monitor web server's log files against CSRF attacks (a modification of apache's mod_security to log these attacks)

Hackable website for teaching/training purposes. Includes my undergraduate thesis.

Automated Blackbox CSRF vulnerability detection tools

Exploit Code, notes, and resources to accompany PortSwiggers' WebAcademy Labs.

Bruteforce HTTP POST with CSRF token bypass (anti-CSRF)

Web CTF CheatSheet 🐈

(csrf) google just got a idea to bypass or manipulate the 2fa in gmail service but was successfull in bypassing the device name in gmail 2fa

A service to handle csrf on POST|PULL\DELETE request for php application

A PHP Library for Cryptographically Secure Token Generation and Management

📔 Simple blog project vulnerable to CSRF attacks

A CSRF attack involves a victim user, a trusted site, and a malicious site. The victim user holds an active session with a trusted site and simultaneously visits a malicious site. The malicious site injects a HTTP request for the trusted site into the victim user session compromising its integrity. In this lab, you will be attacking a web-based …

A PSR-15 compatible middleware that is designed to simplify CSRF verifcation process

Hyperlogout!

A sample application that shows three ways to mitigate CSRF attacks in ASP.NET Core applications

Demonstration of some attacks exploiting security vulnerabilities of websites and OSs as tasks of Computer Security LAB, CSE 406 in Level-4, Term-1 of CSE, BUET