Easy Cross-Site Request Forgery Exploitation with Websecurify Suite

Thu Oct 04 2012 12:34:00 GMT+0100 (BST)

Creating CSRF attack payloads from complex requests is tedious process, which involves a lot of copying, decoding, re-encoding and sometimes even knowing a few dirty browser tricks. Well've, we created a tool which simplifies this process to the extend where all you need to create and test a CSRF attack is to provide a HTTP request.

The tool is called Rforge and it specializes in building cross-site request forgery attacks. It is available right now for mass consumption. In the near future, we will integrate the tool into the Scanner and other auditing tools especially where CSRF issues are identified and reported, giving you the easiest possible way to detect and test these types of attacks.

Comments Powered ByDisqus