Websecurify

Regular updates about Websecurify free and premium website scanners, proxies, fuzzers and insight knowledge about SQL Injection, Cross-site Scripting and other vulnerabilities

Rforge Updates

Yesterday we landed an update for Rforge. Now you can generate CSRF (Cross-site Request Forgery) attacks from very complex HTTP requests using four distinct strategies, which are automatically selected for you. You can still modify the generated attack pages to your likings to add that extra magic of yours.

Rforge now includes the indispensable test button. The URLs generated from the testing facility can be directly embedded in your own demos, proof of concepts, etc.

This is pretty much it. We made the whole process so simple that it is not worth talking about it much. Just login and try it for yourself. We will push another article soon, which will be about the different ways CSRF attacks can be constructed depending on the type of HTTP request we want to imitate.

Happy Doomsday!

pdp

Petko D. Petkov (pdp), is founder of Websecurify and frontman of the GNUCITIZEN Information Security Think Tank. pdp is a recognized information security researcher, security tools developer, penetration tester, frequent speaker at industry events, and published author who has contributed to several best-selling books in the field of information security.

Comments Powered ByDisqus