News

Published on March 3rd, 2014 📆 | 3597 Views ⚑

0

CSRFT – Cross Site Request Forgeries (Exploitation) Toolkit


iSpeech.org

Description

This project has been developed to exploit CSRF Web vulnerabilities and provide you a quick and easy exploitation toolkit. In few words, this is a simple HTTP Server in NodeJS that will communicate with the clients (victims) and send them payload that will be executed using JavaScript. CSRF is an attack which forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated.“ Combined with social engineering this is a very effective attack tool. Believe it or not, web sites prone to CSRF are very common. If your web developers do not know what „unique web form“ means, you will have to deal with CSRFs eventually. [adsense size='1'] This project allows you to perform PoC (Proof Of Concepts) really easily. Let's see how to get/use it.

[adsense size='1']

How to get/use the tool

First, clone it :

$ git clone git@github.com:PaulSec/CSRFT.git

Then, in the directory, launch the server.js :

$ node server.js

Usage will be displayed :

Usage : node server.js <file.json> <port : default 8080>

download CSRFT  more info can be found here

Tagged with:



0 Responses to CSRFT – Cross Site Request Forgeries (Exploitation) Toolkit

Leave a Reply

Your email address will not be published.