understanding-csrf

CSRF defense

An explanation of how CSRF attacks work and how to mitigate them in web applications.

What are CSRF tokens and how do they work?

1k stars

34 watching

119 forks

last commit: over 3 years ago

Linked from 1 awesome list

Backlinks from these awesome lists:

lichunqiang/awesome-stars

Related projects:

Repository	Description	Stars
fastify/csrf-protection	Protects against Cross-Site Request Forgery (CSRF) attacks in Fastify servers.	154
koajs/csrf	Provides CSRF protection in Koa applications	264
pillarjs/node-frameworks	A comprehensive resource comparing popular Node.js frameworks	314
justinas/nosurf	Protects against Cross-Site Request Forgery (CSRF) attacks in web applications by verifying user input	1,603
asaafan/csurfer	An extension that bypasses anti-CSRF tokens in web applications	18
mozilla/django-session-csrf	An alternative implementation of Django's CSRF protection that does not use cookies.	111
slimphp/slim-csrf	A middleware solution to protect against Cross-Site Request Forgery attacks in HTTP requests	341
0xinfection/xsrfprobe	A toolkit designed to test and exploit Cross-Site Request Forgery vulnerabilities in websites.	1,116
0ang3el/easycsrf	An extension that automatically modifies certain HTTP requests to reveal potential CSRF vulnerabilities in web applications.	160
otrf/api-to-event	Maps API functions to security events across diverse platforms	74
gorilla/csrf	A middleware library providing protection against malicious requests through the use of tokens.	1,062
ankane/secure_rails	Security best practices for Rails applications to protect against various types of attacks and vulnerabilities.	1,031
jlopp/physical-bitcoin-attacks	Compiles known physical attacks on Bitcoin and cryptocurrency owners	583
koajs/stateless-csrf	Protects against cross-site request forgery attacks by hashing and verifying user cookies on each request.	16
sandysekharan/ctf-tool	A curated collection of tools and resources for creating and solving Capture The Flag challenges	256