62 Open Source Csrf Software Projects

Source code for Hacker101.com - a free online web and mobile security class.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Authentication for Next.js

渗透测试有关的POC、EXP、脚本、提权、小工具等，欢迎补充、完善---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

CSRF token middleware

XSS'OR - Hack with JavaScript.

CSRF protection middleware for Go.

The Security CSRF (cross-site request forgery) component provides a class CsrfTokenManager for generating and validating CSRF tokens.

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .

gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services 🔒

Web & mobile client-side akka-http sessions, with optional JWT support

The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.

CSRF Scanner

Top disclosed reports from HackerOne

Logic behind CSRF token creation and verification.

Tools for managing sessions, including session segments and read-once messages

👨‍🏫 Mike's Web Security Course

CSRF Protector library: standalone library for CSRF mitigation

Automatic CSRF protection for JavaScript apps using a Symfony API

Simple CRUD with React and Spring Boot 2.0

Stateless Cross-Site Request Forgery (CSRF) protection with JWT

In progress rough solutions to bWAPP / bee-box

🐕 Fetch+ is a convenient Fetch API replacement with first-class middleware support.

The PHP pragmatic forms library

🌟 FastSitePHP 🌟 A Modern Open Source Framework for building High Performance Websites and API’s with PHP

Java web and command line applications demonstrating various security topics

Simple Hacking tools

Arcadyan ARV7519RW22-A-L T VR9 1.2 Multiple security vulnerabilities affecting latest firmware release on ORANGE Livebox modems.

Solutions and write-ups from security-based competitions also known as Capture The Flag competition

Web前后端漏洞分析与防御-知识梳理📖

Deemon is a tool to detect CSRF in web applications. Deemon has been used for the paper "Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs" by G. Pellegrino, M. Johns, S. Koch, M. Backes, and C. Rossow.

CSRF protection for Nette Framework presenters' signals.

A stylish PHP application framework crafted using Slim, Twig, Eloquent and Sentinel designed to get you from clone to production in a matter of minutes.

A demonstration of stateless JWT authentication with Spring Security, Spring Boot and Vue js

Use Django To Introduce CSRF and Cookies , Session 📝

Keep your forms alive, avoid TokenMismatchException by gently poking your Laravel app.

nodejs + express security and performance boilerplate.

CSRF verification and session persistent through request/response headers.

Single PHP library file for protection over Cross-Site Request Forgery

Collection of Twitter Bug Bounty Tips and Tricks

next.js bolierplate, next.js 的开发模板

The objective of this class is offer an automatic system of protection for developers's projects and simplify some security operations as the check of CSRF or XSS all in a simple class. Infact you could just call the main method to have better security yet without too much complicated operations.

ASGI middleware for protecting against CSRF attacks

A simple CSRF Token protection library for PHP. I t will help you to generate the random unique token and validate it to prevent CSRF attack.

A boilerplate for koa2 RESTful API development

A Deliberately Insecure Web Application

Hapi Boilerplate

Awesome auth library for Flask and Bottle web apps

ring-csrf example

Login from command line to the websites that use CSRF protection

Repository contains an online education portal filled with web vulnerabilities.

In this repository I'll host my research and methodologies for auditing vulnerabilities

对springSecurity进行二次开发，提供OAuth2授权(支持跨域名，多应用授权)、JWT、SSO、文件上传、权限系统无障碍接入、接口防刷、XSS、CSRF、SQL注入、三方登录(绑定，解绑)、加密通信等一系列安全场景的解决方案

Burp extension to generate multi-step CSRF POC.

Generic CSRF (Cross-Site-Request-Forgery) Filter

Secret-key based state-less CSRF token generator and validator for PHP 7. State-less means you do not have to store the CSRF token in session or database.

A CSRF Anti Forgery Middleware (abandoned)

This repository is contains example application using spring boot 2.0, webflux, spring security 5, reactive mongodb and mustache template engine: spring security 5, CSRF protection with mustache, spring webflux functional routes security, method security, authorization decision, etc

Chinese etymology research website. ASP.NET Core architecture for SPA. See http://hanziyuan.net or http://ChineseEtymology.org

A definitely (read: not) secure online banking site. Built for demo purposes as an example of common security vulnerabilities / what NOT to do.

A ready-to-start project (w/ demos) for applications written using Slim 4, Twig 3 and Vue 2