A8 CROSS-SITE REQUEST FORGERY(CSRF)

Introduction

CSRF is where the attacker creates a bogus website that will sent a packet to the targeted website. The session that is in the user's computer will then be triggered and the attack will run. Through this vulnerability, any state changing operation the victim is authorized to perform, such as updating account details, making purchases, logging out and in can be tricked into performing it

Tools needed:

• BurpSuite

Video

CSRF

Other possible methods: