Difference between revisions of "Practical CSRF example using Burp Suite"
Jump to navigation
Jump to search
Nmuehlberger (talk | contribs) m (Nmuehlberger moved page User:Nmuehlberger to Practical CSRF example using Burp Suite: Title change) |
Nmuehlberger (talk | contribs) |
||
| Line 1: | Line 1: | ||
== Introdutcion == | |||
As the internet is used nowadays for fields like e-commerce, finance and healthcare, web applications need to become more and more secure to prevent attackers from exploiting any vulnerabilities so the user’s credentials can be kept safe. As some vulnerabilities are not as widely known as they should be, although they are rather common, this article deals with one of these vulnerabilities called Cross-Site Request Forgery(CSRF). It works through injecting HTML or similar code with malicious code and exploits the vulnerabilities based on the website trusting in the user’s requests. This article shows how such an attack can be performed on an unsecure webpage using Burpsuite. | |||
==Step-by-Step Practical CSRF example using Burpsuite== | |||
== Required Software == | |||
Revision as of 13:43, 31 January 2020
Introdutcion
As the internet is used nowadays for fields like e-commerce, finance and healthcare, web applications need to become more and more secure to prevent attackers from exploiting any vulnerabilities so the user’s credentials can be kept safe. As some vulnerabilities are not as widely known as they should be, although they are rather common, this article deals with one of these vulnerabilities called Cross-Site Request Forgery(CSRF). It works through injecting HTML or similar code with malicious code and exploits the vulnerabilities based on the website trusting in the user’s requests. This article shows how such an attack can be performed on an unsecure webpage using Burpsuite.