CSRFScanner

出自sebug security vulnerability(SSV) DB
跳转到: 导航, 搜索

CSRFSCanner is a tool designed to identify the forms potentially vulnerable to CSRF/XSRF on a website.

This detection is made on forms that are only accessible by logged-in users (cookies are needed to find these forms).

The methodology used to identify these forms is the 4-pass reverse diff analysis.


Then, in order to determine if a form may be vulnerable, the tool analyzes hidden and password fields to find an anti-CSRF token.


References

个人工具
名字空间
变换
导航
工具箱