How To Circumvent CSRF Protection!

👩‍🎓👨‍🎓 Learn how to circumvent cross-site request forgery (CSRF) protection controls. We are going to have a look at a very common protection mechanism, learn about the implementation, and finally see how to bypass it.

Overview:
00:00 Intro
00:17 Lab overview
01:09 Analyse the request
02:30 Where is a CSRF token coming from?
03:20 Exploit the victim
04:29 Solving the lab
06:12 Conclusion

For more information, check out https://blog.intigriti.com/hackademy/cross-site-request-forgery-csrf.

🔗 Portswigger CSRF Challenge: https://portswigger.net/web-security/csrf/lab-token-not-tied-to-user-session
---

🧑‍💻 Sign up and start hacking right now - https://go.intigriti.com/register

👾 Join our Discord - https://go.intigriti.com/discord

🎙️ This show is hosted by https://twitter.com/PascalSec (@Hacksplained) & https://twitter.com/intigriti

👕 Do you want some Intigriti Swag? Check out https://swag.intigriti.com/

hackademyacademicenablment