Robuta

This might be obvious to those most familiar with CSRF and Clickjacking, but for those just getting a handle on it, here’s a short explanation of a fundam

Step:1 Create Two Accounts On This URL: https://studio.sensay.io/sign-in Step:2 Log out of one account and capture the logout request in Burp Suite image.

In reading Yan Zhu’s excellent write-up of the JSON CSRF vulnerability she found in OkCupid one thing puzzled me: I was under the impression that browsers...

Modern web browsers and applications utilize a variety of security measures to protect against CSRF and XSS vulnerabilities, rendering their exploitation mor...

PWA Improvements Hot on the heels of the improvements announced earlier this week, we have another set of improvements to show you today, again, courtesy of...

Aug 27, 2025 - Cross-site request forgery (CSRF) attacks leverage social engineering principles to trick users into submitting malicious requests.

Learn how to identify and the ways to prevent Cross-Site Request Forgery Attacks from a system.

The PHP Package Repository

I’ve been studying web security again recently and decided to do a POC of CSRF (Sea Surf) (Cross Site Request Forgery). It’s been done/covered many

Laravel is a PHP web application framework with expressive, elegant syntax. We’ve already laid the foundation — freeing you to create without sweating the...

Cross-site request forgery (CSRF) is an attack that deceives users into executing unwanted actions on a web application in which they are authenticated. It is...

Wes and Scott explain cross-site request forgery (CSRF) and different ways to prevent it like cookies, tokens, and headers.

News and developments from the open source browser project