Explore >> Select a destination
|
You are here 
|
introvertmac.wordpress.com | ||
| | | | |
mathieu.fenniak.net
|
|
| | | | | Cross-site request forgery (CSRF) is a type of security exploit where a user's web browser is tricked by a third-party site into performing actions on websites that the user is logged into. It is often a difficult attack to pull off, as it requires a number of factors to line up at once. Protecting against it requires good discipline and good design practices, especially when it comes to protecting Web APIs. Here's a brief example of a fictitious CSRF attack against a bank: | |
| | | | |
www.sjoerdlangkemper.nl
|
|
| | | | | IceHRM is an open source human resource management system. Its functionality to change the user's password is vulnerable to CSRF. | |
| | | | |
talesfromtheencrypt.home.blog
|
|
| | | | | https://www.alteredsecurity.com/azureadlab Having been a pentester for over a year and worked my way through a few infrastructure courses, mobile courses and web app videos as well as what I'd learnt on-the-job, I realised Azure was probably my main knowledge gap. Having already done the CRTP from Altered Security in 2022, the obvious choice was their... | |
| | | | |
escape.tech
|
|
| | | Cross-Site Scripting (XSS) happens when attackers send malicious scripts via web apps to end users. Learn how to remediate it in GraphQL apps. | ||
