CSRFT – Cross Site Request Forgeries (Exploitation) Toolkit

Posted by deepquest on January 27, 2017 – 9:42 am

This project has been developed to exploit CSRF Web vulnerabilities and provide you a quick and easy exploitation toolkit. In few words, this is a simple HTTP Server in NodeJS that will communicate with the clients (victims) and send them payload that will be executed using JavaScript.

This has been developed entirely in NodeJS, and configuration files are in JSON format.
*However, there’s a tool in Python in utils folder that you can use to automate CSRF exploitation. *

This project allows you to perform PoC (Proof Of Concepts) really easily. Let’s see how to get/use it.

First, clone it :

$ git clone git@github.com:PaulSec/CSRFT.git

To make this project work, get the latest Node.js version here. Go in the directory and install all the dependencies:

npm install

Then, launch the server.js :

$ node server.js

Usage will be displayed :

Usage : node server.js <file.json> <port : default 8080>

Download CSRFT

Tags: CSRF
This post is under “tools” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« http://maelaolocal.go.th/by.htm TM RG4332 2.7.0 Arbitrary File Disclosure »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

CSRFT – Cross Site Request Forgeries (Exploitation) Toolkit

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL