Subscribe via feed.

CSRFT – Cross Site Request Forgeries (Exploitation) Toolkit

Posted by deepquest on January 27, 2017 – 9:42 am

This project has been developed to exploit CSRF Web vulnerabilities and provide you a quick and easy exploitation toolkit. In few words, this is a simple HTTP Server in NodeJS that will communicate with the clients (victims) and send them payload that will be executed using JavaScript.

This has been developed entirely in NodeJS, and configuration files are in JSON format.
*However, there’s a tool in Python inĀ utilsĀ folder that you can use to automate CSRF exploitation. *

This project allows you to perform PoC (Proof Of Concepts) really easily. Let’s see how to get/use it.

First, clone it :

$ git clone git@github.com:PaulSec/CSRFT.git

To make this project work, get the latest Node.js versionĀ here. Go in the directory and install all the dependencies:

npm install

Then, launch the server.js :

$ node server.js

Usage will be displayed :

Usage : node server.js <file.json> <port : default 8080>

Download CSRFT
Tags:
This post is under ā€œtoolsā€ and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.