A somewhat curated list of links to various topics in application security.
| Link | Excerpt | Word Count |
|---|---|---|
| How can I make Sinatra use CSRF Authenticity tokens? | I'm building a simple app in ruby using the Sinatra framework. It's mainly "get" based - most requests will be for listing data. However there are a couple of key screens in the app that will collect user input. | 702 |
| WordPress Front End Security: CSRF and Nonces | DigitalOcean provides cloud products for every stage of your journey. Get started with $200 in free credit! In our last article, we covered Cross-Site Scripting (XSS) and the functions WordPress provides to prevent XSS attacks. | 1196 |
| https://hethical.io/paypal-bug-bounty-updating-the-paypal-me-profile-picture-without-consent-csrf-attack/ | 0 | |
| How does CSRF work without state parameter in OAuth2.0? | I can understand step 1 to step 4. But from step 5 I got some confusion. | 744 |
| Cross-Site Request Forgery is dead! | After toiling with Cross-Site Request Forgery on the web for, well forever really, we finally have a proper solution. No technical burden on the site owner, no difficult implementation, it's trivially simple to deploy, it's Same-Site Cookies. | 1916 |
| Using CORS policies to implement CSRF protection | This post is a follow-on to our CORS post back in December. We'll describe how traditional CORS policies aren't sufficient defense against cross-site request forgery (CSRF) attacks, and unveil a new Node module that layers CSRF protection on top of such policies, cors-gate. | 1556 |
| Should login and logout action have CSRF protection? | Stack Exchange network consists of 183 Q&A communities including Stack Overflow, the largest, most trusted online community for developers to learn, share their knowledge, and build their careers. | 1225 |
| A Deep Dive into CSRF Protection in Rails | If you’re using Rails today, chances are you’re using CSRF protection. It’s been there almost since the beginning, and it’s one of those features in Rails that makes your life easier without needing to give it a second thought. | 1446 |
| Technical Assurance & Testing | Tesserent Assurance is a large team of local offensive cybersecurity experts. We'll assess your network, systems, applications and people for technical vulnerabilities. | 22 |
| Leaking Amazon.com CSRF Tokens Using Service Worker API | Hello all, I have some free time today, so I will tell you about my finding at Amazon that could lead to a complete account takeover. I was working on a private bug bounty program when I found something interesting. | 1009 |
| Wiping Out CSRF | It’s 2017 and there shouldn’t be much more to say about Cross-Site Request Forgery (CSRF) that hasn’t already been said. It’s a vulnerability that has been known for years with well-documented and proven solutions that have been implemented in popular web development frameworks. | 5005 |
| 0ang3el/EasyCSRF | EasyCSRF helps to find weak CSRF-protection in WebApp which can be easily bypassed. For example, content type based protection for API (Rest API, GraphQL API, etc) or CSRF-protection based on obscure data format (binary format, etc) are known to be weak. | 462 |
| Facebook GraphQL CSRF | There was a “CSRF” styled query in business.instagram.com that can allow GraphQL calls to be made. The discovery of the bug in View the Assigned Roles and Emails of an Instagram Account started at business.instagram.com/login with an authorization screen. | 841 |
| Steal CSRF/Auth/Unique key Header with XSS | In fig: 1 You can see that there is a CSRF-token header presence in the website. Now we are going to steal it. Okay below is the code which steals the token header and send it to the attacker’s server. | 334 |
| https://medium.com/@malcomvetter/in-praise-of-csrf-tokens-9ff556ac2ea0 | 0 | |
| Self-XSS + CSRF to Stored XSS | Hola, this is Renwa from Kurdistan i’m glad to write my first write-up about infosec and Bugbounties. | 294 |
| https://link.medium.com/shlRmNoW0U | 0 | |
| https://link.medium.com/KEV3enHoLW | 0 | |
| https://m0z.co/Exploiting-Post-Based-CSRF/ | 0 | |
| Web Security Academy | In this section, we'll explain what cross-site request forgery is, describe some examples of common CSRF vulnerabilities, and explain how to prevent CSRF attacks. | 1300 |
| Multiple Vulnerability Led To Account Takeover | I recently participated in a private Bugcrowd program with four user roles: Admin, H-User, L-User, and Guest. As part of my testing approach, I started by logging in with the admin account to explore the application’s functionalities. | 688 |
| https://link.medium.com/d496ONHsdZ | 0 | |
| https://link.medium.com/FPn7EsRFvZ | 0 | |
| https://link.medium.com/eRtuh4nQVZ | 0 | |
| https://link.medium.com/fsUnTVniS0 | 0 | |
| Bypass SameSite Cookies Default to Lax and get CSRF | SameSite Cookies the new cookie attribute that everyone is talking about, it can be used to prevent SOP bypasses and CSRF attacks. but first let's look what is it actually. | 1005 |
| Samesite by Default and What It Means for Bug Bounty Hunters | You have probably heard of the SameSite attribute addition to HTTP cookies since Chrome 51 (and a specification thereafter). It was advertised as a CSRF killer. This attribute is going to be set by default for all cookies in Chrome 80 (February 4, 2020). | 784 |
| Avoiding CSRF Attacks with API Design | Cross-site request forgery (CSRF) attacks are a type of attack where a website you don’t control tries to send commands to your website, using your customer’s cookies. | 2697 |
| devanshbatham/Vulnerabilities-Unmasked | This repo tries to explain complex security vulnerabilities in simple terms that even a five-year-old can understand! Disclaimer: The analogies provided in this conversation are generated by a Language Model (LLM) using prompt engineering techniques. | 3112 |