Загрузка...

Discover Juicy vulnerabilities using Burp Suite extensions - CSRF Scanner - Part 15 | Cyber Adam

Cross-site Request Forgery (CSRF) is an attack which forces an end user to execute unwanted actions on a web application to which he/she is currently authenticated. With a little help of social engineering (like sending a link via email / chat), an attacker may trick the users of a web application into executing actions of the attacker's choosing. A successful CSRF exploit can compromise end user data and may allow an attacker to perform an account hijack. If the targeted end user is the administrator account, this can compromise the entire web application.

Portswigger CSRF Lab links:
https://portswigger.net/web-security/csrf/lab-no-defenses
https://portswigger.net/web-security/csrf/bypassing-token-validation/lab-token-validation-depends-on-request-method
https://portswigger.net/web-security/csrf/bypassing-token-validation/lab-token-validation-depends-on-token-being-present

-----------------
CHAPTERS
0:00 Intro
1:05 What is CSRF ?
3:25 Simple CSRF Example similar to Real world
6:21 CSRF Attack Vectors
9:17 Vulnerable labs to practice CSRF Vulnerability
9:43 Demo Time
9:53 Configuring Upload scanner extension in Burp
12:04 CSRF Vulnerability with no defenses
17:17 CSRF Where token validation depends on request method
21:48 CSRF Where token validation depends on Token being present
26:42 CSRF Mitigation
-----------------

Видео Discover Juicy vulnerabilities using Burp Suite extensions - CSRF Scanner - Part 15 | Cyber Adam канала Cyber Adam
Комментарии отсутствуют
Зарегистрируйтесь или войдите с
Информация о видео
3 августа 2024 г. 17:42:41
00:30:58
Cyber Adam
Правообладателям
Жалоба на материал Недопустимый материал Нарушение авторских прав
Комментарии
Поделиться
Другие видео канала

🔐 Command Injection | Web Fundamentals 📖 | TryHackMe Walkthrough in Tamil 🚀 | Cyber Adam 👨‍💻🔐 Command Injection | Web Fundamentals 📖 | TryHackMe Walkthrough in Tamil 🚀 | Cyber Adam 👨‍💻

Discover Juicy Vulnerabilities Using BurpSuite Extensions - Additional CORS Checks - Part 4Discover Juicy Vulnerabilities Using BurpSuite Extensions - Additional CORS Checks - Part 4

Discover Juicy Vulnerabilities Using BurpSuite Extensions - Retire.js, Software Vuln scan - Part 5Discover Juicy Vulnerabilities Using BurpSuite Extensions - Retire.js, Software Vuln scan - Part 5

Still Confused About a Cybersecurity Career in 2026? 🤔🛡️Still Confused About a Cybersecurity Career in 2026? 🤔🛡️

OWASP API Security Top 10 - Part 2 - Tamil | Cyber Adam | TryHackMe 🔐OWASP API Security Top 10 - Part 2 - Tamil | Cyber Adam | TryHackMe 🔐

💉SSTI Injection | TryHackMe Walkthrough in Tamil 🚀 | Cyber Adam 👨‍💻🛡️💉SSTI Injection | TryHackMe Walkthrough in Tamil 🚀 | Cyber Adam 👨‍💻🛡️

Erlang/OTP SSH: CVE-2025-32433 in Tamil | TryHackMe Walkthrough | Cyber AdamErlang/OTP SSH: CVE-2025-32433 in Tamil | TryHackMe Walkthrough | Cyber Adam

Cybersecurity Masterclass - Ep#1 🔐 | Intro to Cyber Defense in the AI Agentic World | Cyber AdamCybersecurity Masterclass - Ep#1 🔐 | Intro to Cyber Defense in the AI Agentic World | Cyber Adam

💉 XXE Injection | TryHackMe Walkthrough in Tamil 🚀 | Cyber Adam 👨‍💻🛡️💉 XXE Injection | TryHackMe Walkthrough in Tamil 🚀 | Cyber Adam 👨‍💻🛡️

Session Management | Web App Pentesting in Tamil🔍 | TryHackMe Walkthrough 💻🔓 | Cyber Adam 👨‍💻Session Management | Web App Pentesting in Tamil🔍 | TryHackMe Walkthrough 💻🔓 | Cyber Adam 👨‍💻

The Dark Side of Multi-Factor Authentication Security 🔥 | TryHackMe Walkthrough 💻🔓 | Cyber Adam 👨‍💻The Dark Side of Multi-Factor Authentication Security 🔥 | TryHackMe Walkthrough 💻🔓 | Cyber Adam 👨‍💻

🚨 Chaining Vulnerabilities in LLM APIs | PortSwigger Labs | Tamil | Cyber Adam ⚡🚨 Chaining Vulnerabilities in LLM APIs | PortSwigger Labs | Tamil | Cyber Adam ⚡

Linux Fundamentals Part -1 | Presecurity Learning Path - Tryhackme | Cyber Adam | TamilLinux Fundamentals Part -1 | Presecurity Learning Path - Tryhackme | Cyber Adam | Tamil

This Linux Bug Shouldn’t Exist 😳 | CVE-2026-31431 Copy-Fail Explained | Cyber AdamThis Linux Bug Shouldn’t Exist 😳 | CVE-2026-31431 Copy-Fail Explained | Cyber Adam

How to Know If Your Account Is Breached ? 😱 #cybersecurity #cyberawareness #infosecHow to Know If Your Account Is Breached ? 😱 #cybersecurity #cyberawareness #infosec

🔍 Lookup 🌐TryHackMe Walkthrough in Tamil | 👩‍💻Cyber Adam | 💻Ethical Hacking🔍 Lookup 🌐TryHackMe Walkthrough in Tamil | 👩‍💻Cyber Adam | 💻Ethical Hacking

Packets and Frames | Presecurity Learning Path - Tryhackme | Cyber Adam | TamilPackets and Frames | Presecurity Learning Path - Tryhackme | Cyber Adam | Tamil

Putting it all together | Presecurity Learning Path - Tryhackme | Cyber Adam | TamilPutting it all together | Presecurity Learning Path - Tryhackme | Cyber Adam | Tamil

Stop Misconfigurations! 🔥 OS & Network Hardening Explained in Tamil | Cyber Adam 🤖Stop Misconfigurations! 🔥 OS & Network Hardening Explained in Tamil | Cyber Adam 🤖

🏢 Steel Mountain 🌐 TryHackMe Walkthrough in Tamil | 👨‍💻 Cyber Adam | 💻 Ethical Hacking🏢 Steel Mountain 🌐 TryHackMe Walkthrough in Tamil | 👨‍💻 Cyber Adam | 💻 Ethical Hacking

Яндекс.Метрика
© 2008-2026 «Информационно-развлекательный портал города Верхняя Салда»
salda.ws@mail.ru salda_ws Контакты Карта портала Сообщить об ошибке Соглашения Пользовательское соглашение Соглашение о конфиденциальности Согласие на обработку персональных данных Информация для правообладателей Об использовании Cookies
Все заметки Новая заметка Страницу в заметки
Страницу в закладки Мои закладки
На информационно-развлекательном портале SALDA.WS применяются cookie-файлы. Нажимая кнопку Принять, вы подтверждаете свое согласие на их использование.
О CookiesНапомнить позжеПринять