In this chapter, we will look into every aspect of Cross-site Request Forgery (CSRF), as it is regarded as one of the top ten security vulnerabilities in any web application. CSRF is a very common attack; it tricks the victim into submitting a malicious request; after that, the attacker inherits all the identity and privileges of the victim, allowing the attacker to perform illegal actions on the victim’s behalf.
In this chapter, we will not only learn about CSRF, but also we will test a few types of CSRF attacks on some intentionally vulnerable web applications to ...