Skip to Main Content
Web Penetration Testing with Kali Linux 2.0, Second Edition
book

Web Penetration Testing with Kali Linux 2.0, Second Edition

by Juned Ahmed Ansari
November 2015
Intermediate to advanced content levelIntermediate to advanced
312 pages
7h 18m
English
Packt Publishing
Content preview from Web Penetration Testing with Kali Linux 2.0, Second Edition

Cross-site request forgery

Cross-site request forgery (CSRF) is often confused as a vulnerability that is similar to XSS. XSS exploits the trust a user has for a particular site, which makes the user execute any data supplied by the website. On the other hand, CSRF exploits the trust that a site has in a user's browser, which makes the website execute any request coming from an authenticated session without verifying if the user wanted to perform the action.

In a CSRF attack, the attacker makes use of the fact that the user is already authenticated to the application and anything the client sends will be regarded by the server as legitimate action.

CSRF can exploit every web application function that requires a single request within an authenticated ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Web Penetration Testing with Kali Linux

Web Penetration Testing with Kali Linux

Joseph Muniz, Aamir Lakhani
Hands-On AWS Penetration Testing with Kali Linux

Hands-On AWS Penetration Testing with Kali Linux

Karl Gilbert Gupta, Benjamin Caudill

Publisher Resources

ISBN: 9781783988525