Cross-Site Request Forgery (CSRF) | Complete Guide

In this video, we cover the theory behind Cross-Site Request Forgery (CSRF) vulnerabilities, how to find these types of vulnerabilities from both a white box and black box perspective, how to exploit them and how to prevent them. ▬ 🌟 Video Sponsor 🌟 ▬▬▬▬▬▬▬▬▬▬ Sign up to Intigriti: https://go.intigriti.com/ranakhalil (affiliate link) ▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬ Buy my course: https://academy.ranakhalil.com/p/web-security-academy-video-series ▬ 📖 Contents of this video 📖 ▬▬▬▬▬▬▬▬▬▬ 00:00 - Introduction 00:29 - Intigriti sponsorship (https://go.intigriti.com/ranakhalil) 01:24 - Agenda 02:12 – What is a CSRF vulnerability? 19:14 – How to find CSRF vulnerabilities? 26:07 – How to exploit CSRF vulnerabilities? 32:50 – How to prevent CSRF vulnerabilities? 47:15 – Resources 47:57 - Thank You ▬ 🔗 Links 🔗 ▬▬▬▬▬▬▬▬▬▬ Video slides: https://github.com/rkhal101/Web-Security-Academy-Series/blob/main/csrf/theory/CSRF%20Complete%20Guide%20Theory%20Video%20Slides.pdf Web Security Academy: https://portswigger.net/web-security/csrf OWASP – CSRF: https://owasp.org/www-community/attacks/csrf OWASP – CSRF Prevention Cheat Sheet: https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html Rana's Twitter account: https://twitter.com/rana__khalil Hacker Icon made by Freepik: https://www.freepik.com