View Issue Details

IDProjectCategoryView StatusLast Update
0005418Kali Linux[All Projects] Queued Tool Additionpublic2019-11-03 16:28
Reporter0xInfection Assigned To 
PrioritynormalSeverityfeatureReproducibilityalways
Status assignedResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0005418: XSRFProbe: The Prime CSRF Audit and Exploitation Tool
DescriptionName: XSRFProbe
Version: v2
Homepage: https://github.com/0xInfection/XSRFProbe
Author: Infected Drake <0xInfection>
Description: XSRFProbe is an advanced Cross Site Request Forgery (CSRF/XSRF) Audit and Exploitation Toolkit. Equipped with a Powerful Crawling Engine and Numerous Systematic Checks, it is now able to detect most cases of CSRF vulnerabilities, their related bypasses and futher generate (maliciously) exploitable proof of concepts with each found vulnerability.
Detailed Wiki: https://github.com/0xInfection/XSRFProbe/wiki
Steps To ReproduceUsage:
python3 xsrfprobe.py [-h] [-u URL] [-c COOKIE] [-o OUTPUT] [-d DELAY]
                            [-q] [-v] [--user-agent USER_AGENT]
                            [--headers HEADERS] [--exclude EXCLUDE]
                            [--timeout TIMEOUT] [--max-chars MAXCHARS]
                            [--crawl] [--no-analysis] [--malicious]
                            [--skip-poc] [--display] [--update]
                            [--random-agent] [--version]

More details:
- https://github.com/0xInfection/XSRFProbe/wiki/General-Usage
- https://github.com/0xInfection/XSRFProbe/wiki/Advanced-Usage

Testbeds:
https://github.com/0xInfection/XSRFProbe/wiki/FAQs#how-do-i-know-if-this-tool-actually-works-where-can-i-test-it
Additional InformationThis is the one and only complete CSRF audit and exploitation toolkit available on GitHub.

Activities

0xInfection

2019-04-30 03:19

reporter  

g0tmi1k

2019-10-28 13:29

administrator   ~0011237

Please could we package this

0xInfection

2019-10-28 15:07

reporter   ~0011254

Hi @g0tm1lk, thank you so much. I'm on the process of packaging it properly.

0xInfection

2019-10-30 17:17

reporter   ~0011266

Hi @g0tmi1k, I made a new release v2.1 and packaged XSRFProbe up in the same release. Now XSRFProbe can be installed via pip too.

Source Code as Package: https://github.com/0xInfection/XSRFProbe/tree/master
New Release: https://github.com/0xInfection/XSRFProbe/releases/tag/v2.1.0
On Pypi: https://pypi.org/project/xsrfprobe/2.1.0/

Is there anything else you require from me?

0xInfection

2019-11-03 12:41

reporter   ~0011273

Hi @g0tmi1k, a new release for xsrfprobe is out fixing a minor bug within the cookie handling feature.

Version: 2.1.1
Download: https://github.com/0xInfection/XSRFProbe/releases/tag/v2.1.1
On Pypi: https://pypi.org/project/xsrfprobe/2.1.1/

Issue History

Date Modified Username Field Change
2019-04-30 03:19 0xInfection New Issue
2019-04-30 03:19 0xInfection File Added: 68747470733a2f2f692e696d6775722e636f6d2f785472665753742e676966.gif
2019-10-28 13:29 g0tmi1k Note Added: 0011237
2019-10-28 13:29 g0tmi1k Category New Tool Requests => Queued Tool Addition
2019-10-28 13:29 g0tmi1k Description Updated View Revisions
2019-10-28 13:29 g0tmi1k Steps to Reproduce Updated View Revisions
2019-10-28 15:07 0xInfection Note Added: 0011254
2019-10-28 16:01 g0tmi1k Status new => assigned
2019-10-30 17:17 0xInfection Note Added: 0011266
2019-11-03 12:41 0xInfection Note Added: 0011273