View Issue Details

IDProjectCategoryView StatusLast Update
0005418Kali Linux[All Projects] Queued Tool Additionpublic2020-12-01 11:14
Reporter0xInfection Assigned To 
Status acknowledgedResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0005418: XSRFProbe - The Prime CSRF Audit and Exploitation Tool
DescriptionName: XSRFProbe
Version: v2
Author: Infected Drake <0xInfection>
Description: XSRFProbe is an advanced Cross Site Request Forgery (CSRF/XSRF) Audit and Exploitation Toolkit. Equipped with a Powerful Crawling Engine and Numerous Systematic Checks, it is now able to detect most cases of CSRF vulnerabilities, their related bypasses and futher generate (maliciously) exploitable proof of concepts with each found vulnerability.
Detailed Wiki:
Steps To ReproduceUsage:
python3 [-h] [-u URL] [-c COOKIE] [-o OUTPUT] [-d DELAY]
                            [-q] [-v] [--user-agent USER_AGENT]
                            [--headers HEADERS] [--exclude EXCLUDE]
                            [--timeout TIMEOUT] [--max-chars MAXCHARS]
                            [--crawl] [--no-analysis] [--malicious]
                            [--skip-poc] [--display] [--update]
                            [--random-agent] [--version]

More details:

Additional InformationThis is the one and only complete CSRF audit and exploitation toolkit available on GitHub.



2019-04-30 03:19



2019-10-28 13:29

administrator   ~0011237

Last edited: 2020-01-06 13:16

View 2 revisions

@kali-team, please could this be packaged up.
@author, If you want to help the packaging process, you can check the documentation here ~


2019-10-28 15:07

reporter   ~0011254

Hi @g0tm1lk, thank you so much. I'm on the process of packaging it properly.


2019-10-30 17:17

reporter   ~0011266

Hi @g0tmi1k, I made a new release v2.1 and packaged XSRFProbe up in the same release. Now XSRFProbe can be installed via pip too.

Source Code as Package:
New Release:
On Pypi:

Is there anything else you require from me?


2019-11-03 12:41

reporter   ~0011273

Hi @g0tmi1k, a new release for xsrfprobe is out fixing a minor bug within the cookie handling feature.

Version: 2.1.1
On Pypi:


2019-12-23 09:00

reporter   ~0011757

Hi @g0tmi1k, a new release has been made with improved SSL certificate handling and other features.

Version: v2.2.0


2020-02-05 15:02

reporter   ~0012024

New release fixing some bugs and optimised scanning is up.

- Version: 2.3.1
- GitHub:
- Pypi:

Issue History

Date Modified Username Field Change
2019-04-30 03:19 0xInfection New Issue
2019-04-30 03:19 0xInfection File Added: 68747470733a2f2f692e696d6775722e636f6d2f785472665753742e676966.gif
2019-10-28 13:29 g0tmi1k Note Added: 0011237
2019-10-28 13:29 g0tmi1k Category New Tool Requests => Queued Tool Addition
2019-10-28 13:29 g0tmi1k Description Updated View Revisions
2019-10-28 13:29 g0tmi1k Steps to Reproduce Updated View Revisions
2019-10-28 15:07 0xInfection Note Added: 0011254
2019-10-28 16:01 g0tmi1k Status new => assigned
2019-10-30 17:17 0xInfection Note Added: 0011266
2019-11-03 12:41 0xInfection Note Added: 0011273
2019-12-23 09:00 0xInfection Note Added: 0011757
2020-01-06 13:07 g0tmi1k Status assigned => acknowledged
2020-01-06 13:16 g0tmi1k Note Edited: 0011237 View Revisions
2020-02-05 15:02 0xInfection Note Added: 0012024
2020-06-17 14:57 g0tmi1k Severity feature => minor
2020-12-01 11:14 g0tmi1k Summary XSRFProbe: The Prime CSRF Audit and Exploitation Tool => XSRFProbe - The Prime CSRF Audit and Exploitation Tool