Cross-Site Request Forgery (CSRF) What is CSRF? Cross-Site Request Forgery (CSRF) is a type of attack that forces a logged-in user to perform unwanted actions on a web application. The attacker tricks the user into submitting a malicious request to the web application, which the application then executes as if it were coming from the legitimate user. How does CSRF work? There are two main ways that CSRF attacks can be carried out: ...
CSRF Tokens: A Comprehensive Guide for Security Professionals Introduction Cross-Site Request Forgery (CSRF) is a malicious attack that tricks a user’s browser into performing unintended actions on a trusted website where the user is logged in. This can lead to unauthorized data access, financial losses, and other serious consequences. How CSRF Attacks Work: Victim logs in: The victim logs into a trusted website (e.g., a bank) and their browser stores a session cookie. Attacker creates a malicious link or form: The attacker creates a link or form on a different website (e.g., a website they control or a compromised ad). Victim visits the attacker’s site: The victim is tricked into visiting the attacker’s website or clicking on the malicious link. Victim’s browser sends the cookie: When the victim interacts with the attacker’s website (e.g., clicking a link or submitting a form), their browser unknowingly sends the session cookie for the trusted website along with the request. Attacker leverages the cookie: The attacker’s website receives the victim’s session cookie and includes it in a request to the trusted website. Since the website sees a valid cookie, it assumes the request is coming from the legitimate user and performs the action embedded in the attacker’s request. What is a CSRF Token? ...