Skip to content

🎉 Welcome! Enjoy your reading, and I hope you will learn something new.

N£utr0nys Notes Blog About

Archives
Glossary
Experiences
My CV

CTRL K

CTRL K

Notes
Blog
- FCSC 2026 - Crypto Write-Ups
- A new journey
About
More
More
About Me
Archives

Binary Exploitation
Cryptography
CTF Archives
Forensics
Hardware
OSINT
Reverse Engineering
Science
Steganography
System
Web Exploitation
More
About Me
Archives

On this page

Challenges
Resources

View this page on GitHub →

Web Exploitation

CSRF

Cross-site request forgery (CSRF)

Challenges

CSRF lab: No defenses
CSRF lab: Token validation depends on request method
CSRF lab: Token validation depends on token being present
CSRF lab: Token not tied to user session
CSRF lab: Token tied to non-session cookie
CSRF lab: Token duplicated in cookie
CSRF lab: SameSite Lax bypass via method override
CSRF lab: SameSite Strict bypass via client-side redirect
CSRF lab: SameSite Strict bypass via sibling domain
CSRF lab: SameSite Strict bypass via cookie refresh
CSRF lab: Referer validation depends on header being present
CSRF lab: Referer validation broken

Resources

PayloadsAllTheThings - Cross-Site Request Forgery
CSRF (Cross Site Request Forgery) - HackTricks
What is CSRF (Cross-site request forgery)? Tutorial & Examples

Last updated on May 12, 2026

CSPT File Inclusion

Powered by Hextra

© 2026 N£utr0nys