CSRF Scanner v1.0 Released
CSRFScan is a tool designed to find CSRF security flaws on forms. The tool uses a static analysis of pages to determine if the form is protected or not. It is written in Python and published under GPL v3.
This tool analyse only forms present in an authenticated session, so it needs authenticated cookies to perform the analysis.
usage: main.py [-h] [-R] [-t TIMEOUT] [--user-agent USER_AGENT]
[--referer REFERER] [--auth-type {ntlm,digest,basic}]
[--auth-cred username:password]
url cookies
== [Utilisation]
positional arguments:
url
cookies
optional arguments:
-h, –help show this help message and exit
-R, –recursive
-t TIMEOUT, –timeout TIMEOUT
HTTP headers:
–user-agent USER_AGENT
–referer REFERER
HTTP authentication:
–auth-type {ntlm,digest,basic}
Requires –auth-creds
–auth-cred username:password
Requires –auth-type
Download CSRF Scanner v1.0
