Projects in Awesome Lists tagged with csrf
A curated list of projects in awesome lists tagged with csrf .
https://github.com/nextauthjs/next-auth
Authentication for the Web.
auth authentication csrf jwt nextauth nextjs nodejs nuxt nuxt-auth oauth oauth2 oidc react remix-auth solid-auth solidjs sveltekit web
Last synced: 14 Apr 2026
https://github.com/hacker0x01/hacker101
Source code for Hacker101.com - a free online web and mobile security class.
clickjacking csrf education hacker101 hackerone hacking mobile-security security session-fixation sql-injection unchecked-redirects vulnerability web-security xss
Last synced: 08 Feb 2026
https://github.com/Hacker0x01/hacker101
Source code for Hacker101.com - a free online web and mobile security class.
clickjacking csrf education hacker101 hackerone hacking mobile-security security session-fixation sql-injection unchecked-redirects vulnerability web-security xss
Last synced: 13 Mar 2025
https://github.com/mr-xn/penetration_testing_poc
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
authentication-bypass bypass cobalt-strike csrf csrf-webshell cve cve-cms exploit getshell oa-getshell penetration-testing penetration-testing-poc php-bypass poc poc-exp rce sql-getshell sql-poc thinkphp
Last synced: 27 Jan 2026
https://github.com/Mr-xn/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
authentication-bypass bypass cobalt-strike csrf csrf-webshell cve cve-cms exploit getshell oa-getshell penetration-testing penetration-testing-poc php-bypass poc poc-exp rce sql-getshell sql-poc thinkphp
Last synced: 13 Mar 2025
https://github.com/expressjs/csurf
CSRF token middleware
csrf expressjs javascript middleware nodejs
Last synced: 05 Oct 2025
https://github.com/evilcos/xssor2
XSS'OR - Hack with JavaScript.
csrf encoding hack hacking-tool pentest pentest-tool probe xss
Last synced: 14 Jun 2025
https://github.com/1n3/blackwidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
active application automated bugbounty csrf fuzzer lfi osint owasp passive python rce rfi scan scanner spider sqli vulnerability web xss
Last synced: 13 Apr 2025
https://github.com/1N3/BlackWidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
active application automated bugbounty csrf fuzzer lfi osint owasp passive python rce rfi scan scanner spider sqli vulnerability web xss
Last synced: 30 Mar 2025
https://github.com/0xinfection/xsrfprobe
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
audit crafted-tokens crawler csrf csrf-attacks csrf-poc csrf-scanner csrf-tokens spider token-generation xsrf
Last synced: 13 May 2025
https://github.com/0xInfection/XSRFProbe
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
audit crafted-tokens crawler csrf csrf-attacks csrf-poc csrf-scanner csrf-tokens spider token-generation xsrf
Last synced: 24 Mar 2025
https://github.com/gorilla/csrf
Package gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services 🔒
csrf csrf-protection csrf-tokens go golang gorilla gorilla-web-toolkit middleware security xsrf
Last synced: 13 May 2025
https://github.com/Gorilla/csrf
Package gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services 🔒
csrf csrf-protection csrf-tokens go golang gorilla gorilla-web-toolkit middleware security xsrf
Last synced: 12 Mar 2025
https://github.com/baroshem/nuxt-security
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss
Last synced: 17 Jan 2026
https://github.com/Baroshem/nuxt-security
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss
Last synced: 09 May 2025
https://github.com/baroshem/security
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss
Last synced: 01 Mar 2025
https://github.com/softwaremill/akka-http-session
Web & mobile client-side akka-http sessions, with optional JWT support
akka akka-http csrf java scala session session-cookie session-management
Last synced: 04 Apr 2025
https://github.com/tangxiaofeng7/SecExample
JAVA 漏洞靶场 (Vulnerability Environment For Java)
cors csrf docker fastjson java rce springboot sqlinjection ssrf vulnerability xss-vulnerability
Last synced: 11 Jul 2025
https://github.com/lydiahallie/advanced-web-dev-quiz
🔥 Repo related to my FrontendMasters course. An Advanced Web Dev Quiz that covers a wide range of the things web devs get to deal with on a daily basis.
csrf css html javascript performance rendering security web xss
Last synced: 06 Apr 2025
https://github.com/pillarjs/csrf
Logic behind CSRF token creation and verification.
Last synced: 15 May 2025
https://github.com/oktadev/okta-spring-boot-react-crud-example
Simple CRUD with React and Spring Boot 3
authentication crud csrf csrf-protection jpa oidc reactjs spring-boot
Last synced: 05 Apr 2025
https://github.com/dschadow/JavaSecurity
Java web and command line applications demonstrating various security topics
appsec cryptography csp csrf esapi google-tink java java-security java-web owasp security security-topics spring spring-boot spring-security xss
Last synced: 09 Aug 2025
https://github.com/mebjas/csrf-protector-php
CSRF Protector library: standalone library for CSRF mitigation
csrf csrf-protector owasp php security standalone-library
Last synced: 16 May 2025
https://github.com/auraphp/aura.session
Tools for managing sessions, including session segments and read-once messages
aura csrf flash php session session-segment
Last synced: 25 Feb 2026
https://github.com/eazybytes/spring-security
Spring Security Zero to Master along with JWT, OAUTH2 - Code Examples
authentication authorization cors csrf keycloak method-level-security openid-connect spring-authorization-server spring-boot spring-security spring-security-jwt spring-security-oauth2
Last synced: 25 Jun 2025
https://github.com/skiptomyliu/solutions-bwapp
In progress rough solutions to bWAPP / bee-box
appsec bwapp csrf directory-traversal html-injection sql-injection xpath-injection xss
Last synced: 27 Feb 2026
https://github.com/tinyhttp/malibu
🏄 Framework-agnostic CSRF middleware for modern Node.js
csrf esm http middleware nodejs security session tinyhttp
Last synced: 07 Sep 2025
https://github.com/fastify/csrf-protection
A fastify csrf plugin
csrf csrf-protection fastify fastify-plugin
Last synced: 15 Jan 2026
https://github.com/fastify/fastify-csrf
A fastify csrf plugin
csrf csrf-protection fastify fastify-plugin
Last synced: 24 Apr 2025
https://github.com/dunglas/dunglasangularcsrfbundle
Automatic CSRF protection for JavaScript apps using a Symfony API
angular angularjs axios csrf csrf-attacks csrf-protection jquery php react symfony symfony-bundle vue xsrf
Last synced: 04 Oct 2025
https://github.com/dunglas/DunglasAngularCsrfBundle
Automatic CSRF protection for JavaScript apps using a Symfony API
angular angularjs axios csrf csrf-attacks csrf-protection jquery php react symfony symfony-bundle vue xsrf
Last synced: 14 Apr 2025
https://github.com/YasserGersy/cazador_unr
Hacking tools
automation bugbounty bugcrowd bughunting csrf directory-lister dns fuzzing hackerone hacking http information-gathering-tools owasp poc pocgenerator rce sqli subdomains tcp xss
Last synced: 11 Jul 2025
https://github.com/j0lvera/next-csrf
CSRF mitigation for Next.js
csrf csrf-protection next nextjs node security
Last synced: 17 Aug 2025
https://github.com/kevin-mizu/gmsgadget
This repository is a collection of JavaScript gadgets that can be used to bypass XSS mitigations such as Content Security Policy (CSP) and HTML sanitizers like DOMPurify.
bypass csp csrf gadgets html html-injection javascript pentesting sanitizer web xss
Last synced: 07 Apr 2026
https://github.com/damienbod/bff-aspnetcore-angular
Backend for frontend security using Angular Standalone (nx) and ASP.NET Core backend
angular aspnetcore azuread bff cookie csp csrf entra microsoftentraid microsoftidentity msal nx yarp
Last synced: 05 Apr 2025
https://github.com/rickwong/fetch-plus
🐕 Fetch API with middlewares
ajax csrf fetch fetch-plus http immutablejs isomorphic json nodejs promises rest user-agent xml
Last synced: 03 Apr 2025
https://github.com/RickWong/fetch-plus
🐕 Fetch API with middlewares
ajax csrf fetch fetch-plus http immutablejs isomorphic json nodejs promises rest user-agent xml
Last synced: 17 Jul 2025
https://github.com/doyensec/csptplayground
CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).
appsec-testing cspt csrf websec websecurity
Last synced: 14 Jun 2025
https://github.com/terjanq/flag-capture
Solutions and write-ups from security-based competitions also known as Capture The Flag competition
capture-the-flag competition csrf css-injection ctf sql-injection ssrf web xss-injection
Last synced: 16 Feb 2026
https://github.com/gilbitron/easycsrf
A simple, standalone CSRF protection library
Last synced: 06 Apr 2025
https://github.com/gilbitron/EasyCSRF
A simple, standalone CSRF protection library
Last synced: 14 Mar 2025
https://github.com/tkmru/lazyCSRF
A more useful CSRF PoC generator on Burp Suite
arsenal blackhat burp-extensions burp-plugin burpsuite csrf
Last synced: 11 Jul 2025
https://github.com/owasp/www-project-csrfguard
The aim of this project is to protect Java applications against CSRF attacks with the use of Synchronizer Tokens
csrf csrf-protection hacktoberfest java maven owasp security security-tools
Last synced: 15 May 2025
https://github.com/shahradelahi/next-csrf
[WIP] CSRF Protection for NextJs
csrf csrf-protection next nextjs
Last synced: 09 Apr 2025
https://github.com/frankie567/starlette-csrf
Starlette middleware implementing Double Submit Cookie technique to mitigate CSRF
asgi csrf fastapi fastapi-middleware starlette starlette-middleware
Last synced: 30 Oct 2025
https://github.com/zadewg/LIVEBOX-0DAY
CVE-2018-20377; 20575; 20576; 20577 Multiple security vulnerabilities affecting latest firmware release on ORANGE Livebox modems.
Last synced: 21 Jul 2025
https://github.com/bes2008/agileway
提供Java、Web、各种类库增强,尽量避免996 。目前已支持 feign, redis, datasource, shiro, httpclient, rest, codec, serialize, jersey, 多种ssh client 等
csrf feign fst hessian http-client kryo protostuff redis shiro spring xss
Last synced: 13 Apr 2025
https://github.com/dappur/framework
A stylish PHP application framework crafted using Slim, Twig, Eloquent and Sentinel designed to get you from clone to production in a matter of minutes.
2fa admin-dashboard blog blog-platform bootstrap bootstrap-admin cloudinary-api csrf database-migrations framework-php phinx php php-micro-framework sentinel seo seo-optimization slim slim-micro-framework twig
Last synced: 23 Jan 2026
https://github.com/askbuddie/vulnerabilities
List of every possible vulnerabilities in computer security.
csrf hacking hacktoberfest inclusion penetration-testing pentesting security sql-injection unintended-data-leakage vulnerabilities xss
Last synced: 05 Mar 2026
https://github.com/simonw/asgi-csrf
ASGI middleware for protecting against CSRF attacks
Last synced: 26 Mar 2025
https://github.com/nextras/secured-links
CSRF protection for Nette Framework presenters' signals.
csrf nette-component nextras php security
Last synced: 12 Apr 2025
https://github.com/twtrubiks/csrf-tutorial
Use Django To Introduce CSRF and Cookies , Session 📝
cookie csrf django double-cookie-submit session synchronizer-token-pattern
Last synced: 15 Apr 2025
https://github.com/twtrubiks/CSRF-tutorial
Use Django To Introduce CSRF and Cookies , Session 📝
cookie csrf django double-cookie-submit session synchronizer-token-pattern
Last synced: 19 Jul 2025
https://github.com/croz-ltd/nrich
Nrich is a Java library developed at CROZ whose purpose is to make development of applications on JVM a little easier.
croz csrf encryption jackson java jpa nrich query search security spring-boot spring-framework validation
Last synced: 07 Apr 2025
https://github.com/wukaipeng-dev/netsecurity
网络安全训练营全部资料,包括 Web 安全、网络安全、信息安全、系统防护、攻防渗透、云安全
csrf net-security sql-injection xss
Last synced: 23 Feb 2026
https://github.com/ivan-sincek/xss-catcher
Simple API for storing all incoming XSS requests and various XSS templates.
api blind-xss bug-bounty cors cross-origin-resource-sharing cross-site-request-forgery cross-site-scripting csrf ethical-hacking javascript offensive-security penetration-testing php red-team-engagement security web web-penetration-testing xss
Last synced: 09 Oct 2025
https://github.com/darkghosthunter/larapoke
Keep your forms alive, avoid TokenMismatchException by gently poking your Laravel app.
csrf csrf-protection form forms javascript laravel php token
Last synced: 29 Sep 2025
https://github.com/marcocesarato/php-aio-security
The objective of this class is offer an automatic system of protection for developers's projects and simplify some security operations as the check of CSRF or XSS all in a simple class. Infact you could just call the main method to have better security yet without too much complicated operations.
autocomplete class cleaning clickjacking compress cookies crypt csrf escape firewall hijacking htaccess injection php safety scanner security sql waf xss
Last synced: 21 Jun 2025
https://github.com/yuriisanin/CVE-2022-24342
PoC for CVE-2022-24342: account takeover via CSRF in GitHub authentication
csrf cve cve-2022-24342 exploit jetbrains teamcity vulnerability
Last synced: 10 Mar 2025
https://github.com/banujan6/csrf-handler
A simple CSRF Token protection library for PHP. I t will help you to generate the random unique token and validate it to prevent CSRF attack.
csr csrf csrf-prevention csrf-tokens hack pentesting php php-library security web-app
Last synced: 11 Jan 2026
https://github.com/darkalchemy/slim-auth
A Slim 4 Skeleton.
csrf i18n illuminate-database jobby phinx-migrations php php-di phpmailer psr-7 sentinel slim slim-flash slim-skeletons slim4 twig valitron webpack
Last synced: 14 Jan 2026
https://github.com/ayesh/statelesscsrf
Secret-key based state-less CSRF token generator and validator for PHP 7. State-less means you do not have to store the CSRF token in session or database.
csrf netsec php php7 security stateless token token-authetication
Last synced: 06 Nov 2025
https://github.com/wrvenkat/burp-multistep-csrf-poc
Burp extension to generate multi-step CSRF POC.
burp burp-extensions burpsuite csrf csrf-poc javascript jquery multistep-form xhr
Last synced: 19 Apr 2025
https://github.com/gnat/csrf-starlette-fastapi
Dead simple CSRF security middleware for Starlette ⭐ and FastAPI ⚡
async csrf fastapi htmx hyperscript python security starlette web
Last synced: 15 Apr 2025
https://github.com/yiisoft/csrf
PSR-15 middleware implementing CSRF protection
csrf hacktoberfest middleware psr-15 yii3
Last synced: 28 Apr 2025
https://github.com/Baroshem/next-security
🛡 Security plugin for Next.js based on OWASP and Helmet
basicauthentication cors csrf ddos headers helmet nextjs owasp rate-limiting security xss
Last synced: 30 Aug 2025
https://github.com/baroshem/next-security
🛡 Security plugin for Next.js based on OWASP and Helmet
basicauthentication cors csrf ddos headers helmet nextjs owasp rate-limiting security xss
Last synced: 29 Jun 2025
https://github.com/vzhou842/definitely-secure-bank
A definitely (read: not) secure online banking site. Built for demo purposes as an example of common security vulnerabilities / what NOT to do.
csrf csrf-attacks csrf-prevention demo security web-security
Last synced: 27 Mar 2025
https://github.com/gdgd009xcd/RequestRecorder
A ZAPROXY Add-on that allows testing of web application vulnerabilities by recording complex multi-step sequences. You can test applications that need to access pages in a specific order, such as shopping carts or registration of member information.
activescan addon authentication csrf multistep multistep-form security security-testing security-tools vulnerability-scanners web-security webcrawler websecurity zap-extension zaproxy
Last synced: 31 Oct 2025
https://github.com/andifalk/cloud-native-microservices-security
Cloud-Native Microservice Security Bootcamp
csrf java kubernetes microservice mtls owasp-top-10 security spring-boot spring-security tls webauthn
Last synced: 12 Apr 2025
https://github.com/bahmutov/csrf-login
Login from command line to the websites that use CSRF protection
csrf csrf-protection csrf-tokens
Last synced: 28 Sep 2025
https://github.com/rasoolsomji/django-security
Django is great! Here are some ways to make it safer
audit csrf cybersecurity django nginx owasp pentest python security vulnerabilities xss
Last synced: 14 Mar 2025
https://github.com/fastify/csrf
CSRF utilities for fastify
csrf csrf-protection fastify fastify-fork fastify-plugin
Last synced: 09 Apr 2025
https://github.com/4xyy/ai-vuln-scanner
An AI-powered web application vulnerability scanner that automates the detection of common security flaws and provides AI-driven insights for impact assessment and remediation suggestions.
ai automation csrf cybersecurity machine-learning penetration-testing python security-tools sql-injection ssrf vulnerability-scanning web-security xss
Last synced: 30 Apr 2025
https://github.com/voltra/slim-vue-app
A ready-to-start project (w/ demos) for applications written using Slim 4, Twig 3 and Vue 2
babel boilerplate cookies csrf cypress dbmate flash-messages hacktoberfest javascript jest php phpunit rng sass scss slim starter-project twig vue
Last synced: 13 Apr 2025
https://github.com/iwismer/actix-auth-example
An example project for implementing authentication in and Actix based server
actix actix-web argon2 authentication csrf email-validation example oauth rust totp web
Last synced: 21 Feb 2026
https://github.com/heartsucker/rust-csrf
Primitives for CSRF protection.
cryptography csrf csrf-protection http rust security
Last synced: 07 Aug 2025
https://github.com/daggerok/csrf-spring-webflux-mustache
This repository is contains example application using spring boot 2.0, webflux, spring security 5, reactive mongodb and mustache template engine: spring security 5, CSRF protection with mustache, spring webflux functional routes security, method security, authorization decision, etc
controller-advice csrf csrf-protection csrf-tokens css-grid css-grid-layout maven mongodb mustache reactive reactive-mongo reactive-programming security spring-boot spring-mvc spring-security spring-web spring-webflux webflux
Last synced: 20 Oct 2025
https://github.com/noraj/atmail-exploit-toolchain
AtMail Email Server Appliance 6.4 - Exploit toolchain (XSS > CSRF > RCE)
atmail csrf exploit plugin rce reverse-shell xss
Last synced: 12 Apr 2025
https://github.com/jorianwoltjer/responder
Easily create and share Proof of Concepts in HTML, JavaScript, etc. with custom headers, all via query parameters
csrf generate http proof-of-concept response xss
Last synced: 08 Sep 2025
https://github.com/selective-php/samesite-cookie
Secure your site with SameSite cookies
cookies csrf php samesite-cookies
Last synced: 19 Apr 2025
https://github.com/cluemediator/secure-auth-api-nodejs
Create secure authentication REST API in Node.js
api-nodejs authentication cookie csrf dotenv login random-tokens secure-login xsrf
Last synced: 03 Jul 2025
https://github.com/cluemediator/secure-login-app-reactjs
Implement secure login application in React using REST API
authentication csrf login login-auth reactjs rest-api xsrf
Last synced: 03 Jul 2025
https://github.com/dreadlocked/conceptronicipcam_multiplevulnerabilities
[CVE-2018-6407 & CVE-2018-6408] Conceptronic IPCam Administration panel CSRF and Denial of Service
csrf denial-of-service disclosure vulnerabilities
Last synced: 08 Jul 2025
https://github.com/phpgt/csrf
Automatic protection from Cross-Site Request Forgery.
automatic-protection csrf csrf-protection csrf-protector csrf-tokens php-security phpgt security
Last synced: 04 Oct 2025
