Preview Image

CSRF where Referer validation depends on header being present

Laboratorio de Portswigger sobre CSRF

Mar 16, 2025 Portswigger Labs, CSRF

Preview Image

SameSite Lax bypass via cookie refresh

Laboratorio de Portswigger sobre CSRF

Mar 16, 2025 Portswigger Labs, CSRF

Preview Image

SameSite Strict bypass via sibling domain

Laboratorio de Portswigger sobre CSRF

Mar 13, 2025 Portswigger Labs, CSRF

Preview Image

SameSite Strict bypass via client-side redirect

Laboratorio de Portswigger sobre CSRF

Mar 12, 2025 Portswigger Labs, CSRF

Preview Image

SameSite Lax bypass via method override

Laboratorio de Portswigger sobre CSRF

Mar 12, 2025 Portswigger Labs, CSRF

Preview Image

CSRF where token is duplicated in cookie

Laboratorio de Portswigger sobre CSRF

Mar 9, 2025 Portswigger Labs, CSRF

Preview Image

CSRF where token is tied to non-session cookie

Laboratorio de Portswigger sobre CSRF

Mar 9, 2025 Portswigger Labs, CSRF

Preview Image

CSRF where token is not tied to user session

Laboratorio de Portswigger sobre CSRF

Mar 7, 2025 Portswigger Labs, CSRF

Preview Image

CSRF where token validation depends on token being present

Laboratorio de Portswigger sobre CSRF

Mar 7, 2025 Portswigger Labs, CSRF

Preview Image

CSRF where token validation depends on request method

Laboratorio de Portswigger sobre CSRF

Mar 7, 2025 Portswigger Labs, CSRF