Bypassing Anti-CSRF protection


At the end of successfully completing this challenges series, you will be able to:


With the awareness of Cross-Site Request Forgery (CSRF) attack, developers have been protecting their applications from adding anti-CSRF token or other means. Normal IT audit inspector or lazy pentesters could give the green light for sighting the token. Only Ninjas will go beyond to bypass the token. This challenge features practical bypass techniques discovered by researchers. 

How to start:
Click on your desired challenge from the left navigation panel.