Skills
.Work. You
Rest

csrf

Official

Exploit CSRF vulnerabilities safely.

Software Engineering#vulnerability assessment#browser security#penetration testing#web security#exploit development#csrf
Authorblacklanternsecurity
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill helps penetration testers identify and demonstrate Cross-Site Request Forgery (CSRF) vulnerabilities, proving how an attacker could trick a victim's browser into performing unauthorized actions.

Core Features & Use Cases

  • Vulnerability Assessment: Detects and tests for CSRF flaws in state-changing web application endpoints.
  • Bypass Techniques: Implements various methods to bypass CSRF defenses like tokens, SameSite cookies, and Referer checks.
  • Proof-of-Concept Generation: Creates functional HTML Proof-of-Concept (PoC) pages to demonstrate exploitability.
  • Use Case: A penetration tester uses this Skill to confirm that a web application's user profile update function is vulnerable to CSRF, generating a PoC that, if clicked by a logged-in user, would change their email address to one controlled by the attacker.

Quick Start

Use the csrf skill to assess the state-changing endpoint at https://example.com/update-profile for CSRF vulnerabilities.

Dependency Matrix

Required Modules

None required

Components

scriptsreferences

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: csrf
Download link: https://github.com/blacklanternsecurity/red-run/archive/main.zip#csrf

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.