Tag: csrf

Burp, Web Penetration Testing

Using Burp Intruder to Test CSRF Protected Applications

1. Open Intruder Tab 2. Define Attack Target 3. Select Pitchfork as Attack type. Define your payload positions. 4. Define grep rule. Open Options tab -> click Add button under Grep – Extract section. A new window opens -> click fetch response button and select your csrf token value and press ok. 5. Select Paylod …