This is the Windows app named xsrfprobe whose latest release can be downloaded as XSRFProbev2.3.1sourcecode.tar.gz. It can be run online in the free hosting provider OnWorks for workstations.
Download and run online this app named xsrfprobe with OnWorks for free.
Follow these instructions in order to run this app:
- 1. Downloaded this application in your PC.
- 2. Enter in our file manager https://www.onworks.net/myfiles.php?username=XXXXX with the username that you want.
- 3. Upload this application in such filemanager.
- 4. Start any OS OnWorks online emulator from this website, but better Windows online emulator.
- 5. From the OnWorks Windows OS you have just started, goto our file manager https://www.onworks.net/myfiles.php?username=XXXXX with the username that you want.
- 6. Download the application and install it.
- 7. Download Wine from your Linux distributions software repositories. Once installed, you can then double-click the app to run them with Wine. You can also try PlayOnLinux, a fancy interface over Wine that will help you install popular Windows programs and games.
Wine is a way to run Windows software on Linux, but with no Windows required. Wine is an open-source Windows compatibility layer that can run Windows programs directly on any Linux desktop. Essentially, Wine is trying to re-implement enough of Windows from scratch so that it can run all those Windows applications without actually needing Windows.
SCREENSHOTS
Ad
xsrfprobe
DESCRIPTION
XSRFProbe is an advanced security auditing toolkit designed to detect and analyze Cross Site Request Forgery (CSRF/XSRF) vulnerabilities in web applications. It uses an automated crawling engine that continuously scans a target application, collects forms and endpoints, and evaluates them for potential CSRF weaknesses. XSRFProbe performs numerous systematic checks to determine whether a web endpoint is vulnerable, including inspection of anti-CSRF tokens, cookie validation behavior, and request forgery scenarios. It also analyzes the strength and randomness of security tokens using algorithms such as entropy calculations to determine whether tokens can be predicted or forged. When a vulnerability is discovered, it can automatically generate proof-of-concept payloads that demonstrate how the flaw could be exploited in a real attack scenario. XSRFProbe provides a highly automated workflow while still allowing users to customize scanning behavior and configuration settings.
Features
- Automated crawling engine that scans web pages and forms continuously
- Detection of anti-CSRF tokens within POST requests and form submissions
- Token strength and randomness analysis using entropy-based algorithms
- Support for custom cookies and generic HTTP headers during testing
- Generation of proof-of-concept exploits for discovered vulnerabilities
- Detailed logging system for vulnerabilities, tokens, and scan results
Programming Language
Python
Categories
This is an application that can also be fetched from https://sourceforge.net/projects/xsrfprobe.mirror/. It has been hosted in OnWorks in order to be run online in an easiest way from one of our free Operative Systems.
