Phoenix CSRF Payload Generator


Prefix






[GET] CSRF with <img>

output

[POST ] CSRF with <form>

There's a bug. Not yet.

[POST] JSON CSRF with Parameter Padding

output

[POST] JSON CSRF with SWF

output

References

https://www.hahwul.com/2018/08/attack-json-csrf-with-swfactionscript.html
https://www.hahwul.com/2016/07/web-hacking-putdelete-csrfcross-site.html
https://www.hahwul.com/2017/05/web-hacking-parameter-padding-for.html


HAHWUL

Security engineer, Rubyist, Gopher and H4cker!

Share: | Coffee Me: