Description
XSRFProbe is the most advanced CSRF audit and exploitation toolkit. It crawls the target application, identifies forms and state-changing requests, checks for CSRF token presence and strength, and generates proof-of-concept exploits for confirmed vulnerabilities.
Installation
BASH
pip3 install xsrfprobe
# From source
git clone https://github.com/0xInfection/XSRFProbe.git
cd XSRFProbe && pip3 install .Basic Usage
BASH
# Scan a target
xsrfprobe -u https://target.com
# With authentication cookie
xsrfprobe -u https://target.com -c "session=abc123"Advanced Usage
BASH
# Crawl depth
xsrfprobe -u https://target.com --crawl -d 3
# Custom headers
xsrfprobe -u https://target.com --headers "Authorization: Bearer TOKEN"
# Output report
xsrfprobe -u https://target.com -o report/
# Exclude specific paths
xsrfprobe -u https://target.com --exclude /logout,/static
# Verify tokens aren't reusable
xsrfprobe -u https://target.com --token-checkWhat It Checks
- Missing CSRF tokens on state-changing forms
- Weak or predictable CSRF token patterns
- Token not bound to user session
- Token reuse (not invalidated after use)
- Referrer/Origin header validation
- SameSite cookie attribute presence
Common Workflows
BASH
# Full CSRF audit
xsrfprobe -u https://target.com -c "session=abc123" --crawl -d 4 -o csrf_audit/
# Quick check on specific forms
xsrfprobe -u https://target.com/settings -c "session=abc123"
xsrfprobe -u https://target.com/password-change -c "session=abc123"
xsrfprobe -u https://target.com/email-update -c "session=abc123"