AutoLogon to a Website and send request defeating CSRF token

Photo by Fatos Bytyqi on Unsplash

Recently at work there was a test case where we needed to send a request to a internal Web App every so often to refresh the internal LDAP database. This is already implemented and required a button to be pressed after logging in to the Web App. Now either you can stay up for few nights and press that…

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
0xsanz

0xsanz

Software Developer having keen interest in Security, Privacy and Pen-testing. Certs:- Security+,PenTest+,AZ900,AZ204