Hacker, Researcher and Author.

How To Find CSRF Vulnerabilites? - Twilio CSRF Attack [Demonstration]



Recently, i wrote an article on the "ifixit Stored XSS vulnerability". I received a good response from my readers, therefore i thought to write about my recent CSRF vulnerability i found inside twilio. Typically, when hunting for a CSRF vulnerability, we look for forms that are without CSRF tokens, I have created a small screencast, where i will walk you through the process of finding CSRF vulnerabilities. I would be using two different tools for this purpose namely "Tamper Data" and "Burp Suite", I hope you enjoy the video and i am looking forward to have a feedback.





My name would be listed inside there responsible disclosure page, the name text page would be updated:
https://www.twilio.com/docs/security/disclosure

9 comments:

  1. Bro...u r name is missing in https://www.twilio.com/docs/security/disclosure

    Tel them 2 fix :)

    ReplyDelete
  2. It will be there, the next time the page would be updated.

    ReplyDelete
  3. Seems to be a great video tutorial to learn from, but it requires password to watch, but i can't find it from the article.

    "If you have permission to watch this video, please type in your password."

    Rynaldo. :)

    ReplyDelete
  4. @Rynaldo

    Send an email to rafayhackingarticles@gmail.com, i'll send you the password.

    ReplyDelete
  5. Rafay your site is really awesome . good work bro.

    ReplyDelete
  6. Gone Through your Video! That's Awesome Dude! and i will just say that you have got skills!
    Well Thanks for Password! :D

    ReplyDelete

© 2016 All Rights Reserved by RHA Info Sec. Top

Contact Form

Name

Email *

Message *

Powered by Blogger.