Unit363-Web-Vuln-Lab on unit363https://unit363.dev/tags/unit363-web-vuln-lab/Recent content in Unit363-Web-Vuln-Lab on unit363Hugoenunit363Sun, 10 May 2026 00:00:00 +0000CSRFhttps://unit363.dev/posts/csrf/Sun, 10 May 2026 00:00:00 +0000https://unit363.dev/posts/csrf/<h1 id="what-is-csrf">What is CSRF</h1> <p>Cross-<strong>site</strong> request forgery (CSRF or XSRF) is a web vulnerability where an attacker can perform actions on behalf of a victim. This is possible because the browser automatically attaches the session cookie to cross-site requests. (Also called one-click attack or session riding.)</p> <h1 id="how-does-csrf-work">How does CSRF Work</h1> <p>In this chapter we want to explore this vulnerability in depth. For that we have to first understand how session-based authentication works in a web application.</p>Unit363 Web Vulnerability Labhttps://unit363.dev/tools/unit363-web-vuln-lab/Sun, 10 May 2026 00:00:00 +0000https://unit363.dev/tools/unit363-web-vuln-lab/<h2 id="overview">Overview</h2> <p>This is a web vulnerability lab for learning and experimenting with web vulnerabilities.</p> <h2 id="intentionally-possible-attacks">Intentionally possible attacks</h2> <ul> <li>CSRF</li> <li>XSS</li> <li>SQLi</li> </ul> <h2 id="github">Github</h2> <p><strong>GitHub</strong> — <a href="https://github.com/Unit363/unit363-web-vuln-lab/">github.com/Unit363/unit363-web-vuln-lab/</a></p>