.png)
Recently, i wrote an article on the "ifixit Stored XSS vulnerability". I received a good response from my readers, therefore i thought to write about my recent CSRF vulnerability i found inside twilio. Typically, when hunting for a CSRF vulnerability, we look for forms that are without CSRF tokens, I have created a small screencast, where i will walk you through the process of finding CSRF vulnerabilities. I would be using two different tools for this purpose namely "Tamper Data" and "Burp Suite", I hope you enjoy the video and i am looking forward to have a feedback.
My name would be listed inside there responsible disclosure page, the name text page would be updated:
https://www.twilio.com/docs/security/disclosure
How To Find CSRF Vulnerabilites? - Twilio CSRF Attack [Demonstration]
![How To Find CSRF Vulnerabilites? - Twilio CSRF Attack [Demonstration]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjji2PwHrXYmylxDmLoNevMPylkQVfERrg9ip7Ig9V4ZtGG-3YoRrllbWFRVcYBr0qzrsTHj0optwhEjIF2aEkjKO9xsS3_ZrwQuqh00kS8O7yq_gdEHxVK-Ngo1ZmXeCojbJ2bZhCf5hU/s72-c/twilio-logo+(1).png)
Reviewed by AC10 Tech
on
Wednesday, January 09, 2013
Rating:
Reviewed by AC10 Tech
on
Wednesday, January 09, 2013
Rating:
No comments: