Efficient Web Vulnerability Detection Tool for Sleeping Giant-Cross Site Request Forgery

• Published in: Journal of physics. Conference series Vol. 1000; no. 1; pp. 12125 - 12134
• Main Authors: Parimala, G, Sangeetha, M, AndalPriyadharsini, R
• Format: Journal Article
• Language: English
• Published: Bristol IOP Publishing 01.04.2018
• Subjects: Applications programs; Physics; Programming languages; Websites
• ISSN: 1742-6588; 1742-6596
• DOI: 10.1088/1742-6596/1000/1/012125

Now day's web applications are very high in the rate of usage due to their user friendly environment and getting any information via internet but these web applications are affected by lot of threats. CSRF attack is one of the serious threats to web applications which is based on the vulnerabilities present in the normal web request and response of HTTP protocol. It is hard to detect but hence still it is present in most of the existing web applications. In CSRF attack, without user knowledge the unwanted actions on a reliable websites are forced to happen. So it is placed in OWASP's top 10 Web Application attacks list. My proposed work is to do a real time scan of CSRF vulnerability attack in given URL of the web applications as well as local host address for any organization using python language. Client side detection of CSRF is depended on Form count which is presented in that given web site.