Introduction to CSRF

Presented at RVAsec 2019, May 23, 2019, 11:10 a.m. (50 minutes)

An introduction to Cross Site Request Forgery, how to exploit it, and prevent it. The talk will begin with an introduction to Cross Site Request Forgery, defining what it is, how to exploit, how to prevent it.  Live demonstrations (if the demo gods cooperate) will be used during the presentation.  The talk concludes with an example of using Flash to bypass the mistaken protections offered by Cross Origin Resource Sharing.

Presenters:

  • Aaron Bishop - SecurityMetrics, Inc.
    bISHop has been in the security realm for over 10 years, focused on penetration testing for 6 years.  If bISHop is not at a computer, he can often be found in the mountains with his dog.

Links:

Similar Presentations: