csrf-land | Cross-site request forgery Learning Platform

by pich4ya PHP Version: Current License: MIT

X-Ray Key Features Code Snippets Community Discussions Vulnerabilities Install Support

kandi X-RAY | csrf-land Summary

csrf-land is a PHP library typically used in Financial Services, Banks, Payments applications. csrf-land has no bugs, it has no vulnerabilities, it has a Permissive License and it has low support. You can download it from GitHub.

จุดประสงค์ เพื่อเรียนรู้และทดสอบการโจมตีด้วยเทคนิค CSRF (Cross-Site Request Forgery ) อย่างถูกกฏหมายและเข้าใจจริงโดยลงมือทำจริงในสถานการณ์จำลองหลากหลายรูปแบบ. Cross-Site Request Forgery (CSRF) คืออะไร ?. เมื่อไรที่ต้องการส่งข้อมูลให้สร้างค่าสุ่ม (anti-CSRF token) และซ่อนแนบมากับข้อมูลปกติด้วยและทำการตรวจสอบอีกครั้งเมื่อทำการรับข้อมูลว่าค่านั้นยังคงถูกต้อง โดยค่าที่ว่าควรจะไม่สามารถเดาได้โดย user อื่น ๆ (อาจจะ 1 ค่าต่อ 1 session ของ user, 1 ค่าต่อ 1 module ในเว็บ ต่อ 1 user, หรือเปลี่ยนค่าใหม่ทุกครั้งหลังจากใช้ค่าเดิมไปแล้วก็ได้) ศึกษาข้อมูลเพิ่มเติมได้ที่ [OWASP CSRF Prevention Cheat Sheet] Tested on Ubuntu 14.04, Apache/2.4.7, PHP 5.5.9.

Support

Quality

Security

License

Reuse

Support

csrf-land has a low active ecosystem.

It has 22 star(s) with 8 fork(s). There are 2 watchers for this library.

It had no major release in the last 6 months.

csrf-land has no issues reported. There are no pull requests.

It has a neutral sentiment in the developer community.

The latest version of csrf-land is current.

Quality

csrf-land has 0 bugs and 0 code smells.

Security

csrf-land has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

csrf-land code analysis shows 0 unresolved vulnerabilities.

There are 0 security hotspots that need review.

License

csrf-land is licensed under the MIT License. This license is Permissive.

Permissive licenses have the least restrictions, and you can use them in most projects.

Reuse

csrf-land releases are not available. You will need to build from source code and install.

Installation instructions are not available. Examples and code snippets are available.

csrf-land saves you 93 person hours of effort in developing the same functionality from scratch.

It has 239 lines of code, 2 functions and 14 files.

It has low code complexity. Code complexity directly impacts maintainability of the code.

Top functions reviewed by kandi - BETA

kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of csrf-land

Get all kandi verified functions for this library.

csrf-land Key Features

No Key Features are available at this moment for csrf-land.

csrf-land Examples and Code Snippets

No Code Snippets are available at this moment for csrf-land.

Community Discussions

No Community Discussions are available at this moment for csrf-land.Refer to stack overflow page for discussions.

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install csrf-land

You can download it from GitHub.
PHP requires the Visual C runtime (CRT). The Microsoft Visual C++ Redistributable for Visual Studio 2019 is suitable for all these PHP versions, see visualstudio.microsoft.com. You MUST download the x86 CRT for PHP x86 builds and the x64 CRT for PHP x64 builds. The CRT installer supports the /quiet and /norestart command-line switches, so you can also script it.

Support

2600 Thailand Group: https://www.facebook.com/groups/2600Thailand/. Cross-Site Request Forgery (CSRF): https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF). Testing for CSRF (OTG-SESS-005): https://www.owasp.org/index.php/Testing_for_CSRF_(OTG-SESS-005). Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet.

Find more information at: