CSRF - Cross-Site Request Forgery

  1. 1. What Is CSRF?
  2. 2. In the Browser
  3. 3. Anatomy of an Attack
  4. 4. Untangling the Acronyms
  5. 5. The Synchronizer Token Pattern
  6. 6. Double-Submit Cookie & Stateless Tokens
  7. 7. SameSite Cookies
  8. 8. Defence in Depth
  9. 9. CSRF in Modern Apps
  10. 10. Testing