Ajax Girl

Joe Walker will probably be happy to see this, and will be able to test DWR with it. Chris Shiflet has created a simple CSRF Redirector inspired by the XSS POST Forwarder:

It’s a simple tool that makes it easy to test CSRF using POST, hopefully demonstrating how prevalent CSRF vulnerabilities are as well as reducing the misconception that forging a POST request is complicated.

To use it, construct a URL of the form http://shiflett.org/csrf.php?csrf=URL&NAME=VALUE, where URL is the (URL-encoded) target site, and NAME and VALUE represent a name-value pair, of which there can be zero or more.

Google’s online security team recently posted about Automating web application security testing which discusses various XSS issues.

Source: Ajaxian
Original Article: http://feeds.feedburner.com/~r/ajaxian/~3/135590357/csrf-redirector