Cross-Site Request Forgery (CSRF) Explained

preview_player
Показать описание
#WebSecurity #CSRF

A video explaining CSRF and some different types of attacks.

Sorry for the late upload, was busy with other stuff.

🎵 Track: Warriyo - Mortals (feat. Laura Brehm)
Рекомендации по теме
Комментарии
Автор

Seriously cant say it enough. I freaking love your videos

hydrnium_
Автор

@4:53
one of the important things to mention here is that the csrf token is good only as long as it is mapped to the user's session ID in the backend. Otherwise, the attacker might simply obtain a valid CSRF token by visiting the main website themself and inject it into the malicious requests.

Tying the token to the user's session and validating that on the backend for each request is very important.

forceboxed
Автор

There's tens of thousands of videos on Csrf but you easily beat all of them. Yet the number of views you got aren't nearly as close as theirs. Niche youtubers like you are ahead of the time. I hope people like you are revered in coming 5 years

dragonballZbigBang
Автор

i came from LiveOverflow channel, i so glad to be here !
your channel is interesting, love it . keep up the good work

justforyoutube
Автор

Man, I tried researching how CSRF attacks worked last year and I never got a solid grasp of it.
This video changed that.
As a cybersecurity enthusiast and web developer, this is super helpful!

jammincoder
Автор

I watched around 15 videos regarding csrf and you are the only one who explained it clearly. Also not everyone stressed on "the browser automatically sends the cookies".

a.yashwanth
Автор

No words to describe how much informational these videos are.
Thank you.

yasirhussain
Автор

Wow, I love the graphical explanatory video, really easy to follow and understand in concordance with explication <3

nullpwn
Автор

we need more of these.
literally a free service to everyone genuinely interested

sathvikmalgikar
Автор

I genuinely don't understand why you stop creating videos. Your style is so cool.

rasikagayangunarathna
Автор

the music and naration in the intro made me feel like I'm discovering a mistery in another new world, lol. great video

sleepydev
Автор

Incredibly amazing video as always. Very great explanation, and I love your color choices and how you draw/write everything

mitchelline
Автор

Great content. I can't believe this is free!
PS: I love your colour scheme <3 <3

theawless
Автор

Third video of yours that came up, and perfectly described the concept. Subscribed

CYBRsynth
Автор

I really enjoyed your theme of explanation and the background music. sounded adventurous

danialabsolute
Автор

was curious if tokens really work since you could just make a GET and read the token then post. glad you answered that question very quickly. awesome video. i will subscribe

JoshuaKisb
Автор

Just came by from watching LiveOverflow's video. I subbed and put on the bell notification on. This channel looks so cool

miguelnunez
Автор

You are just awesome man. Why doesn't YouTube show such search results at the top. I couldn't find you when I needed but now I am happy. Thanks bro..

subhashsarangi
Автор

As I understand it, fetch and XHR require `useCredentials` to send the cookies along with the request which needs to be explicitly stated on the CORS header Otherwise cookies are not being sent and the CSRF fails.

MinusFourmn
Автор

Amazing content as always, big fan of your videos and tutorials, thank you so much ;D

farzadsole