CSRF_POC // Generator
⚠ FOR AUTHORIZED TESTING ONLY

CSRF POC GENERATOR

// Generate proof-of-concept payloads for Cross-Site Request Forgery vulnerabilities

// Add request parameters — name/value pairs

// Standard HTML form — works against most CSRF vulnerabilities with form-based endpoints
csrf_poc.html
// 0 lines 0 bytes
about:blank

⚠ Sandbox mode — form submission disabled in preview

No CSRF token in request
SameSite cookie not set / Lax
Origin / Referer not validated
State-changing operation
Session cookie auto-sent by browser
Custom headers not required