XSRFProbe is an advanced security auditing toolkit designed to detect and analyze Cross Site Request Forgery (CSRF/XSRF) vulnerabilities in web applications. It uses an automated crawling engine that continuously scans a target application, collects forms and endpoints, and evaluates them for potential CSRF weaknesses. XSRFProbe performs numerous systematic checks to determine whether a web endpoint is vulnerable, including inspection of anti-CSRF tokens, cookie validation behavior, and request forgery scenarios. It also analyzes the strength and randomness of security tokens using algorithms such as entropy calculations to determine whether tokens can be predicted or forged. When a vulnerability is discovered, it can automatically generate proof-of-concept payloads that demonstrate how the flaw could be exploited in a real attack scenario. XSRFProbe provides a highly automated workflow while still allowing users to customize scanning behavior and configuration settings.

Features

  • Automated crawling engine that scans web pages and forms continuously
  • Detection of anti-CSRF tokens within POST requests and form submissions
  • Token strength and randomness analysis using entropy-based algorithms
  • Support for custom cookies and generic HTTP headers during testing
  • Generation of proof-of-concept exploits for discovered vulnerabilities
  • Detailed logging system for vulnerabilities, tokens, and scan results

Project Samples

xsrfprobe Screenshot 1 xsrfprobe Screenshot 2 xsrfprobe Screenshot 3 xsrfprobe Screenshot 4 xsrfprobe Screenshot 5 xsrfprobe Screenshot 6

Project Activity

See All Activity >

Categories

Web Scrapers

License

GNU General Public License version 3.0 (GPLv3)

Follow xsrfprobe

xsrfprobe Web Site

Other Useful Business Software
AI-generated apps that pass security review Icon
AI-generated apps that pass security review

Stop waiting on engineering. Build production-ready internal tools with AI—on your company data, in your cloud.

Retool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
Try Retool free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of xsrfprobe!

Additional Project Details

Programming Language

Python

Related Categories

Python Web Scrapers

Registered

2026-03-11
Report inappropriate content