Ayo Secu

Cross-Site Request Forgery (CSRF)Cross-Site Request Forgery (CSRF) is a web security vulnerability that allows an attacker to trick a user into performing unwanted actions on a trusted website where the user is authenticated. CSRF exploits the trust that a website has in a user’s browser, primarily through the misuse of cookies for authentication.1. How CSRF WorksVictim AuthenticationThe victim ..

CookiesCookies are small pieces of data stored by a web browser on behalf of a website, typically used for session management, user preferences, and tracking. To enhance security, cookies come with attributes that control their behavior and access.1. Key Cookie AttributesAttributePurposeHttpOnlyPrevents client-side JavaScript from accessing the cookie.SecureEnsures the cookie is sent only over H..