CSRF - Lab #1 CSRF vulnerability with no defenses | Long Version

In this video, we cover Lab #1 in the CSRF module of the Web Security Academy. This lab's email change functionality is vulnerable to CSRF. To solve the lab, we craft some HTML that uses a CSRF attack to change the viewer's email address and upload it to to our exploit server. ▬ 🌟 Video Sponsor 🌟 ▬▬▬▬▬▬▬▬▬▬ Sign up to Intigriti: https://go.intigriti.com/ranakhalil (affiliate link) ▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬ Buy my course: https://academy.ranakhalil.com/p/web-... ▬ 📖 Contents of this video 📖 ▬▬▬▬▬▬▬▬▬▬ 00:00 - Introduction 00:13 - Intigriti sponsorship (https://go.intigriti.com/ranakhalil) 01:07 - Navigation to the exercise 01:51 - Understand the exercise and make notes about what is required to solve it 03:00 - Exploit the lab using Burp Suite Pro 12:58 - Script the exploit (without Burp Suite Pro) 23:00 - Summary 23:16 - Thank You ▬ 🔗 Links 🔗 ▬▬▬▬▬▬▬▬▬▬ CSRF Theory video (previous video):    • Cross-Site Request Forgery (CSRF) | Comple...   HTML script: https://github.com/rkhal101/Web-Secur... Notes.txt document: https://github.com/rkhal101/Web-Secur... Web Security Academy Youtube Video Series Release Schedule: https://docs.google.com/spreadsheets/... Web Security Academy: https://portswigger.net/web-security/... Rana's Twitter account:   / rana__khalil