Advanced Usage

XSRFProbe is a toolkit intended to be highly flexible and customisable. Everything the scanner does can be controlled via the config.py configuration file.

XSRFProbe Configuration Variables:

XSRFProbe has got full customisation over its runtime environment. In case if you don't want to enter parameters everytime, you can head over to config.py file and edit them as per your need. Now next time, when you make want to run the tool, just fire it up with python xsrfprobe.py and the tool will run according to your configurations set! They are as following:

• SITE_URL - The main site domain which you want to scan.
• DEBUG_MODE - Setting this to False means decreasing verbosity. This option is equivalent to supplying the -q/--quiet argument.
• USER_AGENT - The user agent with which you might want to run the entire scanning process. the Default value is set to Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729), a standard Windows browser user-agent.
• USER_AGENT_RANDOM - Setting this to True indicates that all requests are to make by different user-agents which is not recommended. This option is equivalent to --random-agent argument.
• COOKIE_VALUE - The cookie value which will be passed during all requests. A cookie (preferably a Session Cookie, see why) is needed for complete assessment of all phases of XSRFProbe.
• HEADER_VALUES - A dict where the default header values are stored. When you add a custom header with the --header argument, the header will get appended to this list of existing headers.
• TIMEOUT_VALUE - This is the HTTP timeout value and applies to all requests. The default is 7 seconds. Changing this value is equivalent to --timeout paramter.
• DELAY_AMOUT - The value storing the delay amount between two requests in seconds. Changing this option is equivalent to setting the -d/--delay argument.
• COOKIE_BASED - This is runtime configuration variable. Setting this option to False means all cookie based checks(Cookie Persistence and Cookie Flag Checks) will NOT be performed. This is by default set to False when user doesn't supply a cookie value or the COOKIE_VALUE configuration variable is empty.
• POST_BASED - A runtime configuration variable. Setting this option to False means all POST Based Forgery Checks will NOT be performed.
• TOKEN_CHECKS - Another runtime configuration variable. Setting this option to False means all Token Based Checks(Anti-CSRF Token Detection, Token Strength Calculation and Token Randomness Calculation) will NOT be performed.
• REFERER_ORIGIN_CHECKS - Yet another runtime config. variable. Setting this option to False means all Cross-Origin Based Checks(Referer Based and Origin Based Checks) will NOT be performed.
• FORM_SUBMISSION - A controller variable which controls how XSRFProbe submits forms. Setting this to False will not allow any type of form submissions, thereby missing most of the module checks.
• REFERER_URL - A controller variable which indicates the URL of the Referer header when performing Referer Based Request Forgery Checks.
• ORIGIN_URL - A controller variable which indicates the URL of the Origin header when performing Origin Based Request Forgery Checks.
• TOKEN_GENERATION_LENGTH - A controller variable which defines the length of the strings of the form fields which are to be generated.
• EXCLUDE_URLS - Exclude the directories which need not be scanned.
• OUTPUT_DIR - The output directory of the files where everything is to be stored (including logs).
• DISPLAY_HEADERS - Option to display headers. This option will help you to display headers received during requests. You might want to turn this off to False if you do not want the response headers to be displayed on the terminal.
• SCAN_ANALYSIS - A runtime configuration variable. Setting this option to False means all Post-Scan Analysis will NOT be performed.