Getting Started

Compatibility

Python Versions

Originally built on Python 2, XSRFProbe later was migrated to Python 3 due to the approaching end of Python 2 as well as some missing features in Python 2.x versions, which did not allow optimised performance and even caused some dependency issues.

XSRFProbe is now totally compatible with Python 3.x (preferably > 3.4) versions at present.

Operating Systems

XSRFProbe has been tested on Linux (Arch, Debian, Ubuntu), Windows and Mac, and works as expected. Feel free to report any bugs you might encounter.

Colors

Mac & Windows doesn't support ANSI escape sequences so the output won't be colored on Mac & Windows. However you can still use XSRFProbe on them.

Dependencies

XSRFProbe needs some libraries to run efficiently. Apart from in-built libraries, some require installation via pip.

Following are the dependencies that XSRFProbe engine requires:

• requests - For making HTTP queries.
• bs4 - A HTML Parser for web pages.
• stringdist - Fuzzy matching library.
• tld - Extracting top level domains.
• yattag - Generating PoCs.

Rest of the Python libraries used by XSRFProbe are standard libraries which come pre-installed with a Python 3.x interpreter.

Installation

Via Pip:

XSRFProbe can be easily installed via a simple command if you have pip:

pip install xsrfprobe

Manually:

Or you can install it yourself. For setting the tool up: ➲ Clone the repo locally and navigate to the directory.

git clone https://github.com/0xinfection/XSRFProbe.git
cd XSRFProbe/

➲ Install the dependencies.

python setup.py install

➲ Launch the script.

xsrfprobe --help

You'll see the list of arguments XSRFProbe takes in. Let the scanner load up. It confirms that the site is up and thus the scanning process begins. For more info, head over to the General Usage section.