In CSRF test we first find an authenticated URL to send a request as a logged in user to check if your web application uses a CSRF token.
The web application can be vulnerable to CSRF attack if there is no token used or the token used is not properly validated in the request.
We will test If your web application:
validate the token not only when it is present but also when it is removed from the request.
validate the deployed CSRF token for both GET and POST requests.
issue a unique token for every session and does not validate a token that it has previously issued.
does not tie the CSRF token to a non-session cookie and CSRF token is also not duplicated in a cookie.
validate the Referer header not only when it is present but also when it is removed from the request.
properly validate the Referer header and does not allow to bypass it.
We have to manually find the end points to do the introspection, but if introspection is disabled than we have to rely on invalid queries to get useful information through error messages, this process can take a while.
Report will include the details of all the tests conducted and vulnerabilities found.
Based on our finding through our extensive tests we will provide recommendations in the report on how to fix the GraphQL injection vulnerability.