training.get_csrf_patterns

Instructions

Implementation Reference

• src/tools/training_extractor.ts:411-426 (handler)

  Handler function that filters and returns CSRF training patterns based on the specified technique or all patterns.

  async ({ technique = 'all' }: any): Promise<ToolResult> => {
    try {
      let patterns = CSRF_TRAINING_DATA;
      if (technique !== 'all') {
        patterns = patterns.filter((p) => p.sourceId.includes(technique));
      }
  
      return formatToolResult(true, {
        patterns,
        count: patterns.length,
        techniques: patterns.map((p) => p.contextData.technique),
      });
    } catch (error: any) {
      return formatToolResult(false, null, error.message);
    }
  }

• src/tools/training_extractor.ts:397-409 (schema)

  Input schema and description for the training.get_csrf_patterns tool.

  {
    description: 'Get all CSRF exploitation patterns from training data',
    inputSchema: {
      type: 'object',
      properties: {
        technique: {
          type: 'string',
          enum: ['basic', 'content-type', 'method', 'token-bypass', 'referrer', 'all'],
          description: 'Specific CSRF technique',
          default: 'all',
        },
      },
    },

• src/tools/training_extractor.ts:395-427 (registration)

  Registration of the training.get_csrf_patterns tool using server.tool(), including schema and handler.

  server.tool(
    'training.get_csrf_patterns',
    {
      description: 'Get all CSRF exploitation patterns from training data',
      inputSchema: {
        type: 'object',
        properties: {
          technique: {
            type: 'string',
            enum: ['basic', 'content-type', 'method', 'token-bypass', 'referrer', 'all'],
            description: 'Specific CSRF technique',
            default: 'all',
          },
        },
      },
    },
    async ({ technique = 'all' }: any): Promise<ToolResult> => {
      try {
        let patterns = CSRF_TRAINING_DATA;
        if (technique !== 'all') {
          patterns = patterns.filter((p) => p.sourceId.includes(technique));
        }
  
        return formatToolResult(true, {
          patterns,
          count: patterns.length,
          techniques: patterns.map((p) => p.contextData.technique),
        });
      } catch (error: any) {
        return formatToolResult(false, null, error.message);
      }
    }
  );

• src/tools/training_extractor.ts:6-82 (helper)

  Pre-loaded CSRF training data array used by the tool handler to provide patterns.

  const CSRF_TRAINING_DATA = [
    {
      source: 'intigriti',
      sourceId: 'csrf-basic',
      vulnerabilityType: 'CSRF',
      targetPattern: '/api/profile/update',
      payloadPattern: '<form method="POST"',
      successPattern: 'email updated|profile updated|success',
      failurePattern: 'error|invalid|unauthorized',
      contextData: {
        technique: 'Basic CSRF',
        description: 'Simple form-based CSRF attack',
        example: '<form method="POST" action="https://app.example.com/api/profile/update">',
      },
      score: 7,
    },
    {
      source: 'intigriti',
      sourceId: 'csrf-content-type',
      vulnerabilityType: 'CSRF',
      targetPattern: '/api/',
      payloadPattern: 'enctype="text/plain"',
      successPattern: 'success|updated',
      failurePattern: 'error|invalid content-type',
      contextData: {
        technique: 'Content-Type Bypass',
        description: 'Bypass JSON-only APIs using text/plain',
        example: 'enctype="text/plain" with JSON-like payload',
      },
      score: 8,
    },
    {
      source: 'intigriti',
      sourceId: 'csrf-method',
      vulnerabilityType: 'CSRF',
      targetPattern: '/api/',
      payloadPattern: 'method="POST"|_method=PUT',
      successPattern: 'success|updated',
      failurePattern: 'method not allowed|cors error',
      contextData: {
        technique: 'Method-based CSRF',
        description: 'Change HTTP method to bypass CORS',
        example: 'Use POST instead of PUT/PATCH',
      },
      score: 7,
    },
    {
      source: 'intigriti',
      sourceId: 'csrf-token-bypass',
      vulnerabilityType: 'CSRF',
      targetPattern: '/api/',
      payloadPattern: 'csrf_token=|anti-csrf',
      successPattern: 'success|updated',
      failurePattern: 'invalid token|csrf required',
      contextData: {
        technique: 'Token Validation Bypass',
        description: 'Bypass anti-CSRF tokens',
        methods: ['remove token', 'blank value', 'random value', 'hardcoded valid token'],
      },
      score: 9,
    },
    {
      source: 'intigriti',
      sourceId: 'csrf-referrer',
      vulnerabilityType: 'CSRF',
      targetPattern: '/api/',
      payloadPattern: 'no-referrer',
      successPattern: 'success|updated',
      failurePattern: 'invalid referrer|referrer required',
      contextData: {
        technique: 'Referrer-based Bypass',
        description: 'Bypass referrer validation',
        example: '<meta name="referrer" content="no-referrer">',
      },
      score: 8,
    },
  ];