Update README.md and test_websites.txt documentation

README.md

@@ -5,7 +5,8 @@ A comprehensive web security analysis tool that performs automated reconnaissanc
 ## 🚀 Features
 
 - **AI-Powered Security Analysis**: Uses Google Gemini AI to generate contextual security recommendations based on detected vulnerabilities, open ports with versions, and technology stack
-- **Selective Test Execution**: Interactive modal allows you to choose which security tests to run (XSS, SQL Injection, Port Scanning, WAF Detection, Technology Detection, WHOIS Lookup, AI Analysis)
+- **Selective Test Execution**: Interactive modal allows you to choose which security tests to run (XSS, SQL Injection, CSRF Detection, Port Scanning, WAF Detection, Technology Detection, WHOIS Lookup, AI Analysis)
+- **CSRF Detection**: Detects missing CSRF tokens in forms, identifies vulnerable endpoints, and provides detailed vulnerability reports with form analysis
 - **SQL Injection Scanning**: Tests for SQL injection vulnerabilities using 5 optimized payloads targeting basic injection points
 - **XSS Vulnerability Scanning**: Tests for Cross-Site Scripting vulnerabilities using optimized payloads across forms and URL parameters
 - **Technology Detection**: Automatically identifies frontend frameworks (React, Angular, Vue), backend technologies (Django, Node.js, WordPress), CSS frameworks, and server software with version detection
@@ -118,6 +119,7 @@ The frontend will start on `http://localhost:5173` (or another available port)
    - ✅ **Technology Detection** - Identify web technologies and frameworks
    - ✅ **XSS Vulnerability Test** - Test for Cross-Site Scripting attacks
    - ✅ **SQL Injection Test** - Test for SQL injection vulnerabilities
+   - ✅ **CSRF Detection** - Test for Cross-Site Request Forgery vulnerabilities
    - ✅ **WHOIS Lookup** - Get domain registration information
    - ✅ **AI Analysis** - Generate AI-powered security recommendations (requires Gemini API key)
 
@@ -132,6 +134,7 @@ The frontend will start on `http://localhost:5173` (or another available port)
    - Technology stack identification (if selected)
    - XSS vulnerability testing (if selected)
    - SQL injection testing (if selected)
+   - CSRF detection (if selected)
    - WHOIS lookup (if selected)
    - AI-powered analysis (if selected - runs after all scans complete)
 
@@ -141,6 +144,7 @@ The frontend will start on `http://localhost:5173` (or another available port)
    - Detected technologies by category (if scanned)
    - XSS vulnerability status with attack details (if scanned)
    - SQL injection vulnerability status with payload details (if scanned)
+   - CSRF vulnerability status with form analysis (if scanned)
    - WHOIS information (if scanned)
    - AI-generated risk assessment and recommendations (if AI analysis selected)
 
@@ -157,6 +161,7 @@ Performs comprehensive security analysis on a target URL with optional selective
   "tests": {
     "xss": true,
     "sqli": true,
+    "csrf": true,
     "ports": true,
     "waf": true,
     "tech": true,
@@ -206,6 +211,11 @@ Performs comprehensive security analysis on a target URL with optional selective
     "total_vulnerabilities": 2,
     "vulnerabilities": [...]
   },
+  "csrf_scan": {
+    "vulnerable": true,
+    "total_vulnerabilities": 3,
+    "vulnerable_forms": [...]
+  },
   "whois": {
     "domain_name": "example.com",
     "registrar": "Example Registrar Inc.",
@@ -264,6 +274,7 @@ Performs SQL injection vulnerability scan on a target URL.
 │   ├── tech_detector.py       # Technology fingerprinting module
 │   ├── xss_scanner.py         # XSS vulnerability scanner
 │   ├── sqli_scanner.py        # SQL injection vulnerability scanner
+│   ├── csrf_scanner.py        # CSRF vulnerability detection module
 │   ├── whois_lookup.py        # WHOIS domain information retrieval
 │   ├── ai_analyzer.py         # AI-powered security analysis using Gemini
 │   ├── requirements.txt       # Python dependencies
@@ -284,7 +295,8 @@ Performs SQL injection vulnerability scan on a target URL.
 │   │   │   ├── RiskAssessment.jsx         # Security risk summary
 │   │   │   ├── IssuesRecommendations.jsx  # Security recommendations
 │   │   │   ├── XSSVulnerability.jsx       # XSS scan results
-│   │   │   └── SQLInjection.jsx           # SQL injection scan results
+│   │   │   ├── SQLInjection.jsx           # SQL injection scan results
+│   │   │   └── CSRFDetection.jsx          # CSRF detection results
 │   │   └── services/
 │   │       └── api.js                     # API client
 │   ├── package.json
@@ -330,6 +342,15 @@ Tests for SQL injection vulnerabilities using:
 - Error-based detection
 - Optimized for speed and accuracy
 
+### CSRF Detection
+Tests for Cross-Site Request Forgery vulnerabilities using:
+- Form analysis for CSRF tokens
+- HTTP header inspection
+- Cookie security validation
+- POST request analysis
+- Form action verification
+- Comprehensive vulnerability reporting
+
 ## ⚠️ Performance Optimizations
 
 - **Selective Test Execution**: Run only the security tests you need, saving time and resources
@@ -382,8 +403,9 @@ WebReconX follows a modular architecture for better maintainability and scalabil
 4. **tech_detector.py**: Technology stack fingerprinting
 5. **xss_scanner.py**: XSS vulnerability testing with optimized payloads
 6. **sqli_scanner.py**: SQL injection vulnerability testing with 5 basic payloads
-7. **whois_lookup.py**: Domain registration information retrieval
-8. **ai_analyzer.py**: AI-powered security analysis using Google Gemini - generates contextual recommendations based on actual scan results (open ports with versions, detected technologies, XSS/SQLi findings, WAF status)
+7. **csrf_scanner.py**: CSRF vulnerability detection with form and token analysis
+8. **whois_lookup.py**: Domain registration information retrieval
+9. **ai_analyzer.py**: AI-powered security analysis using Google Gemini - generates contextual recommendations based on actual scan results (open ports with versions, detected technologies, XSS/SQLi/CSRF findings, WAF status)
 
 Each module is self-contained and can be tested independently, making the codebase easier to maintain and extend.
 

test_websites.txt

@@ -32,7 +32,9 @@ http://demo.testfire.net
    - Login and transfer forms
    - ⚠️ Mix of protected and unprotected forms
    - Results may vary
-?test=query
+2. XSS (CROSS-SITE SCRIPTING) VULNERABLE SITES
+-----------------------------------------------
+http://testphp.vulnweb.com/search.php?test=query
    - ✓ VERIFIED - Reflected XSS vulnerabilities
    - Search parameter vulnerable
    - Try: <script>alert('XSS')</script>
@@ -49,13 +51,11 @@ http://testhtml5.vulnweb.com
 https://xss-game.appspot.com
    - Google's XSS challenge game
    - Educational XSS testing
-   - ✓ ACTIVE - Good for practicegame
-   - Educational XSS testing
+   - ✓ ACTIVE - Good for practice
 
 http://www.xssgame.com
    - XSS practice challenges
-
-http://testphp.vulnweb.com/artists.php?artist=1
+   - Multiple difficulty levels
 
 
 3. SQL INJECTION VULNERABLE SITES
@@ -208,21 +208,21 @@ HOW TO USE THESE WEBSITES:
    - Secure sites: Green status, protection confirmed
 
 
-================ (VERIFIED VULNERABLE):
-1. testphp.vulnweb.com         ✓ BEST CHOICE - Multiple vulnerabilities
-2. testphp.vulnweb.com/login.php   ✓ CSRF testing
-3. testphp.vulnweb.com/listproducts.php?cat=1   ✓ SQLi testing
-4. google.com                  ✓ Secure comparison
+================================================================================
+                        RECOMMENDED TEST SITES
+================================================================================
+
+BEST FOR BEGINNERS (VERIFIED VULNERABLE):
+1. testphp.vulnweb.com                           ✓ BEST CHOICE - Multiple vulnerabilities
+2. testphp.vulnweb.com/login.php                 ✓ CSRF testing
+3. testphp.vulnweb.com/listproducts.php?cat=1    ✓ SQLi testing
+4. google.com                                    ✓ Secure comparison
 
 ADVANCED TESTING:
 5. juice-shop.herokuapp.com    ⚠️ May be slow - Many challenges
 6. demo.testfire.net           ⚠️ Mixed results - Banking app
 7. zero.webappsecurity.com     ⚠️ Check if online
 
-ADVANCED TESTING:
-4. juice-shop.herokuapp.com    (Many challenges)
-5. zero.webappsecurity.com     (Complex scenarios)
-
 
 ================================================================================
                           QUICK TEST COMMANDS
@@ -300,7 +300,13 @@ If scan fails:
 Common Issues:
 -------------
 - Timeout: Website is slow or blocking
-- CORS Error: Add http:// or https:// (VERIFIED)
+- CORS Error: Add http:// or https://
+- 404 Error: Site may be offline or URL incorrect
+- Connection Refused: Check backend server is running
+
+
+================================================================================
+                        EXPECTED SCAN RESULTS
 ================================================================================
 
 VULNERABLE SITE (testphp.vulnweb.com):
@@ -316,13 +322,7 @@ VULNERABLE SITE (testphp.vulnweb.com):
 ⚠️ IMPORTANT: Not all pages on testphp.vulnweb.com are vulnerable!
    - Main page may show as protected
    - Specific endpoints (/login.php, /search.php) are vulnerable
-   - This is EXPECTED and NORMAL behavior------------
-✓ CSRF: 2-5 vulnerable forms found
-✓ XSS: Multiple vulnerabilities detected
-✓ SQLi: SQL injection points found
-✓ Ports: 80, 443 open
-✓ WAF: Not detected or weak
-✓ Risk Score: 75-95 (High)
+   - This is EXPECTED and NORMAL behavior
 
 
 SECURE SITE (google.com):