This application is a super-simple Twitter* clone built to demonstrate a CSRF attack.
To properly demonstrate CSRF, you need an authenticated user. Clicking the button below will create a new user with a random username and automatically log you in.
You can then post status updates which will appear on your profile page.
Once you log out, there is intentionally no way to log in again as the same user. All data will be deleted on a regular basis.
Built by @danielhepper.
This application is obviously neither affiliated with nor endorsed by Twitter.