Day 93 comes with some readings on business logic and CSRF protection bypass.
Hacking companies through help desk
Sins of Anti-CSRF Tokens
From Sam (CoffeeJunkie). CSRF attacks became something interesting to look for, and the process of exploiting can be pretty interesting due to the methods that can be bypassed for different CSRF tokens that achieve a security function in the web application. This time Harsh Bothra explains different ways to bypassed this protections. You can find the full article here