To detect CSRF flaws in an application, it is important to navigate through the entire application, trying to map all the called methods to identify which are important due to the kind of processing it has. We can also do this to find out how they are called, which parameters are sent to the application, if there is any anti-CSRF protection, and if it is one of the vulnerable protections we saw before. Also, if you detect that the protection is currently implemented, try to find an error. Maybe the information you need to exploit the vulnerability is in another application's request.

You can use the Site map tab in Burp Suite, or in another proxy, to detect when a resource is called to other domains:

Also look in the request to check whether information is stored in the cookies. You can find tools in this chapter that can be used to modify the cookies stored in your web browser and include information instead of the cookies at your convenience.

You can also create CSRF templates to automate the exploitation to confirm the vulnerabilities. As a bug bounty hunter, you do not need very complex forms to confirm the weakness—just need a basic form that calls the method, for example:

<form method='POST' action='http://bugsite.com/form.php'> 
<input type='hidden' name='criticaltoggle' value='true' 
<input type='submit' value='submit'> 
</form> 

You can use it and modify it according to the scenario.