Rogue website to demonstrate CSRF and XSS attacks.
It is important that you run the unprotected branch of the
target app on
http://application.com:3000, assign application.com
to localhost on your /etc/hosts file, and also make
sure you are logged in the target app in order for the attacks to succeed.