To use machine learning to discover web application security issues (ML). Web applications are notoriously difficult to analyses due to their variety and bespoke construction. Machine learning protects websites and other digital assets. It uses human-labeled data to deliver automated analytical tools with web-programming semantics. We introduce Mitch as the black box ML solution for detecting Cross-Site Request Forgery (CSRF). With Mitch’s help, we discovered 35 new CSRFs across 20 major websites and 3 new CSRFs in live production applications. In the end, working code will be utilized to prove Mitch’s worth.