Hack Tools

Corsy – CORS Misconfiguration Scanner

By root

Posted on November 27, 2019

Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.

Usage
Using Corsy is pretty simple
python corsy.py -u https://example.com
A delay between consecutive requests can be specified with -d option.

Note: This is a beta version, features such as JSON output and scanning multiple hosts will be added later.

Tests implemented

Pre-domain bypass
Post-domain bypass
Backtick bypass
Null origin bypass
Unescaped dot bypass
Invalid value
Wild card value
Origin reflection test
Third party allowance test
HTTP allowance test

Support the developer
Liked the project? Donate a few bucks to motivate me to keep writing code for free.

Paypal – https://paypal.me/s0md3v
Credit/Debit Card – https://www.buymeacoffee.com/s0md3v

Download Corsy

Related Items:cybersecurity, ethical hacking, Hack Android, hack app, hack wordpress

MrHacker

Corsy – CORS Misconfiguration Scanner

Latest News

Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites

State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage

U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks

Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike

eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners

Links

Pin It on Pinterest