Quantcast
Channel: KitPloit - PenTest Tools!
Viewing all articles
Browse latest Browse all 5816

Corsy - CORS Misconfiguration Scanner

$
0
0

Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.

Usage
Using Corsy is pretty simple
python corsy.py -u https://example.com
A delay between consecutive requests can be specified with -d option.
Note: This is a beta version, features such as JSON output and scanning multiple hosts will be added later.

Tests implemented
  • Pre-domain bypass
  • Post-domain bypass
  • Backtick bypass
  • Null origin bypass
  • Unescaped dot bypass
  • Invalid value
  • Wild card value
  • Origin reflection test
  • Third party allowance test
  • HTTP allowance test

Support the developer
Liked the project? Donate a few bucks to motivate me to keep writing code for free.



Viewing all articles
Browse latest Browse all 5816

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>