CorsMe : Cross Origin Resource Sharing MisConfiguration Scanner

A CorsMe misconfiguration scanner tool based on golang with speed and precision in mind !

Misconfiguration type this scanner can check for

How to Install?

$ go get -u github.com/shivangx01b/CorsMe

Usage

  • Single Url

echo “https://example.com” | ./CorsMe

  • Multiple Url

cat http_https.txt | ./CorsMe -t 70

  • Allow wildcard .. Now if Access-Control-Allow-Origin is * it will be printed

cat http_https.txt | ./CorsMe -t 70 –wildcard

  • Add header if required

cat http_https.txt | ./CorsMe -t 70 -wildcard -header “Cookie: Session=12cbcx….”

  • Tip

cat subdomains.txt | ./httprobe -c 70 -p 8080,8081,8089 | tee http_https.txt cat http_http

s.txt | ./CorsMe -t 70

Note

  • Scanner stores the error results as “error_requests.txt”… which contains hosts which cannot be requested
R K

Recent Posts

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

3 hours ago

MODeflattener – Miasm’s OLLVM Deflattener

MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…

3 hours ago

My Awesome List : Tools And Their Functions

"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…

3 hours ago

Chrome Browser Exploitation, Part 3 : Analyzing And Exploiting CVE-2018-17463

CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…

3 hours ago

Chrome Browser Exploitation, Part 1 : Introduction To V8 And JavaScript Internals

The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…

3 hours ago

Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463

The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…

6 hours ago