CorsMe : Cross Origin Resource Sharing MisConfiguration Scanner

A CorsMe misconfiguration scanner tool based on golang with speed and precision in mind !

Misconfiguration type this scanner can check for

How to Install?

$ go get -u github.com/shivangx01b/CorsMe

Usage

  • Single Url

echo “https://example.com” | ./CorsMe

  • Multiple Url

cat http_https.txt | ./CorsMe -t 70

  • Allow wildcard .. Now if Access-Control-Allow-Origin is * it will be printed

cat http_https.txt | ./CorsMe -t 70 –wildcard

  • Add header if required

cat http_https.txt | ./CorsMe -t 70 -wildcard -header “Cookie: Session=12cbcx….”

  • Tip

cat subdomains.txt | ./httprobe -c 70 -p 8080,8081,8089 | tee http_https.txt cat http_http

s.txt | ./CorsMe -t 70

Note

  • Scanner stores the error results as “error_requests.txt”… which contains hosts which cannot be requested
Download
R K

Share
Published by
R K
Tags: CorsMeScanner
6 years ago

Recent Posts

How to Prevent Software Supply Chain Attacks

What is a Software Supply Chain Attack? A software supply chain attack occurs when a…

19 hours ago

How UDP Works and Why It Is So Fast

When people ask how UDP works, the simplest answer is this: UDP sends data quickly…

1 week ago

How EDR Killers Bypass Security Tools

Endpoint Detection and Response (EDR) solutions have become a cornerstone of modern cybersecurity, designed to…

2 weeks ago

AI-Generated Malware Campaign Scales Threats Through Vibe Coding Techniques

A large-scale malware campaign leveraging AI-assisted development techniques has been uncovered, revealing how attackers are…

2 weeks ago

How Does a Firewall Work Step by Step

How Does a Firewall Work Step by Step? What Is a Firewall and How Does…

2 weeks ago

Fake VPN Download Trap Can Steal Your Work Login in Minutes

People trying to securely connect to work are being tricked into doing the exact opposite.…

2 weeks ago