Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.
Requirements
It only works with Python 3 and has the following dependencies:
To install these dependencies, navigate to the tool directory and execute pip3 install -r requirements.txt
Usage
Using it is pretty simple
python3 corsy.py -u https://example.com
Scan URLs from a file
python3 corsy.py -i /path/urls.txt
Number of threads
python3 corsy.py -u https://example.com -t 20
Also Read – AntiCheat : Framework To Test Any Anti-Cheat
Delay between requests
python3 corsy.py -u https://example.com -d 2
Export results to JSON
python3 corsy.py -i /path/urls.txt -o /path/output.json
Custom HTTP headers
python3 corsy.py -u https://example.com –headers “User-Agent: GoogleBot\nCookie: SESSION=Hacked”
Skip printing tips
-q can be used to skip printing of description, severity, exploitation fields in the output.
Tests implemented
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…