Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.
Requirements
It only works with Python 3 and has the following dependencies:
To install these dependencies, navigate to the tool directory and execute pip3 install -r requirements.txt
Usage
Using it is pretty simple
python3 corsy.py -u https://example.com
Scan URLs from a file
python3 corsy.py -i /path/urls.txt
Number of threads
python3 corsy.py -u https://example.com -t 20
Also Read – AntiCheat : Framework To Test Any Anti-Cheat
Delay between requests
python3 corsy.py -u https://example.com -d 2
Export results to JSON
python3 corsy.py -i /path/urls.txt -o /path/output.json
Custom HTTP headers
python3 corsy.py -u https://example.com –headers “User-Agent: GoogleBot\nCookie: SESSION=Hacked”
Skip printing tips
-q can be used to skip printing of description, severity, exploitation fields in the output.
Tests implemented
Artificial Intelligence (AI) is changing how industries operate, automating processes, and driving new innovations. However,…
Image credit:pexels.com If you think back to the early days of personal computing, you probably…
In an era defined by technological innovation, the way people handle and understand money has…
The online world becomes more visually driven with every passing year. Images spread across websites,…
General Working of a Web Application Firewall (WAF) A Web Application Firewall (WAF) acts as…
How to Send POST Requests Using curl in Linux If you work with APIs, servers,…