Kali
Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS) misconfigurations. CORS is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served. If this is not properly configured, unauthorised domains can access to those resources. What is …
Continue reading “Corsair_Scan : A Security Tool To Test Cross-Origin Resource Sharing (CORS)”
Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations. Requirements It only works with Python 3 and has the following dependencies: tld requests To install these dependencies, navigate to the tool directory and execute pip3 install -r requirements.txt Usage Using it is pretty simple python3 corsy.py -u https://example.com Scan URLs …
CORStest is a quick & dirty Python 2 tool to find Cross-Origin Resource Sharing (CORS) misconfigurations. It takes a text file as input which may contain a list of domain names or URLs. Currently, the following potential vulnerabilities are detected by sending a certain Origin request header and checking for the Access-Control-Allow-Origin response header: Developer …
Continue reading “CORSTest : A Simple CORS Misconfiguration Scanner”
Corsy is a lightweight program that scans for all known mis-configurations in CORS implementations. Requirements It only works with Python 3 and has the following depencies: tld requests To install these dependencies, navigate to the tool directory and execute pip3 install -r requirements.txt Also Read – Glances : Top/htop Alternative For GNU/Linux, BSD, Mac OS & Windows OS …
