CORScanner v1.0 releases: Fast CORS misconfiguration vulnerabilities scanner
CORScanner is a python tool designed to discover CORS misconfigurations vulnerabilities of websites. It helps website administrators and penetration testers to check whether the domains/urls they are targeting have insecure CORS policies.
The correct configuration of CORS policy is critical to website security, but CORS configurations have many error-prone corner cases. Web developers who are not aware of these corner cases are likely to make mistakes. Thus, we summarize different common types of CORS misconfigurations and integrate them into this tool, to help developers/security-practitioners quickly locate and detect such security issues.
- Fast. It uses gevent instead of Python threads for concurrency, which is much faster for network scanning.
- Comprehensive. It covers all the common types of CORS misconfigurations we know.
- Flexible. It supports various self-define features (e.g. file output), which is helpful for large-scale scanning.
This tool covers the following misconfiguration types:
|Reflect_any_origin||Blindly reflect the Origin header value in |
|HTTPS_trust_HTTP||Risky trust dependency, a MITM attacker may steal HTTPS site secrets|
|Trust_any_subdomain||Risky trust dependency, a subdomain XSS may steal its secrets|
|custom_third_parties||Custom unsafe third parties origins like |
git clone https://github.com/chenjj/CORScanner.git
sudo pip install -r requirements.txt
|Short Form||Long Form||Description|
|-u||–url||URL/domain to check it’s CORS policy|
|-i||–input||URL/domain list file to check their CORS policy|
|-t||–threads||Number of threads to use for CORS scan|
|-o||–output||Save the results to a text file|
|-v||–verbose||Enable the verbose mode and display results in real-time|
|-h||–help||show the help message and exit|
- To check CORS misconfigurations of a specific domain:
python cors_scan.py -u example.com
- To check CORS misconfigurations of specific URL:
python cors_scan.py -u http://example.com/restapi
- To check CORS misconfigurations of multiple domains/URLs:
python cors_scan.py -i top_100_domains.txt -t 100
- To list all the basic options and switches use -h switch:
python cors_scan.py -h
Copyright (c) 2018 Jianjun Chen