Corsy v1.0 RC releases: CORS Misconfiguration Scanner
Corsy
Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.
Tests implemented
- Pre-domain bypass
- Post-domain bypass
- Backtick bypass
- Null origin bypass
- Invalid value
- Wild card value
- Origin reflection test
- Third-party allowance test
- HTTP allowance test
Changelog v1.0 RC
- Fixed a lot of breaking bugs
- Added
underscore bypass - Added stdin input support
Install
git clone https://github.com/s0md3v/Corsy.git
Use
python corsy.py -u https://example.com
Copyright (C) 2019 s0md3v
Source: https://github.com/s0md3v/
