Skip to content

pflashpunk/Corsy

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
core
core
 
 
db
db
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
corsy.py
corsy.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation


Corsy
Corsy

CORS Misconfiguration Scanner

Introduction

Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.

demo

Usage

Using Corsy is pretty simple

python corsy.py -u https://example.com

A delay between consecutive requests can be specified with -d option.

Note: This is a beta version, features such as JSON output and scanning multiple hosts will be added later.

Tests implemented

  • Pre-domain bypass
  • Post-domain bypass
  • Backtick bypass
  • Null origin bypass
  • Invalid value
  • Wild card value
  • Origin reflection test
  • Third party allowance test
  • HTTP allowance test

Support the developer

Liked the project? Donate a few bucks to motivate me to keep writing code for free.

About

CORS Misconfiguration Scanner

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages

  • Python 100.0%