[link]https://github.com/RUB-NDS/CORStest[/link]
[short_descr]A simple CORS misconfiguration scanner.[/short_descr]
[tags]vulnerabilities,cors,scanner[/tags]
[long_descr]CORStest is a quick & dirty Python 3 tool to find Cross-Origin Resource Sharing (CORS) misconfigurations. It takes a text file as input which may contain a list of domain names or URLs. Currently, the following potential vulnerabilities are detected by sending a certain Origin request header and checking for the Access-Control-Allow-Origin response header:
[link]https://github.com/RUB-NDS/CORStest[/link] [short_descr]A simple CORS misconfiguration scanner.[/short_descr] [tags]vulnerabilities,cors,scanner[/tags] [long_descr]CORStest is a quick & dirty Python 3 tool to find Cross-Origin Resource Sharing (CORS) misconfigurations. It takes a text file as input which may contain a list of domain names or URLs. Currently, the following potential vulnerabilities are detected by sending a certain Origin request header and checking for the Access-Control-Allow-Origin response header: