CorsMe | Cross Origin Resource Sharing MisConfiguration Scanner

image

What is CorsMe ?

A cors misconfiguration scanner tool based on golang with speed and precision in mind !

Misconfiguration type this scanner can check for

How to Install

$ go get -u github.com/shivangx01b/CorsMe

Usage

Single Url

echo "https://example.com" | ./CorsMe 

Multiple Url

cat http_https.txt | ./CorsMe -t 70

Allow wildcard … Now if Access-Control-Allow-Origin is * it will be printed

cat http_https.txt | ./CorsMe -t 70 --wildcard

Add header if required

cat http_https.txt | ./CorsMe -t 70 -wildcard -header "Cookie: Session=12cbcx...."

Tip

cat subdomains.txt | ./httprobe -c 70 -p 8080,8081,8089 | tee http_https.txt
cat http_https.txt | ./CorsMe -t 70

Screenshot

image

Twitter

Ideas for making this tool are taken from :

CORScanner

Corsy

cors-blimey

GitHub:

1 Like
Friendly Websites

ettvdl.com https://crackingpatching.com/ https://prostylex.org/ https://haxnode.com/ freecoursesonline.me ftuapps.dev