Search the Community
Showing results for tags 'misconfiguration'.
-
About CORScanner CORScanner is a python tool designed to discover CORS misconfigurations vulnerabilities of websites. It helps website administrators and penetration testers to check whether the domains/urls they are targeting have insecure CORS policies. The correct configuration of CORS policy is critical to website security, but CORS configurations have many error-prone corner cases. Web developers who are not aware of these corner cases are likely to make mistakes. Thus, we summarize different common types of CORS misconfigurations and integrate them into this tool, to help developers/security-practitioners quickly locate and detect such security issues. Features Fast. It uses gevent instead of Python threads for concurrency, which is much faster for network scanning. Comprehensive. It covers all the common types of CORS misconfigurations we know. Flexible. It supports various self-define features (e.g. file output), which is helpful for large-scale scanning. Changelog v0.9.6 Add an API interface for other programs to use [hide][Hidden Content]]
-
- 1
-
- corscanner
- v0.9.6
-
(and 5 more)
Tagged with: