Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Locked CORScanner v0.9.6 - Fast CORS misconfiguration vulnerabilities scanner


itsMe

Recommended Posts

This is the hidden content, please

About CORScanner

CORScanner is a python tool designed to discover CORS misconfigurations vulnerabilities of websites. It helps website administrators and penetration testers to check whether the domains/urls they are targeting have insecure CORS policies.

The correct configuration of CORS policy is critical to website security, but CORS configurations have many error-prone corner cases. Web developers who are not aware of these corner cases are likely to make mistakes. Thus, we summarize different common types of CORS misconfigurations and integrate them into this tool, to help developers/security-practitioners quickly locate and detect such security issues.

Features

    Fast. It uses gevent instead of Python threads for concurrency, which is much faster for network scanning.
    Comprehensive. It covers all the common types of CORS misconfigurations we know.
    Flexible. It supports various self-define features (e.g. file output), which is helpful for large-scale scanning.

Changelog v0.9.6

    Add an API interface for other programs to use

This is the hidden content, please

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.