Home

Awesome

<pre> ▄██ ▄ ▄████████ ▄████████ ▄██████▄ ▄████████ ▄████████ ███ ██▄ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███▄▄▄███ ███ ███ ███ █▀ ███ ███ ███ ███ ███ █▀ ▀▀▀▀▀▀███ ███ ███ ██████ ███ ███ ███ ▄███▄▄▄▄██▀ ███ ▄██ ███ ▀███████████ ██████ ███ ███ ███ ▀▀███▀▀▀▀▀ ▀███████████ ███ ███ ███ ███ ███ █▄ ███ ███ ▀███████████ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ███ ▄█ ███ ▀█████▀ ███ █▀ ████████▀ ▀██████▀ ███ ███ ▄████████▀ </pre>

Yet another - cross origin resource sharing misconfig scanner

By: Apollyon

Commands

COMMANDDESCRIPTION
-h / --helpRequest help
-u / --urlTarget Website
-ulist / --url_listTarget multiple websites from file
-to / --timeoutSet the timeout for requests
-wiz / --wizardWizard for new users
-t / --threadsMulti threaded scanning
-pr / --proxyUsing proxies (HTTP, HTTPS, SOCKS)
-auth / --authenticationAuthentication using headers and/or cookies
-save / --save_to_fileSaves valid payloads to file on disk

Installation

Normal

git clone https://github.com/0x-Apollyon/YA-CORS.git
cd YA-CORS
pip install -r requirements.txt

Using virtual environment (Arch based linux distros)

git clone https://github.com/0x-Apollyon/YA-CORS.git
cd YA-CORS
python -m venv venv
source venv/bin/activate
pip install -r requirements.txt

Usage

You can run it using commands given below or use the wizard

View help

python main.py -h

Default usage

python main.py -u https://example.com

Using with wizard

python main.py -wiz

image

Using with TOR

If you want to use YA-CORS with TOR you can do the following <br>

Tor uses the port 9050 for socks proxies by default, so if you have changed that change the port aswell <br>