Awesome
<h1 align="center"> <br> <a href=""><img src="https://github.com/Shivangx01b/CorsMe/blob/master/static/banner.png" alt="" width="200px;"></a> <br> <img src="https://img.shields.io/github/languages/top/Shivangx01b/CorsMe?style=flat-square"> <a href="https://goreportcard.com/report/github.com/Shivangx01b/CorsMe"><img src="https://goreportcard.com/badge/github.com/Shivangx01b/CorsMe"></a> <a href="https://twitter.com/intent/follow?screen_name=shivangx01b"><img src="https://img.shields.io/twitter/follow/shivangx01b?style=flat-square"></a> </h1>What is CorsMe ?
A cors misconfiguration scanner tool based on golang with speed and precision in mind !
Misconfiguration type this scanner can check for
- Reflect Origin checks
- Prefix Match
- Suffix Match
- Not Esacped Dots
- Null
- ThirdParties (Like => github.io, repl.it etc.)
- Taken from Chenjj's github repo
- SpecialChars (Like => "}","(", etc.)
- See more in Advanced CORS Exploitation Techniques
How to Install
$ go get -u -v github.com/shivangx01b/CorsMe
Usage
Single Url
echo "https://example.com" | ./CorsMe
Multiple Url
cat http_https.txt | ./CorsMe -t 70
Allow wildcard .. Now if Access-Control-Allow-Origin is * it will be printed
cat http_https.txt | ./CorsMe -t 70 -wildcard
Add header if required
cat http_https.txt | ./CorsMe -t 70 -wildcard -header "Cookie: Session=12cbcx...."
Save output in a file
cat http_https.txt | ./CorsMe -t 70 -output audit.logs
Add another method if required
cat http_https.txt | ./CorsMe -t 70 -wildcard -header "Cookie: Session=12cbcx...." -method "POST"
Tip
subfinder -d hackerone.com -nW -silent | ./httprobe -c 70 -p 80,443,8080,8081,8089 | tee http_https.txt
cat http_https.txt | ./CorsMe -t 70
Screenshot
Note:
- Scanner stores the error results as "error_requests.txt"... which contains hosts which cannot be requested