Hack Tools

Corsy: CORS Misconfiguration Scanner


Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.

Tests implemented

  • Pre-domain bypass
  • Post-domain bypass
  • Backtick bypass
  • Null origin bypass
  • Invalid value
  • Wild card value
  • Origin reflection test
  • Third-party allowance test
  • HTTP allowance test


git clone https://github.com/s0md3v/Corsy.git


python corsy.py -u https://example.com

Copyright (C) 2019 s0md3v

Source: https://github.com/s0md3v/

The post Corsy: CORS Misconfiguration Scanner appeared first on Penetration Testing.

Click to comment

You must be logged in to post a comment Login

Leave a Reply

To Top

Pin It on Pinterest

Share This