Corsy

CORS Misconfiguration Scanner

Introduction

Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.

Requirements

Corsy only works with Python 3 and has the following depencies:

• tld
• requests

To install these dependencies, navigate to Corsy directory and execute pip3 install -r requirements.txt

Usage

Using Corsy is pretty simple

python3 corsy.py -u https://example.com

Scan URLs from a file

python3 corsy.py -i /path/urls.txt

Scan URLs from stdin

cat urls.txt | python3 corsy.py

Number of threads

python3 corsy.py -u https://example.com -t 20

Delay between requests

python3 corsy.py -u https://example.com -d 2

Export results to JSON

python3 corsy.py -i /path/urls.txt -o /path/output.json

Custom HTTP headers

python3 corsy.py -u https://example.com --headers "User-Agent: GoogleBot\nCookie: SESSION=Hacked"

Skip printing tips

-q can be used to skip printing of description, severity, exploitation fields in the output.

Tests implemented

• Pre-domain bypass
• Post-domain bypass
• Backtick bypass
• Null origin bypass
• Unescaped dot bypass
• Underscore bypass
• Invalid value
• Wild card value
• Origin reflection test
• Third party allowance test
• HTTP allowance test