Cross Origin Resource Sharing MisConfiguration Scanner
A cors misconfiguration scanner tool based on golang with speed and precision in mind !
$ go get -u -v github.com/shivangx01b/CorsMe
Single Url
echo "https://example.com" | ./CorsMe
Multiple Url
cat http_https.txt | ./CorsMe -t 70
Allow wildcard .. Now if Access-Control-Allow-Origin is * it will be printed
cat http_https.txt | ./CorsMe -t 70 -wildcard
Add header if required
cat http_https.txt | ./CorsMe -t 70 -wildcard -header "Cookie: Session=12cbcx...."
Save output in a file
cat http_https.txt | ./CorsMe -t 70 -output audit.logs
Add another method if required
cat http_https.txt | ./CorsMe -t 70 -wildcard -header "Cookie: Session=12cbcx...." -method "POST"
Tip
subfinder -d hackerone.com -nW -silent | ./httprobe -c 70 -p 80,443,8080,8081,8089 | tee http_https.txt
cat http_https.txt | ./CorsMe -t 70