【笔记】CORScanner学习笔记

发表于 2024-06-14 更新于 2025-12-19 阅读次数：

前言

CORScanner学习笔记
CORScanner is a python tool designed to discover CORS misconfigurations vulnerabilities of websites. It helps website administrators and penetration testers to check whether the domains/urls they are targeting have insecure CORS policies.（chenjj/CORScanner）

下载项目

1 2	git clone https://github.com/chenjj/CORScanner.git cd CORScanner

下载依赖

1
2
3

python3 -m venv venv
source venv/bin/activate
pip3 install -r requirements.txt

查看帮助

1	python3 cors_scan.py -h

扫描单个网站

-v：显示详细日志

1	python3 cors_scan.py -u "<url>"

批量扫描网站

1	python3 cors_scan.py -i <file>

完成

参考文献

哔哩哔哩——xiaodisec