CORS-Scanner
CORS-Scanner is a command-line tool written in Go that discovers CORS (Cross-Origin Resource Sharing) misconfiguration vulnerabilities in web applications. It tests target URLs for common CORS flaws such as reflected origins with credentials enabled and wildcard origin configurations that could allow unauthorized cross-origin access. The tool accepts line-delimited domains via stdin, making it easy to integrate into reconnaissance pipelines with tools like httprobe. Users can customize the Origin header and optionally include cookies for testing credentialed requests. CORS-Scanner outputs clear vulnerability indicators for each affected URL, flagging the type of misconfiguration found. It is useful for security researchers, penetration testers, and bug bounty hunters performing web application security assessments to identify and report insecure CORS implementations.