Skip to content
/ theftfuzzer Public

TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.

www.corben.io/advanced-cors-techniques/
310 stars 60 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lc/theftfuzzer

2 Branches0 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

lclc
Merge pull request #5 from gaochua/add_null_origin
Oct 17, 2019
bf40163 Β· Oct 17, 2019

History

24 Commits
README.md
README.md
Jan 22, 2019
requirements.txt
requirements.txt
Aug 4, 2018
theftfuzzer.py
theftfuzzer.py
Oct 17, 2019

Repository files navigation

β”Œβ”¬β”β”¬ β”¬β”Œβ”€β”β”Œβ”€β”β”Œβ”¬β”β”Œβ”€β”β”¬ β”¬β”Œβ”€β”β”Œβ”€β”β”Œβ”€β”β”¬β”€β”
 β”‚ β”œβ”€β”€β”œβ”€ β”œβ”€  β”‚ β”œβ”€ β”‚ β”‚β”Œβ”€β”˜β”Œβ”€β”˜β”œβ”€ β”œβ”¬β”˜
 β”΄ β”΄ β”΄β””β”€β”˜β””   β”΄ β””  β””β”€β”˜β””β”€β”˜β””β”€β”˜β””β”€β”˜β”΄β””β”€

Introduction:

TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.

Usage:

python theftfuzzer.py -d 'http://example.com/api/data'

Help:

python theftfuzzer.py -h

~$ python theftfuzzer.py -h                               
usage: theftfuzzer.py [-h] -d DOMAIN [-c COOKIE]

Cross Origin Resource Sharing Fuzzer by Corben Leo

optional arguments:
  -h, --help            show this help message and exit
  -d DOMAIN, --domain DOMAIN
                        URL / Target to fuzz
  -c COOKIE, --cookie COOKIE
                        File containing cookie to send in fuzzing requests

Buy Me A Coffee

About

TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.

www.corben.io/advanced-cors-techniques/

Resources

Readme
Activity

Stars

310 stars

Watchers

13 watching

Forks

60 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

Languages