Corsy
Corsy Agent Setup for scans for all known misconfigurations in CORS

Corsy Command

Using {{domain}} ReconNess replace {{domain}} for the subdomain.
1
python3 corsy.py -u https://{{domain}}
Copied!
This Agent run in each subdomain.

Corsy Script

1
using ReconNess.Core.Models;
2
3
4
if (lineInput.Contains("Class:") || lineInput.Contains("Description:") || lineInput.Contains("Severity:") ||
5
lineInput.Contains("Exploitation:") || lineInput.Contains("ACAO Header:") || lineInput.Contains("ACAC Header:"))
6
{
7
return new ScriptOutput
8
{
9
Note = lineInput.Replace("-", "")
10
};
11
}
12
13
return new ScriptOutput();
Copied!
Check the Readme on GitHub to know more about the Script.

Corsy Dockerfile Entry

1
# -------- Agents dependencies --------
2
3
# To allow run corsy inside the docker
4
5
RUN apt-get update && apt-get install -y git python3 python3-pip
6
RUN git clone https://github.com/s0md3v/Corsy.git
7
RUN cd Corsy && pip3 install -r requirements.txt
8
9
# -------- End Agents dependencies --------
Copied!

Corsy Command for Docker

1
python3 /app/Corsy/corsy.py -u https://{{domain}}
Copied!
Last modified 1yr ago