I recently had to demonstrate how I could test a CORs policy with a wildcard as the developer of the web application I was pen testing tried to state that the CORs policy was fixed.
I found this post by Nick Gibbon HERE
And a simple CORs test tool on his github HERE
The only thing you have to do is change the JS
dataType: “html”,
url: “http://google.com”,
To the datatype expected in the response and the URL you want to test and load the html in any browser (or refresh the html page if you’ve already loaded it)
Sweet! It’s definitely something I will keep for myself but also as a why a developer can check if their remediation was successful!
Read all the entries in this series!
- Under Utilized Tools/Resources #1
- Under Utilized Tools/Resources #2
- Under Utilized Tools/Resources #3
- Under Utilized Tools/Resources #4
- Under Utilized Tools/Resources #5
- Under Utilized Tools/Resources #6
- Under Utilized Tools/Resources #7
- Under Utilized Tools/Resources #8
- Under Utilized Tools/Resources #9
- Under Utilized Tools/Resources #10
- Under Utilized Tools/Resources #11
- Under Utilized Tools/Resources #12
- Under Utilized Tools/Resources #13
- Under Utilized Tools/Resources #14
- Under Utilized Tools/Resources #15
- Under Utilized Tools/Resources #16
- Under Utilized Tools/Resources #17
- Under Utilized Tools/Resources #18
- Under Utilized Tools/Resources #19
- Under Utilized Tools/Resources #20
- Under Utilized Tools/Resources #21
- Under Utilized Tools/Resources #22
- Under Utilized Tools/Resources #23
- Under Utilized Tools/Resources #24
- Under Utilized Tools/Resources #25
- Under Utilized Tools/Resources #26
- Under Utilized Tools/Resources #27
- Under Utilized Tools/Resources #28
- Under Utilized Tools/Resources #29
- Under Utilized Tools/Resources #30
- Under Utilized Tools/Resources #31
- Under Utilized Tools/Resources #32
- Under Utilized Tools/Resources #33
- Under Utilized Tools/Resources #34
- Under Utilized Tools/Resources #35
- Under Utilized Tools/Resources #36
- Under Utilized Tools/Resources #37
- Under Utilized Tools/Resources #38
- Under Utilized Tools/Resources #39
- Under Utilized Tools/Resources #40
- Under Utilized Tools/Resources #41
- Under Utilized Tools/Resources #42
- Under Utilized Tools/Resources #43
- Under Utilized Tools/Resources #44
- Under Utilized Tools/Resources #45
- Under Utilized Tools/Resources #46
- Under Utilized Tools/Resources #47
- Under Utilized Tools/Resources #48
- Under Utilized Tools/Resources #49
- Under Utilized Tools/Resources #50
- Under Utilized Tools/Resources #51
- Under Utilized Tools/Resources #52
- Under Utilized Tools/Resources #53
- Under Utilized Tools/Resources #54
- Under Utilized Tools/Resources #55
- Under Utilized Tools/Resources #56
- Under Utilized Tools/Resources #57
- Under Utilized Tools/Resources #58
- Under Utilized Tools/Resources #59
- Under Utilized Tools/Resources #60
- Under Utilized Tools/Resources #61
- Under Utilized Tools/Resources #62
- Under Utilized Tools/Resources #63
- Under Utilized Tools/Resources #64
- Under Utilized Tools/Resources #65
END TRANSMISSION