CorsMe is a specialized scanner designed to identify Cross-Origin Resource Sharing (CORS) misconfigurations in web applications. The tool analyzes web application configurations to detect potential security vulnerabilities related to CORS policies. It examines how applications handle cross-origin requests and identifies instances where CORS settings may be improperly configured. CorsMe provides detailed findings about discovered misconfigurations and offers remediation recommendations to help security professionals address identified issues. The scanner focuses specifically on CORS-related security weaknesses that could potentially allow unauthorized cross-origin access to web resources. The tool serves as a targeted solution for web application security assessments, particularly useful for identifying configuration-based vulnerabilities that may not be detected by general-purpose scanners.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A technology lookup and lead generation tool that identifies the technology stack of any website and provides features for market research, competitor analysis, and data enrichment.
An open-source tool that automates the detection and analysis of DLL hijacking vulnerabilities in Windows applications, providing detailed reports and remediation guidance.
APKiD is a tool that identifies compilers, packers, obfuscators, and other weird stuff in APK files.
A modular Python tool that obfuscates Android applications by manipulating decompiled smali code, resources, and manifest files without requiring source code access.
AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
ThreatLocker is an enterprise cybersecurity platform that provides comprehensive endpoint protection and zero-trust security to prevent ransomware, viruses, and other malicious software from running on endpoints.
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
A Nuxt 3 security module that automatically implements OWASP security patterns through HTTP headers, middleware, and various protection mechanisms including CSP, XSS validation, CORS, and CSRF protection.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.