https://github.com/lc/theftfuzzer

TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.
https://github.com/lc/theftfuzzer

Last synced: about 1 year ago
JSON representation

TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.

• Host: GitHub
• URL: https://github.com/lc/theftfuzzer
• Owner: lc
• Created: 2018-06-16T06:17:02.000Z (almost 8 years ago)
• Default Branch: master
• Last Pushed: 2023-05-22T21:25:30.000Z (about 3 years ago)
• Last Synced: 2025-03-30T13:08:32.917Z (about 1 year ago)
• Language: Python
• Homepage: https://www.corben.io/advanced-cors-techniques/
• Size: 16.6 KB
• Stars: 313
• Watchers: 13
• Forks: 60
• Open Issues: 2
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
```

┌┬┐┬ ┬┌─┐┌─┐┌┬┐┌─┐┬ ┬┌─┐┌─┐┌─┐┬─┐

 │ ├─┤├┤ ├┤  │ ├┤ │ │┌─┘┌─┘├┤ ├┬┘

 ┴ ┴ ┴└─┘└   ┴ └  └─┘└─┘└─┘└─┘┴└─

```

## Introduction:

TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.

## Usage:

`python theftfuzzer.py -d 'http://example.com/api/data'`

#### Help:

`python theftfuzzer.py -h`

```

~$ python theftfuzzer.py -h                               

usage: theftfuzzer.py [-h] -d DOMAIN [-c COOKIE]

Cross Origin Resource Sharing Fuzzer by Corben Leo

optional arguments:

  -h, --help            show this help message and exit

  -d DOMAIN, --domain DOMAIN

                        URL / Target to fuzz

  -c COOKIE, --cookie COOKIE

                        File containing cookie to send in fuzzing requests

```