hunt-cors
CommunityIdentify and exploit CORS misconfigurations.
Software Engineering#vulnerability#web-security#cors#pentesting#security-testing#cross-origin#cors-misconfiguration
Authorsseshachala
Version1.0.0
Installs0
System Documentation
What problem does it solve?
CORS misconfigurations can expose sensitive data by allowing malicious origins to access authenticated responses. This Skill helps identify problematic patterns like reflect-any-origin with credentials, null-origin trust, and subdomain regex bypass.
Core Features & Use Cases
- Detects common CORS misconfigurations across APIs and SPAs.
- Provides a structured hunting methodology to validate origin checks and postMessage handling.
- Suitable for red-team readiness and bug-bounty testing in web apps.
Quick Start
Run an initial CORS assessment against a target API to verify origin reflection, credentials, and preflight handling.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: hunt-cors Download link: https://github.com/sseshachala/Claude-BugHunter-archive/archive/main.zip#hunt-cors Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 510,000+ vetted skills library on demand.