s0md3v/Corsy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
66 Commits 1 Branch 0 Tags
85e1fe8b68e24f9b80d6ad7f87a72945ee2ccf5e
Commit Graph

66 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vasco Franco
85e1fe8b68 Fix bug in extractHeaders and simplify its logic 
`extractHeaders` had an incorrect regex that crashed Corsy with the msg:
"sre_constants.error: nothing to repeat at position 1". This was caused
by `^?`, which is not a valid regex, and can be reproduced with the
README example: `python3 corsy.py -u https://example.com --headers
"User-Agent: GoogleBot\nCookie: SESSION=Hacked"`.
Instead of using the regex this commit simplifies the logic by using a
`split` to split lines and header_name/value pairs.
 2021-11-14 00:02:28 +00:00
Vasco Franco
b5c5c21926 Fixes "origin reflected" check 
Previously there was a missing call to `headers = requester(url, scheme,
header_dict, origin)` in the "origin reflected" check. This meant that
the code was not using the intended origin (`origin = root + '://' +
'example.com'`). Intead, the check incorreclty used the headers from the
first request (with `origin = scheme + '://' + root`). This commit fixes
this problem by making the missing request.
 2021-11-13 23:53:18 +00:00
Somdev Sangwan
06f4d4a06d Merge pull request #33 from s0md3v/hotfix 
HOTFIX
 2021-01-28 18:24:23 +05:30
Somdev Sangwan
de9aff1794 fix breaking bug, better error handling 2021-01-28 18:23:51 +05:30
Somdev Sangwan
29fe7d918c simplify origin, better error handling 2021-01-28 18:21:49 +05:30
Somdev Sangwan
35d18e9062 it's requests, not request 2021-01-28 17:00:43 +05:30
Somdev Sangwan
3af7dca220 remove tld dependency 2021-01-28 16:55:10 +05:30
Somdev Sangwan
9bc60b84c4 stdin support, include url path, better error handling 2021-01-28 16:51:35 +05:30
Somdev Sangwan
ad0bd1429b Merge branch 'master' into master 2021-01-28 16:50:08 +05:30
Somdev Sangwan
2fcc28005c removed unused verobse argument 2021-01-28 16:43:23 +05:30
Somdev Sangwan
43cde850b5 removed unnecessary brackets 2021-01-28 16:38:56 +05:30
Somdev Sangwan
aedf5b0581 follow format style of corsy 2021-01-28 16:34:37 +05:30
Somdev Sangwan
62fcc3974d added underscore bypass 2021-01-28 16:23:23 +05:30
Somdev Sangwan
332da5bdfd added underscore bypass, removed donation links 2021-01-28 16:22:33 +05:30
Somdev Sangwan
55a779649a added underscore bypass 2021-01-28 16:21:42 +05:30
Somdev Sangwan
84498ed3d5 removed tld dependency 2021-01-28 16:15:36 +05:30
Somdev Sangwan
2e3ea35807 fix support for IP addresses 2021-01-28 16:15:17 +05:30
duckie
fc4364675c remove pycache 2021-01-28 16:05:19 +05:30
Somdev Sangwan
3415c05761 Merge pull request #32 from davidmckennirey/master 
Add error handling for refused connections.
 2021-01-28 15:46:48 +05:30
David McKennirey
b6dec2138e Add error handling for refused connections. This will allow the tool to continue testing if one or more of the target urls refuses connections. Previously, this would cause the tool to stop once it encoutered a URL that refused a connection. 2021-01-15 07:42:47 -05:00
Somdev Sangwan
437504ad80 fix #30 2020-12-09 14:17:42 +05:30
duckie
0f7d722bf6 beautfied the error in #23 2020-08-21 15:58:22 +05:30
duckie
742e3134fe removed the nested folder, sorry too many commits 2020-08-21 15:55:10 +05:30
duckie
a341f4871f Delete LICENSE 2020-08-21 15:53:43 +05:30
duckie
7d7afb6159 Delete CHANGELOG.md 2020-08-21 15:53:24 +05:30
duckie
7d40199c45 Delete requirements.txt 2020-08-21 15:53:09 +05:30
duckie
cac6314f05 Delete README.md 2020-08-21 15:52:57 +05:30
duckie
9351a3630a Delete corsy.py 2020-08-21 15:51:40 +05:30
duckie
6abe34ad4c Merge branch 'master' into master 2020-08-21 11:37:56 +05:30
duckie
56b8c5dabb should resolve the conflict 2020-08-21 11:34:43 +05:30
duckie
370bf7bfd9 Converted Tab to Spaces 2020-08-21 11:10:58 +05:30
Somdev Sangwan
fdf0dd5a09 Fixes #25 2020-08-21 09:28:07 +05:30
duckie
36a87ffbdd added path to not be dropped issue #27 2020-08-19 22:51:54 +05:30
duckie
6c805b24d1 Update README.md 2020-08-19 22:23:25 +05:30
duckie
d625914f50 added better error handling and stdin support 2020-08-19 22:21:57 +05:30
Somdev Sangwan
3f9b523028 minor ui changes 2020-01-17 03:20:20 +05:30
Somdev Sangwan
42715ee5b2 minor ui changes 2020-01-17 03:19:49 +05:30
Somdev Sangwan
4af27fcb12 updated screenshot 2020-01-17 03:19:01 +05:30
Somdev Sangwan
f2e873670d Update docs, FIxes #2, FIxes #13 2020-01-17 02:55:30 +05:30
Somdev Sangwan
f8e57478fe 1.0-beta 
- Bug fixes
- Scan URLs from file
- JSON output to file
- Custom HTTP header support
- Switch to ignore helpful messages
 2020-01-17 02:44:46 +05:30
Somdev Sangwan
2e145e699c Merge pull request #11 from vvMelody/develop 
Improve code quality
 2020-01-16 16:45:02 +05:30
Mio
678517ca87 Update requester.py 2019-12-15 18:14:24 +08:00
Mio
3387c6355f Merge branch 'master' into develop 2019-12-15 18:12:56 +08:00
Somdev Sangwan
ed7eb17683 supress bad ssl warning 2019-12-13 18:13:21 +05:30
Somdev Sangwan
3b76d8c7fd skip verification of ssl certificates 2019-12-12 11:17:20 +05:30
vvMelody
c6d307b2bc Simplify some code 2019-12-04 14:04:03 +08:00
Somdev Sangwan
d1da167b82 Merge pull request #8 from afranche/master 
Correct typos in errors details messages
 2019-11-28 11:11:35 +05:30
Somdev Sangwan
56a8c48c6b Update details.json 2019-11-28 11:10:41 +05:30
Aissaoui Anouar
5ad2fa9ddd chore(messages): Corrected typos 2019-11-28 02:37:12 +01:00
Somdev Sangwan
44cbdacc71 updated donation link 2019-11-27 16:00:51 +05:30