CORS_Bypasses.md

CORS Bypass

1. Origin:null
2. Origin:attacker.com
3. Origin:attacker.target.com
4. Origin:attackertarget.com
5. Origin:sub.attackertarget.com
6. Origin:attacker.com and then change the method Get to post/Post to Get
7. Origin:sub.attacker target.com
8. Origin:sub.attacker%target.com
9. Origin:attacker.com/target.com

Authors

• @tamimhasan404

Reference Tweets

https://twitter.com/trbughunters/status/1287023673845612546

https://twitter.com/Paresh_parmar1/status/1265251507655630848

https://twitter.com/Alra3ees/status/1141504347089584128