Beginner

Cross Origin Resource Sharing Playground

4th of July Sale: Use coupon “FIREWORKS15” and get 15% off on Pro and Pro Plus Individual Annual Plans.
Learning Path
Application Security Essentials
Ideal for
Security Engineer
Security Champion
Developer
3
Hours
1
Lessons
3
Cloud Labs

Cross Origin Resource Sharing (CORS) is a browser mechanism which enables controlled access to resources located outside of a given domain. But while convenient, it also opens up the possibility of cross-domain attacks.

In this Playground, we’ll be going over both attack and defense for CORS, using hands-on labs to get a practical understanding of how these exploits work in the real world.

We’ll be learning how to exploit CORS using a phishing attack, then a basic origin reflection. Both these labs will have a defensive component as well. Our final lab exercise will feature a CSRF attack and CORS misconfiguration, after which you’ll learn to secure against these attacks.

You might also like these courses

Or explore these Learning Paths

Labs

CORS vulnerability with wildcard(*) along with phishing attack

CORS vulnerability with basic origin reflection

CORS and CSRF Attack and Defence

Hands-on. Defensive. Bleeding-Edge.

There's no other training platform that does all three. Except AppSecEngineer.
Get Our Newsletter
Get Started
X
FOLLOW APPSECENGINEER
CONTACT

Contact Support

help@appsecengineer.com

1603 Capitol Avenue,
Suite 413A #2898,
Cheyenne, Wyoming 82001,
United States

Copyright AppSecEngineer © 2023