Beginner

Cross Origin Resource Sharing Playground

Bootcamp: Rapid Threat Modeling with GenAI & LLMs - June 6-7, 2024. Only 12 seats left - Secure your spot!
Learning Path
Application Security Essentials
Ideal for
Security Engineer
Security Champion
Developer
3
Hours
1
Lessons
3
Cloud Labs

Cross Origin Resource Sharing (CORS) is a browser mechanism which enables controlled access to resources located outside of a given domain. But while convenient, it also opens up the possibility of cross-domain attacks.

In this Playground, we’ll be going over both attack and defense for CORS, using hands-on labs to get a practical understanding of how these exploits work in the real world.

We’ll be learning how to exploit CORS using a phishing attack, then a basic origin reflection. Both these labs will have a defensive component as well. Our final lab exercise will feature a CSRF attack and CORS misconfiguration, after which you’ll learn to secure against these attacks.

Get STARTED

You might also like these courses

Java Security Playground

Swift Security Playground

GoLang Security Playground

Kotlin Security Playground

NodeJS Security Playground

Python Security Playground

Advanced AWS VPC Playground

AWS IAM Analysis Playground

Angular Security Playground

Or explore these Learning Paths

AI & LLM Security Learning Path and Collection
Google Cloud Security
Threat Modeling
Kubernetes Security
DevSecOps
Container Security
Azure Security
AWS Security
Advanced Application Security
Application Security Essentials

Labs

CORS vulnerability with wildcard(*) along with phishing attack

CORS vulnerability with basic origin reflection

CORS and CSRF Attack and Defence

Course Content

Hands-on. Defensive. Bleeding-Edge.

There's no other training platform that does all three. Except AppSecEngineer.
Get Our Newsletter
Get Started
X
FOLLOW APPSECENGINEER
CONTACT

Contact Support

help@appsecengineer.com

1603 Capitol Avenue,
Suite 413A #2898,
Cheyenne, Wyoming 82001,
United States

Copyright AppSecEngineer © 2023