Cross-Origin Resource Sharing has never been easy to find especially when it comes to exploiting the vulnerability.
Here, I will give some tricks to find such vulnerabilities.
Finding CORS- Always look for some sensitive data in response like account id, address, phone number, email, etc which can show some impact on business towards the organization.
Identification- Whenever you see the origin or referer in any request parameter cross-check via (access control allow origin) if it is changing the domain name of…