> ## Documentation Index
> Fetch the complete documentation index at: https://rootea.es/llms.txt
> Use this file to discover all available pages before exploring further.

# CORS (Cross-Origin Resource Sharing)

> Recursos cross-platform para CORS (Cross-Origin Resource Sharing): máquinas HTB, labs PortSwigger y rooms TryHackMe curados, con writeups validados y skills relacionadas.

# CORS (Cross-Origin Resource Sharing)

Esta página agrega los **recursos para practicar CORS (Cross-Origin Resource Sharing)** de forma cross-platform: máquinas retiradas de Hack The Box, labs de PortSwigger Web Security Academy y rooms de TryHackMe, más recursos curados (HackTricks, PortSwigger, etc.) y skills relacionadas.

## Recursos curados

| Fuente      | Enlace                                                                                 |
| ----------- | -------------------------------------------------------------------------------------- |
| PortSwigger | [https://portswigger.net/web-security/cors](https://portswigger.net/web-security/cors) |

## Labs PortSwigger que practican CORS (Cross-Origin Resource Sharing) (3)

| Lab                                                                                                      | Dificultad                                                 | Topic | Oficial                                                                               |
| -------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ----- | ------------------------------------------------------------------------------------- |
| [CORS vulnerability with basic origin reflection](/portswigger/labs/cors/basic-origin-reflection-attack) | <span className="dbadge dbadge-easy">APPRENTICE</span>     | CORS  | [Abrir](https://portswigger.net/web-security/cors/lab-basic-origin-reflection-attack) |
| [CORS vulnerability with trusted null origin](/portswigger/labs/cors/null-origin-whitelisted-attack)     | <span className="dbadge dbadge-easy">APPRENTICE</span>     | CORS  | [Abrir](https://portswigger.net/web-security/cors/lab-null-origin-whitelisted-attack) |
| [CORS vulnerability with trusted insecure protocols](/portswigger/labs/cors/breaking-https-attack)       | <span className="dbadge dbadge-medium">PRACTITIONER</span> | CORS  | [Abrir](https://portswigger.net/web-security/cors/lab-breaking-https-attack)          |

***

← [Volver al glosario completo](/glosario)

<script type="application/ld+json">
  {`{"@context":"https://schema.org","@type":"DefinedTerm","name":"CORS (Cross-Origin Resource Sharing)","termCode":"cors","inLanguage":"es","url":"https://rootea.es/skills/cors","inDefinedTermSet":{"@type":"DefinedTermSet","name":"Glosario táctico de pentesting","url":"https://rootea.es/glosario"}}`}
</script>

*Última actualización: 2026-05-08*
