Kali Linux

4-ZERO-3 : 403/401 Bypass Methods + Bash Automation

4-ZERO-3 Tool to bypass 403/401. This script contain all the possible techniques to do the same.

  • NOTE : If you see multiple [200 Ok]/bypasses as output, you must check the Content-Length. If the content-length is same for multiple [200 Ok]/bypasses means false positive. Reason can be “301/302” or “../” [Payload] DON’T PANIC.
  • Script will print cURL PAYLOAD if possible bypass found.

Preview

Help

root@me_dheeraj:$ bash 403-bypass.sh -h

 Usage / Modes

  • Scan with specific payloads:

--header ] Support HEADER based bypasses/payloads

root@me_dheeraj:$ bash 403-bypass.sh -u https://target.com/secret –header

--protocol ] Support PROTOCOL based bypasses/payloads

root@me_dheeraj:$ bash 403-bypass.sh -u https://target.com/secret –protocol

 --port ] Support PORT based bypasses/payload

root@me_dheeraj:$ bash 403-bypass.sh -u https://target.com/secret –port

--HTTPmethod ] Support HTTP Method based bypasses/payload

root@me_dheeraj:$ bash 403-bypass.sh -u https://target.com/secret –HTTPmethod

--encode ] Support URL Encoded bypasses/payload

root@me_dheeraj:$ bash 403-bypass.sh -u https://target.com/secret –encode

--SQLi ] Support MySQL mod_Security & libinjection bypasses/payloads [** New **]

root@me_dheeraj:$ bash 403-bypass.sh -u https://target.com/secret –SQLi

  • Complete Scan {includes all exploits/payloads} for an endpoint [ –exploit ]

root@me_dheeraj:$ bash 403-bypass.sh -u https://target.com/secret –exploit

R K

Recent Posts

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

19 hours ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

20 hours ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

22 hours ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

22 hours ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

22 hours ago

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

2 days ago