403bypasser automates the techniques used to circumvent access control restrictions on target pages. 403bypasser will continue to be improved and it is open to contributions.
git clone https://github.com/yunemse48/403bypasser.gitpip install -r requirements.txtArguments
| Argument | Description | Examples | Note |
|---|---|---|---|
| -u | single URL to scan | http://example.com or http://example.com/ | All these example usages are interpreted in the same way |
| -U | path to list of URLs | ./urllist.txt, ../../urllist.txt, etc. | Just provide the path where the file is located 🙂 |
| -d | single directory to scan | admin or /admin or admin/ or /admin/ | All these example usages are interpreted in the same way |
| -D | path to list of directories | ./dirlist.txt, ../../dirlist.txt, etc. | Just provide the path where the file is located 🙂 |
Usage 1: python3 403bypasser.py -u https://example.com -d /secret
Usage 2: python3 403bypasser.py -u https://example.com -D dirlist.txt
Usage 3: python3 403bypasser.py -U urllist.txt -d /secret
Usage 4: python3 403bypasser.py -U urllist.txt -D dirlist.txt
IMPORTANT NOTE: All the followings are interpreted the same. Therefore, which pattern you use is just a matter of preference.
python3 403bypasser.py -u https://example.com -d secretpython3 403bypasser.py -u https://example.com -d /secretpython3 403bypasser.py -u https://example.com -d /secret/python3 403bypasser.py -u https://example.com -d secret/python3 403bypasser.py -u https://example.com/ -d secretSince Python is a cross-platform language, one can run this program on different operating systems.
The output of the program is saved (in the current directory) in a file with the name of the domain name given as input.
For example:python3 403bypasser.py -u https://example.com -d /secret is given. Then the output is saved to example.txt in the current directory.
People trying to securely connect to work are being tricked into doing the exact opposite.…
A newly disclosed Android vulnerability is making noise for a good reason. Researchers showed that…
In MySQL Server 5.5 and earlier versions, the MyISAM was the default storage engine. So,…
A newly disclosed vulnerability in Microsoft Authenticator could expose one time sign in codes or…
Modrinth is a modern platform that’s rapidly changing the landscape of Minecraft modding, providing an…
A new, highly sophisticated malware campaign named BlackSanta has emerged, primarily targeting HR and recruitment…