403Fuzzer will check the endpoint with a couple of headers such as X-Forwarded-For
It will also apply different payloads typically used in dir traversals, path normalization etc. to each endpoint on the path.
e.g. /%2e/test/test2 /test/%2e/test2 /test;/test2/
Usage
usage: 403fuzzer.py [-h] [-u URL] [-m {GET,POST,PUT,PATCH}] [-d DATA_PARAMS] [-c COOKIES] [-H HEADER] [-p PROXY] [-hc HC] [-hl HL] [-sf] [–save SAVE] [-sh] [-su]
use this script to fuzz endpoints that return a 401/403
optional arguments:
-h, –help show this help message and exit
-u URL, –url URL Specify the target URL
-m {GET,POST,PUT,PATCH}, –method {GET,POST,PUT,PATCH}
Specify the HTTP method/verb
-d DATA_PARAMS, –data DATA_PARAMS
Specify data to send with the request.
-c COOKIES, –cookies COOKIES
Specify cookies to use in requests. (e.g., –cookies “cookie1=blah; cookie2=blah”)
-H HEADER, –header HEADER
Add headers to your request (e.g., –header “Accept: application/json” –header “Host: example.com”
-p PROXY, –proxy PROXY
Specify a proxy to use for requests (e.g., http://127.0.0.1:8080)
-hc HC Hide response code from output, single or comma separated
-hl HL Hide response length from output, single or comma separated
-sf, –smart Enable the smart filter
–save SAVE Saves stuff to a file when you get your specified response code
-sh, –skip-headers Skip testing bypass headers
-su, –skip-urls Skip testing path payloads
Basic Examples
python3 403fuzzer.py -u http://example.com/test1/test2/test3/forbidden.html
Specify cookies to use in requests
(minus the cookie header name) Examples
–cookies “cookie1=blah”
-c “cookie1=blah; cookie2=blah”
Specify a method/verb and body data to send
403fuzzer.py -u https://example.com -m POST -d “param1=blah¶m2=blah2”
403fuzzer.py -u https://example.com -m PUT -d “param1=blah¶m2=blah2”
Specify custom headers to use with every request
Maybe you need to add some kind of auth header like Authorization: bearer <token> Specify -H "header: value" for each additional header you’d like to add:
403fuzzer.py -u https://example.com -H “Some-Header: blah” -H “Authorization: Bearer 1234567”
Specify a proxy to use
Useful if you wanna proxy through Burp
403fuzzer.py -u https://example.com –proxy http://127.0.0.1:8080
Skip sending header payloads or url payloads
#skip sending headers payloads
403fuzzer.py -u https://example.com -sh
403fuzzer.py -u https://example.com –skip-headers
#Skip sending path normailization payloads
403fuzzer.py -u https://example.com -su
403fuzzer.py -u https://example.com –skip-urls
Hide response code/length
Provide comma delimited lists without spaces. Examples:
#Hide response codes
403fuzzer.py -u https://example.com -hc 403,404,400
#Hide response lengths of 638
403fuzzer.py -u https://example.com -hl 638
Smart filter feature
Based on response code and length. If it sees a response 8 times or more it will automatically mute it. repeats are changeable in the code until I add an option to specify it in flag NOTE: Can’t be used simultaneously with -hc or -hl (yet).
#toggle smart filter on
403fuzzer.py -u https://example.com –smart
Save requests for matching response code
Will save to a file named saved.txt Useful for later inspection
#save requests where the response code matched 200
403fuzzer.py -u https://example.com –save 200
What Are Bash Comments? In Bash scripting, comments are notes in your code that the…
When you write a Bash script in Linux, you want it to run correctly every…
Introduction If you’re new to Bash scripting, one of the first skills you’ll need is…
What is Bash Scripting? Bash scripting allows you to save multiple Linux commands in a file and…
When it comes to automating tasks on Linux, Bash scripting is an essential skill for both beginners…
Learn how to create and use Bash functions with this complete tutorial. Includes syntax, arguments,…