Jump to content

Forbidden v7.8 - Bypass 4xx HTTP response status codes


Recommended Posts

This is the hidden content, please

Bypass 4xx HTTP response status codes.

Script uses multithreading, and is based on brute-forcing so might have some false positives. Script uses colored output.

Results will be sorted by HTTP response status code ascending, content length descending, and ID ascending.

Extend this script to your liking.

Tested on Kali Linux v2021.4 (64-bit).

Made for educational purposes. I hope it will help!


    various HTTP methods,
    various HTTP methods with ‘Content-Length: 0’ header,
    cross-site tracing (XST) with HTTP TRACE and TRACK methods,
    file upload with HTTP PUT method,
    various HTTP method overrides,
    various HTTP headers,
    various URL overrides,
    URL override with two ‘Host’ headers,
    various URL path bypasses,
    basic-authentication/authorization including null session,
    broken URL parser check.

Changelog v7.8

    Default number of parallel threads fix, added base domain IPs, and some other optimizations.

This is the hidden content, please

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.