[addtool] 403-bypasser

[gwen001]

[tags]bypass,burpsuite,authorization[/tags] [short_descr]A Burp Suite extension made to automate the process of bypassing 403 pages.[/short_descr] [link] https://github.com/PortSwigger/403-bypasser [/link] [long_descr] Features:

• Runs with every possible permutation for query-based payloads.
• Header payloads are added to the original request. In case the header already exists in the original request its value is replaced.
• For GET requests the extension will try to bypass Forbidden pages by changing the method to POST with an empty body.
• The extension will attempt to downgrade HTTP/1.1 to HTTP/1.0 and remove all headers.
• Supports manual activation through context menu.
• Payloads are supplied by the user under dedicated tab, default values are stored in query payloads.txt and header payloads.txt.
• Issues are added under the Issue Activity tab. [/long_descr] [image] https://raw.githubusercontent.com/gwen001/offsectools_www/main/tmp/29cf22e8fc827122e7e040399456fba9.png [/image] [image] https://raw.githubusercontent.com/gwen001/offsectools_www/main/tmp/129ed571cfb2629d769170eec87deaa2.jpeg [/image]

[gwen001]

Issue correctly handled, tool is waiting for human validation.

[gwen001]

Tool has been accepted by the team: https://offsec.tools/tool/403-bypasser

Thank you for your contribution!