- Joined
- Jan 8, 2019
- Messages
- 56,623
- Solutions
- 2
- Reputation
- 32
- Reaction score
- 100,456
- Points
- 2,313
- Credits
- 32,750
6 Years of Service
76%
Bypass 4xx HTTP response status codes.
Script uses multithreading, and is based on brute-forcing so might have some false positives. Script uses colored output.
Results will be sorted by HTTP response status code ascending, content length descending, and ID ascending.
Extend this script to your liking.
Tested on Kali Linux v2021.4 (64-bit).
Made for educational purposes. I hope it will help!
Tests:
various HTTP methods,
various HTTP methods with ‘Content-Length: 0’ header,
cross-site tracing (XST) with HTTP TRACE and TRACK methods,
file upload with HTTP PUT method,
various HTTP method overrides,
various HTTP headers,
various URL overrides,
URL override with two ‘Host’ headers,
various URL path bypasses,
basic-authentication/authorization including null session,
broken URL parser check.
Changelog v5.7
Heavy refactoring of encoding option, and some tweaks. Added some new ideas in “to do” list.