From d9b4b7dad675df68af1e053a69e2d5eb463545ed Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?ferdi=20birg=C3=BCl?= Date: Sat, 19 Nov 2022 00:19:25 +0300 Subject: [PATCH] Add files via upload --- README.md | 76 +++++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 57 insertions(+), 19 deletions(-) diff --git a/README.md b/README.md index dcefa782c..0cac20456 100644 --- a/README.md +++ b/README.md @@ -1,25 +1,63 @@ -### This is an open-source repository that collects different projects. + -# Make some awesome projects, put them in your directory and create a pull request. and DONE βœ… +[![License](https://img.shields.io/badge/license-MIT-_red.svg)](https://opensource.org/licenses/MIT) +![Follow on Twitter](https://img.shields.io/twitter/follow/Dheerajmadhukar?style=social) -*** +### >_ Introduction -## Steps to Raise and get your PR Merged successfully. -### πŸ‘‰ Fork this repository -### πŸ‘‰ Clone the repository into your local system -### πŸ‘‰ Create a branch ```projectname-username```, e.g. - ```git checkout -b ChatApp-thinkswell``` -### πŸ‘‰ Add your projects in the respective directory (if exist otherwise create one), the name of directory should be your ```ProjectName/USERNAME```, e.g. - ChatApp/thinkswell -### πŸ‘‰ Add ```One project``` at a time -### πŸ‘‰ Add & commit, use ```git add -A```, than ```git commit -m "Your commit message about project"``` -### πŸ‘‰ Push changes to GitHub, e.g. - ```git push origin ChatApp-thinkswell``` -### πŸ‘‰ Click on `Create a Pull Request`. -### πŸ‘‰ Attach some SCREENSHOTS GIF or link of your working project in the description _❗Important❗_. -### πŸ‘‰ Submit the PR. -#### πŸ‘‰ Leave a ⭐ to the repo and `FOLLOW` me if you liked the project. +**4-ZERO-3** +Tool to bypass 403/401. This script contain all the possible techniques to do the same. -We're happy to merge awesome portfolio to this repository! +- **NOTE** : If you see multiple [200 Ok]/bypasses as output, you must check the Content-Length. If the content-length is same for multiple [200 Ok]/bypasses means false positive. Reason can be "301/302" or "../" [Payload] DON'T PANIC. +- Script will print `cURL` PAYLOAD if possible bypass found. -*** +### >_ Preview +![4-ZERO-3_priview](https://github.com/Dheerajmadhukar/4-ZERO-3/blob/main/img/4-ZERO-3_priview.gif) -# Hurray! Now you are a part of open source community πŸš€πŸš€πŸš€ - +### >_ Help +```bash +root@me_dheeraj:$ bash 403-bypass.sh -h +``` +4-ZERO-3 + +### >_ Usage / Modes + +- Scan with specific payloads: + * [ `--header` ] Support HEADER based bypasses/payloads + ```bash + root@me_dheeraj:$ bash 403-bypass.sh -u https://target.com/secret --header + ``` + * [ `--protocol` ] Support PROTOCOL based bypasses/payloads + ```bash + root@me_dheeraj:$ bash 403-bypass.sh -u https://target.com/secret --protocol + ``` + * [ `--port` ] Support PORT based bypasses/payloads + ```bash + root@me_dheeraj:$ bash 403-bypass.sh -u https://target.com/secret --port + ``` + * [ `--HTTPmethod` ] Support HTTP Method based bypasses/payloads + ```bash + root@me_dheeraj:$ bash 403-bypass.sh -u https://target.com/secret --HTTPmethod + ``` + * [ `--encode` ] Support URL Encoded bypasses/payloads + ```bash + root@me_dheeraj:$ bash 403-bypass.sh -u https://target.com/secret --encode + ``` + * [ `--SQLi` ] Support MySQL mod_Security & libinjection bypasses/payloads [** New **] + ```bash + root@me_dheeraj:$ bash 403-bypass.sh -u https://target.com/secret --SQLi + ``` +- Complete Scan {includes all exploits/payloads} for an endpoint [ --exploit ] +```bash +root@me_dheeraj:$ bash 403-bypass.sh -u https://target.com/secret --exploit +``` + +##### Prerequisites +- apt install curl [Debian] + +## Support +If you like `4-ZERO-3` and it help you in work, money/bounty, pentesting, recon or just brings you happy feelings, please show your support ! +:stop_sign: **Please avoid opening GitHub issues for support requests or questions!** +buy me a beer to keep me powered :) + +Buy Me A Beer