403 Bypass
Some tips that can help when you trying to bypass 403
Hacktricks has vast majority of tricks on this topic: https://book.hacktricks.xyz/network-services-pentesting/pentesting-web/403-and-401-bypasses
Case Switching: Sometimes literal string are blocked which can be bypassed e.g
/admincan be blocked but/Adminor/aDmincan bypass the check.
For getting CNAME of domain you can use
digcommand. And try to access cname directly.
Tools:
Tools can automate most of the stuff for you like changing verb, special characters, HTTP headers. But manually verify things if possible.
Tools other than that are already listed in hacktricks you can also use
403bypasser: https://github.com/yunemse48/403bypasser
Burp plugin: 403 bypasser: https://portswigger.net/bappstore/444407b96d9c4de0adb7aed89e826122
Last updated