4-ZERO-3: Tool to bypass 403/401

4-ZERO-3 is a free and open-source tool available on GitHub. It’s a bash script.4-ZERO-3 is used to bypass 403 and 401 technical obstacles on any domain. Content length matters when performing bypass using the  4-ZERO-3 tool. If you see multiple 200 while bypassing then you must check the content length.  4-ZERO-3 can curl Payload automatically if any bypass is found.

Installation

Step 1: Use the following command to install the tool from Github.

git clone https://github.com/Dheerajmadhukar/4-ZERO-3

Step 2: Use the following command to run the tool.

bash 403-bypass.sh 

The tool has been installed and running successfully. Now we will see examples to use the tool.

Usage

Example 1: Use the  4-ZERO-3  tool to perform 403/402 bypass using content headers of the domain.

bash 403-bypass.sh -u https://target.com/secret –header

Example 2: Use the  4-ZERO-3  tool to perform 403/402 bypass using content protocols of the domain.

 bash 403-bypass.sh -u https://target.com/secret –protocol

Example 3:Use the  4-ZERO-3  tool to perform  PORT based bypasses/payloads.

bash 403-bypass.sh -u https://target.com/secret –port

Example 4: Use the  4-ZERO-3  tool to perform HTTP Method based bypasses/payloads

bash 403-bypass.sh -u https://target.com/secret –HTTPmethod

Example 4: Use the  4-ZERO-3  tool to perform URL Encoded bypasses/payloads

bash 403-bypass.sh -u https://target.com/secret –encode

Example 5: Use the  4-ZERO-3  tool to perform  MySQL mod_Security & libinjection bypasses/payloads [** New **]

bash 403-bypass.sh -u https://target.com/secret –SQLi

Example 6: Use the  4-ZERO-3  tool to perform complete Scan {includes all exploits/payloads} for an endpoint [ –exploit ]

bash 403-bypass.sh -u https://target.com/secret –exploit