The Most Powerful Open Source WAF Bypass Tool
Bypass 4XX Status Codes with Advanced Techniques & Payloads
go install github.com/adrianalvird/bypasser/bypasser@v1.0.9echo "http://notsecure.in" | bypasser -verboseecho "http://notsecure.in" | bypasser -proxy http://127.0.0.1:8080bypasser -request request.txtbypasser -request request.txt -proxy http://127.0.0.1:8080| Category | Techniques & Capabilities |
|---|---|
| 🔀 Path Manipulation | Path traversal, encoding tricks, special characters |
| 🧠 Header Injection | X-Forwarded-For, X-Original-URL, X-Rewrite-URL, Client-IP |
| 🔄 Method Manipulation | GET, POST, PUT, TRACE, OPTIONS, custom methods |
| 📁 Extension Injection | .php, .js, .html, .asp, .aspx, .json |
| 📡 Protocol Downgrade | HTTP/3, HTTP/2, HTTP/1.1, HTTP/1.0, HTTP/0.9 |
| 🚦 Rate Limiting | Dynamic rate adjustment to avoid blocking |
| ⚡ Concurrent Requests | Multiple requests sent simultaneously with different patterns |
| 🔌 Burp Suite Integration | Route all traffic through Burp for inspection |
| ♾️ Continuous Mode | -r flag for unlimited bypass attempts |
| 📝 Request File Support | Parse captured requests from files |
| 🔍 Verbose Mode | See all requests and responses in real-time |
☕ Every coffee keeps me coding through the night!
https://www.buymeacoffee.com/adrianalvird
This project is licensed under the MIT License - see the LICENSE file for details.
Made with ❤️ by @adrianalvird
Version 1.0.9 | © 2024 Bypasser