Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/gotr00t0day/forbiddenpass
https://github.com/gotr00t0day/forbiddenpass
Last synced: 21 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/gotr00t0day/forbiddenpass
- Owner: gotr00t0day
- Created: 2020-12-09T19:18:30.000Z (about 4 years ago)
- Default Branch: main
- Last Pushed: 2024-07-10T10:06:14.000Z (5 months ago)
- Last Synced: 2024-08-05T17:37:20.372Z (4 months ago)
- Language: Python
- Size: 30.3 KB
- Stars: 133
- Watchers: 4
- Forks: 36
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - gotr00t0day/forbiddenpass - (Python)
README
# UPDATE
Thanks to Knowledge-Wisdom-Understanding (MrPMillz) for making the script cleaner and fixing the header payloads.
# INSTALLATION
```bash
git clone https://github.com/gotr00t0day/forbiddenpass.git
cd forbiddenpass
pip3 install -r requirements.txt
python3 forbiddenpass.py -h
```
# USAGE
```bash
___________ ___. .__ .___ .___ __________
\_ _____/_________\_ |__ |__| __| _/__| _/____ ____\______ \_____ ______ ______
| __)/ _ \_ __ \ __ \| |/ __ |/ __ |/ __ \ / \| ___/\__ \ / ___// ___/
| \( <_> ) | \/ \_\ \ / /_/ / /_/ \ ___/| | \ | / __ \_\___ \ \___ \
\___ / \____/|__| |___ /__\____ \____ |\___ >___| /____| (____ /____ >____ >
\/ \/ \/ \/ \/ \/ \/ \/ \/ v1.0
usage: forbiddenpass.py [-h] [-p domain.com] [-d filename.txt] [-t site.com]
optional arguments:
-h, --help show this help message and exit
-p domain.com, --path domain.com
path to check
-d filename.txt, --domains filename.txt
domains to check
-t site.com, --target site.com
domain to check
```
# EXAMPLE
domains to check
```
python3 forbiddenpass.py -d domains.txt
```
domains to check with a path
```
python3 forbiddenpass.py -d domains.txt --path login
```
scan a single target
```
python3 forbiddenpass.py -t https://site
```
scan a single target with a path
```
python3 forbiddenpass.py -t https://site --path login
````
# DISCLAIMER
inspired by https://github.com/iamj0ker/bypass-403
bypass-403 doesn't support scanning multiple domains and I needed to speed things up a bit so forbiddenpass was created