Bypass 403 Forbidden Using HTTP Tools 5.9.6

26 Agustus 2023

I think we don't need to mention what's this article is about. But it's ok. Let me explain a little about what is 403 Forbidden Bypass feature.

We are talking about HTTP Response Code Status. Normally, if there is no problem, any URL will response with 200.

As you can see, by open, we get 3 HTTP Response Code. 301, 200, and 204. Here what are they.

301 - Moved Permanently

This happen because i only type "", without http:// or https:// in address bar. By default, browser would added "http://" before the server redirect to "https://" , by following this redirect, server give client response with 301.

200 - OK

File / folder are open normally

204 - No Content

The HTTP 204 No Content success status response code indicates that a request has succeeded, but that the client doesn't need to navigate away from its current page.

This might be used, for example, when implementing "save and continue editing" functionality for a wiki site. In this case a PUT request would be used to save the page, and the 204 No Content response would be sent to indicate that the editor should not be replaced by some other page. (

After explanation about those 3 HTTP Codes, then what about 403 ?

403 - Forbidden

The HTTP 403 Forbidden response status code indicates that the server understands the request but refuses to authorize it.

This status is similar to 401, but for the 403 Forbidden status code, re-authenticating makes no difference. The access is tied to the application logic, such as insufficient rights to a resource. (

Sometimes a file or folder is hidden on purpose by the developer. If the file or folder is opened, then the http code 403 Forbidden will appear.

By using HTTP Tools version 5.9.6, some file or folders are vulnerable by payloads that provided by the app. This image below shows payloads that provided by HTTP Tools.

As we can see, directory that originally response 403 Forbidden, can be bypassed and get response HTTP Status 200.

What's New in version 5.9.6?

[added] Bypass 403 Forbidden

[update] Now support Android 13 Tiramisu

If you have questions about HTTP Tools, or feature requests, you can join us directly

at Telegram groups HTTP Tools

or on the Telegram Channel

Download HTTP Tools

at Google Play

at Huawei AppGallery