Releases: devploit/nomore403
v1.1.0
🚀 Major Release Changelog 🚀
We are excited to announce a major release that brings several powerful enhancements, bug fixes, and cutting-edge security techniques. This update takes our project to the next level with improved functionality, performance, and security. Here are the key highlights:
🔧 New Features & Improvements:
-
Auto-Calibration Feature Added:
To streamline the output and eliminate duplicates, we've introduced an auto-calibrate function. This feature simplifies data processing and makes the output more efficient. Users can still opt to see the full output details using the-vflag for debugging or detailed analysis.
(Special thanks to Diego Jurado for this great idea!) -
Switched HTTP Request Library:
In this release, we've replaced the default Gohttplibrary with go-rawurlparser by @slicingmelon. This change resolves parsing issues with specific payloads, ensuring better handling of edge cases. The updated library improves the stability and accuracy of URL parsing, making the system more robust overall. -
Double URL Encoding Technique:
Inspired by cutting-edge research, we've incorporated a double URL encoding technique that was introduced in the DEFCON 2024 Bug Bounty Village talk by Justin Rhynorater Gardner. This advanced method helps bypass URL-based filters, enhancing security and offering a sophisticated approach to handling potentially harmful inputs.
📄 DEFCON 2024 Presentation PDF -
New Filtering Options:
We've introduced two new command-line flags,--statusand--unique, which allow users to filter results more effectively, providing more control over the output.
(Thanks to @jaikishantulswani for contributing this feature!)
🛠️ Bug Fixes & Minor Updates:
-
Rewrite of HTTP Versions technique:
After detecting incorrect behavior in the HTTP Versions technique, it has been rewritten to function as intended. -
Minor Bug Fixes:
We've also addressed several small bugs and made improvements to the codebase.
(Thanks to @nxczje for their valuable PR!)
💡 Looking Ahead:
This release marks a significant step in the evolution of the project, but there's still more to come! We will continue to refine the system, add new features, and address user feedback to make the project even better. Stay tuned for future updates!
🎉 Special Thanks:
We would like to give special recognition to the amazing contributors who have helped shape this release:
- Diego Jurado for suggesting the auto-calibration and double-encoding feature idea.
- @slicingmelon for the go-rawurlparser pkg.
- @jaikishantulswani for adding the new filtering options.
- @nxczje for fixing minor bugs and contributing to the codebase.
1.0.2
1.0.1
1.0.0
New Release: nomore403 1.0.0
We are excited to announce the latest release of nomore403, version 1.0.0. This update brings several new features, improvements, and bug fixes to enhance your experience and provide you with more control over your bypass 403 operations. Here's what's new:
🚀 New Features
- Follow Redirects Toggle: You now have the option to follow or not follow HTTP redirects, giving you better control over the navigation of your requests.
- Random User-Agent: Enhance your privacy and avoid detection by opting for a random user-agent for each request you make.
- Rate-Limit Detection: To prevent hitting API rate limits, nomore403 can now automatically stop if a 429 (rate-limit ban) response is detected, protecting your account from potential blocks.
🛠 Improvements
- SSL Issue Fix: We've resolved an SSL problem in curl when using a proxy, ensuring a smoother and more secure connection.
- Multiple Flag Changes: To improve usability and consistency, we've made several changes to our command-line flags.
🔄 Flag Changes
- Proxy flag updated from
-pto-xfor better clarity. - The
-rflag is now used to enable following redirects. To use a request file, please use--request-fileinstead. - Renamed
--nobannerto--no-bannerfor consistency. - Introduced
--random-agentfor easy access to the random user-agent feature. - The
-lor--rate-limitflag can now be used to halt operations if a rate limit ban is detected. - Updated
--useragentto--user-agentto align with standard naming conventions. - Changed
--maxgoroutinesto--max-goroutinesfor improved readability. - Modified
--httpMethodto--http-methodand--bypassIpto--bypass-ipfor consistency across our tool.
🐞 Bug Fixes
Addressed a critical SSL connectivity issue when using proxies, ensuring secure and reliable connections under all circumstances.
How to Update
To update to the latest version of nomore403, please download the latest release or build from the latest version of source code. Ensure to adjust your scripts or command line usage to accommodate the new flag changes for a seamless transition.
0.9.4
- Check different HTTP versions.
Full Changelog: 0.9.3...0.9.4
0.9.3
0.9.1
Changelog
- 433d503 Bump golang.org/x/text from 0.3.7 to 0.3.8
- 56fb761 Merge branch 'main' of https://github.com/devploit/dontgo403
- 9f27c08 Merge pull request #25 from devploit/dependabot/go_modules/golang.org/x/text-0.3.8
- 1320875 New print, fix custom paths errors and other enhancements
- 4213ff6 Update endpaths
- fa2c6fc Update release-bin.yaml
0.8.1
- New feature: verbose mode
- Useless block of code deletion
- Upgrade gorelease version
Full Changelog: 0.8...0.8.1
0.8: New year, new release
What's Changed
- Support forcing a different HTTP method for all payloads except httpmethods by @mbrg in #20
- Fix README 'contributions welcome' link by @MNThomson in #21
- requester.go: Corrected wording by @ItsIgnacioPortal in #22
- Bump golang.org/x/text from 0.3.7 to 0.3.8 by @dependabot in #24
New Contributors
- @mbrg made their first contribution in #20
- @MNThomson made their first contribution in #21
- @ItsIgnacioPortal made their first contribution in #22
- @dependabot made their first contribution in #24
Full Changelog: 0.7...0.8
