0xBugatti/400OK — reverse-engineered prompt

Build me a fast command line tool called 400OK for testing whether a page blocked with 401 or 403 can be reached with common bypass tricks. I want to give it a single URL, a list of URLs from stdin, or a saved Burp request, and have it try a big set of techniques like method changes, header tricks, path changes, encoding, host and protocol tweaks, WAF style evasions, archived path checks, file extension guesses, and optional basic auth default credentials.

Make it smart enough to auto calibrate against the original blocked response so it highlights likely real hits instead of noisy false positives. It should support custom headers, proxying through Burp or another proxy, delays, concurrency limits, a random user agent option, include or exclude specific technique groups, JSON export, and a clean summary when I stop it. If the server starts rate limiting with 429, it should back off or stop safely.

Please make it a single cross platform Go binary with sensible help output. Look up current docs online if you need to.