Bypass Rate Limit Based on source Ip

Rate Limit definition

In computer networks, rate limiting is used to control the rate of requests sent or received by a network interface controller. It can be used to prevent DoS attacks and limit web scraping

some packages you can use to prevent Rate Limit Attacks these packages prevent based on source IP

Today I Will Publish one technique You Can Use To Bypass This kind of protection and earn some bounties

The first thing you need to install and configure Tor as a proxy in burp

This is a good reference to install and configure Tor in burp as a proxy

The Good Question is why I use this technology to bypass the rate limit

The Answer Is The Tor As proxy will provide you to change your source ip address for every small number of requests that will be more useful to bypass the rate limit based on source IP address

this technique will help a lot of people to bypass rate limit in different URLs and different functions like reset password and brute force the OTP PINS

Remediation :

Implement Captcha in reset password and validate the token of Captcha in the back end

Thanks

Information Security Engineer And Bug Hunter