Ratelimit Bypass Tool: Whitepass

Ratelimit Bypass Tool: Whitepass

Cyber Struggle Delta Team has developed a tool to bypass Whitelist/Ratelimit Implementations in Web Applications/APIs

Main Features

  • Parsing Requests from burp-suite
  • Customize the request
  • Add Additional Headers
  • Add Additional Payloads
  • Add Known IP addresses for the target

How it’s work

Whitepass will try to fuzz the target with additional HTTP-Headers, Unlike other tools that use X-Originating-IP or X-Forwarded-For. Whitepass using +70 Different HTTP-Header with tons of payloads trying to bypass different implementations of Whitelist/Ratelimit solutions and functions based on known methods and techniques that developers and web servers use to implement Whitelist/Ratelimit solutions. this project was part of DeltaGroup Internal Tools which used in our engagements

Copy to Clipboard

You can reach the project from our Github repo.

Articles from the workshop

Read the latest