Cyber Struggle Delta Team has developed a tool to bypass Whitelist/Ratelimit Implementations in Web Applications/APIs

Main Features

• Parsing Requests from burp-suite
• Customize the request
• Add Additional Headers
• Add Additional Payloads
• Add Known IP addresses for the target

How it’s work

Whitepass will try to fuzz the target with additional HTTP-Headers, Unlike other tools that use X-Originating-IP or X-Forwarded-For. Whitepass using +70 Different HTTP-Header with tons of payloads trying to bypass different implementations of Whitelist/Ratelimit solutions and functions based on known methods and techniques that developers and web servers use to implement Whitelist/Ratelimit solutions. this project was part of DeltaGroup Internal Tools which used in our engagements