जय श्री राम 🚩Hackers !!!

In today’s Write-up I will give you the Best Technique to Bypass No Rate Limit.

So Firstly As usual Theory Part for Beginners,

What is No Rate Limit in technical way:
Due to a lack of rate limiting across multiple endpoints like password reset, invite teammate, and resend OTP, attackers can abuse these functionalities by triggering repeated email requests. This developer oversight can lead to email flooding, resource abuse, and damage to Back-End Server as attacker requests 1000+ Requests.

For More Information Read it from here : https://www.aptive.co.uk/blog/what-is-no-rate-limiting/

As of now Rate Limit Vulnerabilities are only accepted on Authentication Points only.

Pre-Requirements : Burp-Suite for Intruder Attack.

1. So Navigate to https://redacted.com/forgot-password and add victims email.
2. Now turn up your Burp-Suite and before sending Instructions or Reset Link intercept the request and send it to intruder.
3. Set Null Payloads for 50 and start attack. After 20 Request application gives a response of 429 Too Many Requests.
4. Now here’s the Best Technique very few people know…