BOOK THIS SPACE FOR AD
ARTICLE ADHey guys
As I said before in my Write-up, I go directly to the main topic and do not add explanations.
The subject of the article is how we can Bypass Rate Limit Request
which we encountered many times for fuzzing
Step 1
sudo apt install tor
Step 2
Edit Configure Tor
vim /etc/tor/torrc
SocksPort 9050
SocksPolicy accept *
Step 3
1. Install tmux
2. Test tor curl
curl --socks5-hostname localhost:9050 https://api.ipify.org/Test Tor socks53. Change IP tor with bash script Infinite loop run(restart tor every 1 seconds)
tmux new -s torwhile true; do pkill -HUP tor; sleep 1; done
Press CTR+B+D
4.Test tor curl again
curl --socks5-hostname localhost:9050 https://api.ipify.org/Script LoopChange IPStep 4
Now we want to make FFUF using the above technique
My suggestion is to use -t and -rate to give TOR a chance to change the ip
ffuf -w hfuzz.txt -u https://hackerone.com/FUZZ -x socks5://127.0.0.1:9050 -t 5 -rate 5 -H "User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/113.0"And you can use this technique for anything, as another example will show you(nuclei)
nuclei -u https://hackerone.com -p socks5://127.0.0.1:9050You can use this technique for your security tests.
And with some creativity, use this technique for other things as well