Trick to bypass rate limit of password reset functionality

  1. Go to this endpint
  2. Reset the password and capture the request with burp proxy
  3. Add a parameter in the endpoint of the request and send to intruder or send many requests manually =>




Cyber Security Engineer | Penetration tester

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

ADAMANT or Tor? I’ll take both!

Encrypted Calls from Your Smartphone


Cybersecurity: The Next Cold War May Not Be So Cold…

{UPDATE} 3D simulador final Pizza Boy Hack Free Resources Generator

Security Patch Management — 7 Do’s and Don’ts

AWS Security

Three New Years Resolutions Every CISO Should Adopt

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Cyber Security Engineer | Penetration tester

More from Medium

Intigriti’s January 0122 XSS challenge Write Up

Tweet by @Intigriti

Bug Bounties in Sri Lanka

Insecure Deserialization — FAQ

✨Open redirect on third party🤫🤔