Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Stop on Rate limit flag #363

Open
tarunKoyalwar opened this issue Oct 30, 2022 · 1 comment
Open

Stop on Rate limit flag #363

tarunKoyalwar opened this issue Oct 30, 2022 · 1 comment

Comments

@tarunKoyalwar
Copy link

Description

Usually lot of subdomains have rate limits while bruteforcing for directories gobuster should stop if server responds with 429 status code but gobuster does not stop or exit and runs until wordlist which is meaning less and sometimes depending on implementation server might blacklist IP address

Solution

This should be implemented directly however if not at least a --stop-at-rtl flag should be available

I would love to contribute if agreed
@antoninoLorenzo
Copy link

I also encountered this issue, however rather than stopping I think a throttling mechanism would be more useful.
If you are going to fix this you should consider:

  • throttling after 429 (your case)
  • throttling by default, it would be useful if something more advanced of a rate limit is in place;
  • edge cases such as X-RateLimit-Limit header (common in APIs)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tarunKoyalwar @antoninoLorenzo