BountySecurity / gbounty

GBounty is a multi-step website vulnerability scanner developed in Golang designed to help companies, pentesters, and bug hunters identify potential vulnerabilities in web applications.
https://gbounty.bountysecurity.ai
MIT License
52 stars 9 forks source link

Extend the `Time Delay` grep type with more options #12

Open joanlopez opened 4 hours ago

joanlopez commented 4 hours ago

Now, the GrepTypeTimeDelay is verified with the function defined at https://github.com/BountySecurity/gbounty/blob/main/internal/match/match.go#L216-L220.

However, it would be very nice if we could extend that support to not just apply a static margin of 2s, but to let the user determine if they want the response time to be greater/lower of the given value, between two values, with a different margin, etc.

Specific keywords are TBD.