search

projectdiscovery / nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.
https://docs.projectdiscovery.io/tools/nuclei
MIT License
19.97k stars 2.45k forks source link

[investigation] Rate Limit is absent for all protocols but http and dns #4949

Closed Mzack9999 closed 5 months ago

Mzack9999 commented 5 months ago

Nuclei version:

main|dev

Current Behavior:

Rate limit is only applied to http and dns protocols with a cumulative counting

Expected Behavior:

Investigate for each protocol if it makes sense to introduce a global or per-protocol rate limiter. Some protocols performing heavy network activities per single host (ex parallelism introduced in network protocolol in nuclei v3) or those performing lookups on 3rd parties (whois, future cloud protocol or code protocols performing cloud checks, etc) are actually only controlled by concurrency settings (might be the reason of multiple reports of exausthing bandwidth while running nuclei).

Mzack9999 commented 5 months ago

Closing as not planned - will be introduced if necessary