search

secureCodeBox / scanner-webapplication-arachni

Part of the deprecated secureCodeBox v1, see secureCodeBox/secureCodeBox Repo for v2
Apache License 2.0
5 stars 0 forks source link

Rate Limit for Arachni Scans #2

Closed MartinLang1 closed 5 years ago

MartinLang1 commented 6 years ago

As a user I would like to reduce the number of requests per second during my scans so that they won't affect the performance of my application and the scanner won't be blocked by a WAF.

Arachni provides the options to set the browser-cluster-pool-size and the http-request-concurrency. Additionally, the rate_limiter plugin provides the option requests_per_second to set a maximum for the requests per second.

In my target definition (used for Arachni Scans) I would like to configure something like this:

[
    {
        "name": "Arachni BodgeIt Scan",
        "location": "http://bodgeit:8080/bodgeit/",
        "attributes": {
            "ARACHNI_RATE_LIMITS": {
                browserClusterPoolSize: 1,
                httpRequestConcurrency: 2,
                requestsPerSecond: 3
             }
        }
    }
]
rseedorff commented 5 years ago

Archni Scanner um ein RATE-Limit Feature erweitern

J12934 commented 5 years ago

This issue has been implemented.