Add sleep/jitter stealth support across all osintscan tools#128
Open
apurvagoenka-method wants to merge 3 commits intodevelopfrom
Open
Add sleep/jitter stealth support across all osintscan tools#128apurvagoenka-method wants to merge 3 commits intodevelopfrom
apurvagoenka-method wants to merge 3 commits intodevelopfrom
Conversation
Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
--sleep(base delay in seconds) and--jitter(0-100% randomization) flags to all osintscan tools that make external network/API callsutils/stealth.gowithCalculateDelayWithJitterandCalculateStealthDelayfunctions, matching the networkscan stealth patternsleepandjitterfields in all config structsTools updated
discover asn— BGPView API callsdiscover dns certs— crt.sh TLS cert lookupsdiscover dns records— DNS queriesdiscover dns forward— DNS forward lookupsdiscover dns reverse— DNS reverse lookupsdiscover dns subdomain active— Active DNS brute-forcing (jitter added alongside existing ms-based sleep)discover dns subdomain passive— Passive enumeration (alongside existing--requests-per-second)discover dns subdomain correlation— DNS correlation queriesdiscover cdn— CDN IP range checksdiscover ip domain-asn— Cymru DNS + BGPView APIenumerate dns zone-transfer— DNS AXFR attemptspentest dns takeover— HTTP takeover checksStealth behavior
--sleep 0(default): no delay, existing behavior preserved--sleep N: N-second delay between iterations in tools with loops--jitter M: +/- M% random variance on the sleep delay--jitterrequires--sleep > 0, must be 0-100Test plan
./godelw verifypasses (lint, format, build, tests)--helpoutput confirms--sleepand--jitterflags on all affected commandsdiscover asn --asn AS23028 --sleep 2 --jitter 50to confirm inter-request delayspentest dns takeover --targets example.com --sleep 1 --jitter 25to confirm per-target delays🤖 Generated with Claude Code
Note
Medium Risk
Touches many CLI entrypoints and Fern-generated config schemas, and introduces new inter-request delays that can change runtime behavior and performance (including unit/timeout interactions). Validation/optional handling reduces risk, but the breadth of wiring makes regressions possible.
Overview
Adds a shared stealth throttling capability across networked commands via new
--sleepand--jitterCLI flags, with centralized parsing/validation incmd/stealth.go.Propagates
sleep/jitterthrough Fern config types and command config builders fordiscover/enumerate/pentest, and applies the resulting delays in looped operations (DNS active subdomain brute force, DNS zone transfer enumeration, and DNS takeover checks) using new helpers inutils/stealth.go.Written by Cursor Bugbot for commit a6924e1. This will update automatically on new commits. Configure here.