Feature Request: Progress
Closed this issue ยท 7 comments
Thanks a lot for such amazing tool and I'd like to know if you have in your roadmap any "progress" feature. Something like we have on gobuster example below.
Progress: 26 / 93381 (0.03%)
I've installed following the README instructions (git clone --depth=1 https://github.com/deibit/cansina) but I cannot see the progress like you.
From the difference between your output and mine it seems if you ban another code (e.g. 403) it'll disappear with the progress.
Actually I did a test point to my own domain and I was able to see the progress. Not sure why just for this host. If I find the issue I'll let you know.
Noticed that for that host when I banned 403 the progress apear only on 404 responses.
Since most of the responses were 403 I couldn't see the progress all the time.
It seems the solution would be add the progress for all responses banned.
I'll if I can take a look on the source code later.
404 | 762 | 53356 | 410 | text/html | [57%]
Can I combined -b with -s? It doesn't seems be work to me.
Passing "-b 403 -s 762" I'm still seeing responses with size 762.
404 | 762 | 1 | 355 | text/html | [ 0%] - 00h00m00s - https://...
I usually filter that with egrep -v but a native feature is much better. :)
Yes, you can mix them. I already filter by size and is working for me. But I just banned 403 only and can confirm is not filtering by size, so I'll fill a issue. Thanks.
Noticed that for that host when I banned 403 the progress apear only on 404 responses.
Since most of the responses were 403 I couldn't see the progress all the time.
It seems the solution would be add the progress for all responses banned.
I'll if I can take a look on the source code later.
404 | 762 | 53356 | 410 | text/html | [57%]
I've been taking a look on this issue and it appears to be an overwhelmed flood on console output (due to not filtering 404's codes) that it is unmanageable.
Having a test condition like this: "and task.response_size % 10 == 0:", makes the progress appears again.
It is rare someone is interested in not filtering 404 codes (well, in pentest we know corner cases are not so rare :)
Nevertheless, this is not the way a program should behave and I'll put in on the backburner for a later consideration.