I ran into a problem the other day, when the 'HTTP Header Grab' feature didn't follow the redirect.
Off the top of my head I can't remember which function did this, but under net/http
is a function that will follow redirects up to 10x
.
This first got me thinking... And then I received a 'Exhausted API use`, etc. notice today.
The use of APIs is well-done because it allows a user to add an extra layer of security; but even then, I am not aware of HackerTarget's privacy policy. This could be considered a security vulnerability.
Even when pentesting, etc. we should always keep security and privacy of ourselves + our property (machines, etc.) at the forefront of concerns. If we are using HackerTarget's API insecurely, then we're still in trouble.
So considering that most people who would ever touch this program would be considering personal safety, maybe it's just better to implement each feature natively.
I am looking for feedback.