Add Option -vR, -virustotal-res For Virustotal Source

[Bundy01]

Hi,

Add the -vR/-virustotal-res option to limit the results. Without adding the option or -vR 0, the current behaviour is preferred (for testing a host or for premium users).

Since the API limitation, it is no longer possible to scan a file with Virustotal.
This PR fixes this by limiting the number of results and corrects the API's 429 error.

Close #1718. See also #1562 and #1705.

I would have liked to add the commented option #virustotal-res with a short description in the config.yaml file automatically, but I did not understand the “goflags” repository.

Regards.

Summary by CodeRabbit

• New Features
  • Added a new CLI/YAML option (-vR / --virustotal-res) to limit VirusTotal results during passive subdomain enumeration. Accepts 0 for default behavior or a multiple of 40; input is validated. Limits apply to passive enumeration output when set.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: ccc45894-d10d-4125-a510-7b33de00d848

📥 Commits

Reviewing files that changed from the base of the PR and between eff8959 and 35c6a87.

📒 Files selected for processing (2)

• pkg/runner/enumerate.go
• pkg/subscraping/sources/virustotal/virustotal.go

✅ Files skipped from review due to trivial changes (1)

• pkg/runner/enumerate.go

🚧 Files skipped from review as they are similar to previous changes (1)

• pkg/subscraping/sources/virustotal/virustotal.go

---

Walkthrough

Adds a CLI option to limit VirusTotal results (must be non-negative and a multiple of 40), validates it, passes it through context during enumeration, and makes the VirusTotal source stop emitting results once the configured limit is reached.

Changes

Cohort / File(s)	Summary
Documentation & CLI README.md, pkg/runner/options.go	Added -vR / --virustotal-res option and Options.VirusTotalResults YAML tag to configure VirusTotal result limits.
Validation pkg/runner/validate.go	Validate VirusTotalResults is non-negative and, if >0, a multiple of 40.
Context Propagation pkg/runner/enumerate.go, pkg/subscraping/types.go	Introduce VirustotalResultsCtxKey and attach configured limit to context passed into passive enumeration.
VirusTotal Source pkg/subscraping/sources/virustotal/virustotal.go	Read maxResults from context, track emitted results, update cursor pagination, and return early when the configured limit is reached.
Manifest go.mod	Touched (module manifest updated as part of changes).

Sequence Diagram

sequenceDiagram
    participant User
    participant Runner as Runner (opts)
    participant Validator
    participant Enumerator as Enumerator
    participant VT as VirusTotal Source

    User->>Runner: start with -virustotal-res 40
    Runner->>Runner: parse & set VirusTotalResults
    Runner->>Validator: validate options
    Validator-->>Runner: validation result
    Runner->>Enumerator: EnumerateSubdomainsWithCtx(ctx + virustotal-res)
    Enumerator->>VT: Enumerate with injected ctx
    VT->>VT: read maxResults from ctx
    loop paginate & emit subdomains
        VT->>Enumerator: emit subdomain
        VT->>VT: increment emitted count
        alt emitted >= maxResults
            VT-->>Enumerator: return early (stop pagination)
        end
    end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 I nibble numbers, forty by four,
Passing a limit through context's door,
The scanner hops, then knows when to rest,
No more extra calls — the quota's blessed,
Hooray for tidy results, and fewer 429s! 🎩

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and concisely describes the main change: adding a new CLI option (-vR, -virustotal-res) for the VirusTotal source to limit results.
Linked Issues check	✅ Passed	The pull request fully implements the requirements from issue #1718: it adds a CLI option to limit VirusTotal results with proper validation (multiple of 40) and default behavior preservation.
Out of Scope Changes check	✅ Passed	All changes are directly related to the objective of adding the -vR / -virustotal-res option for limiting VirusTotal results; no unrelated modifications detected.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[x-stp]

+1 nice one to clean up, seen it happen on my personal key and simply never bothered to rbanch for it, I left some suggestions as you defined VirustotalResultsCtxKey but neither side uses it; it's a clean way to key through the values though.

cheers,

[neo-by-projectdiscovery-dev]

Neo - PR Security Review

No security issues found

_{Comment @pdneo help for available commands. · Open in Neo}