updated dependencies

docs: add Mister7F as a contributor for ideas (#1036 )
* docs: update README.md [skip ci] * docs: update .all-contributorsrc [skip ci] --------- Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
2026-05-23 13:11:12 -03:00 · 2024-01-16 21:57:06 -05:00 · 2023-11-25 09:51:50 -05:00 · 2023-11-25 09:51:07 -05:00 · 2023-11-25 06:36:44 -05:00 · 2023-11-25 06:35:20 -05:00
93 changed files with 5339 additions and 2036 deletions
--- a/.all-contributorsrc
+++ b/.all-contributorsrc
@@ -198,7 +198,8 @@
      "avatar_url": "https://avatars.githubusercontent.com/u/24260009?v=4",
      "profile": "https://github.com/N0ur5",
      "contributions": [
-        "ideas"
+        "ideas",
+        "bug"
      ]
    },
    {
@@ -294,10 +295,10 @@
      ]
    },
    {
-      "login": "narkopolo",
-      "name": "narkopolo",
+      "login": "n0kovo",
+      "name": "n0kovo",
      "avatar_url": "https://avatars.githubusercontent.com/u/16690056?v=4",
-      "profile": "https://github.com/narkopolo",
+      "profile": "https://github.com/n0kovo",
      "contributions": [
        "ideas"
      ]
@@ -458,6 +459,238 @@
      "contributions": [
        "code"
      ]
+    },
+    {
+      "login": "kmanc",
+      "name": "kmanc",
+      "avatar_url": "https://avatars.githubusercontent.com/u/14863147?v=4",
+      "profile": "https://github.com/kmanc",
+      "contributions": [
+        "bug",
+        "code"
+      ]
+    },
+    {
+      "login": "hakdogpinas",
+      "name": "hakdogpinas",
+      "avatar_url": "https://avatars.githubusercontent.com/u/71529469?v=4",
+      "profile": "https://github.com/hakdogpinas",
+      "contributions": [
+        "ideas"
+      ]
+    },
+    {
+      "login": "duokebei",
+      "name": "多可悲",
+      "avatar_url": "https://avatars.githubusercontent.com/u/75022552?v=4",
+      "profile": "https://github.com/duokebei",
+      "contributions": [
+        "ideas"
+      ]
+    },
+    {
+      "login": "aidanhall34",
+      "name": "Aidan Hall",
+      "avatar_url": "https://avatars.githubusercontent.com/u/58670593?v=4",
+      "profile": "https://blog.ah34.net/",
+      "contributions": [
+        "code",
+        "infra"
+      ]
+    },
+    {
+      "login": "joaociocca",
+      "name": "João Ciocca",
+      "avatar_url": "https://avatars.githubusercontent.com/u/6473725?v=4",
+      "profile": "https://hachyderm.io/@JohnnyCiocca",
+      "contributions": [
+        "bug",
+        "ideas"
+      ]
+    },
+    {
+      "login": "f3rn0s",
+      "name": "f3rn0s",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1351279?v=4",
+      "profile": "https://github.com/f3rn0s",
+      "contributions": [
+        "bug"
+      ]
+    },
+    {
+      "login": "pich4ya",
+      "name": "LongCat",
+      "avatar_url": "https://avatars.githubusercontent.com/u/2099767?v=4",
+      "profile": "https://sth.sh",
+      "contributions": [
+        "ideas"
+      ]
+    },
+    {
+      "login": "xaeroborg",
+      "name": "xaeroborg",
+      "avatar_url": "https://avatars.githubusercontent.com/u/33274680?v=4",
+      "profile": "https://github.com/xaeroborg",
+      "contributions": [
+        "ideas"
+      ]
+    },
+    {
+      "login": "Luoooio",
+      "name": "Luoooio",
+      "avatar_url": "https://avatars.githubusercontent.com/u/26653157?v=4",
+      "profile": "https://github.com/Luoooio",
+      "contributions": [
+        "ideas"
+      ]
+    },
+    {
+      "login": "aancw",
+      "name": "Aan",
+      "avatar_url": "https://avatars.githubusercontent.com/u/6284204?v=4",
+      "profile": "https://petruknisme.com",
+      "contributions": [
+        "code",
+        "infra",
+        "ideas"
+      ]
+    },
+    {
+      "login": "imBigo",
+      "name": "Simon",
+      "avatar_url": "https://avatars.githubusercontent.com/u/54672433?v=4",
+      "profile": "https://github.com/imBigo",
+      "contributions": [
+        "bug"
+      ]
+    },
+    {
+      "login": "acut3",
+      "name": "Nicolas Christin",
+      "avatar_url": "https://avatars.githubusercontent.com/u/17295243?v=4",
+      "profile": "https://acut3.github.io/",
+      "contributions": [
+        "bug"
+      ]
+    },
+    {
+      "login": "DrorDvash",
+      "name": "DrDv",
+      "avatar_url": "https://avatars.githubusercontent.com/u/8413651?v=4",
+      "profile": "https://github.com/DrorDvash",
+      "contributions": [
+        "bug"
+      ]
+    },
+    {
+      "login": "aroly",
+      "name": "Antoine Roly",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1257705?v=4",
+      "profile": "https://github.com/aroly",
+      "contributions": [
+        "ideas"
+      ]
+    },
+    {
+      "login": "lavafroth",
+      "name": "Himadri Bhattacharjee",
+      "avatar_url": "https://avatars.githubusercontent.com/u/107522312?v=4",
+      "profile": "http://lavafroth.is-a.dev",
+      "contributions": [
+        "code",
+        "ideas"
+      ]
+    },
+    {
+      "login": "AkechiShiro",
+      "name": "Samy Lahfa",
+      "avatar_url": "https://avatars.githubusercontent.com/u/14914796?v=4",
+      "profile": "https://github.com/AkechiShiro",
+      "contributions": [
+        "ideas"
+      ]
+    },
+    {
+      "login": "sectroyer",
+      "name": "sectroyer",
+      "avatar_url": "https://avatars.githubusercontent.com/u/6706818?v=4",
+      "profile": "https://github.com/sectroyer",
+      "contributions": [
+        "bug",
+        "ideas"
+      ]
+    },
+    {
+      "login": "ktecv2000",
+      "name": "ktecv2000",
+      "avatar_url": "https://avatars.githubusercontent.com/u/19836003?v=4",
+      "profile": "https://medium.com/@b3rm1nG",
+      "contributions": [
+        "bug"
+      ]
+    },
+    {
+      "login": "andreademurtas",
+      "name": "Andrea De Murtas",
+      "avatar_url": "https://avatars.githubusercontent.com/u/56048157?v=4",
+      "profile": "http://untrue.me",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "sawmj",
+      "name": "sawmj",
+      "avatar_url": "https://avatars.githubusercontent.com/u/30024085?v=4",
+      "profile": "https://github.com/sawmj",
+      "contributions": [
+        "bug"
+      ]
+    },
+    {
+      "login": "devx00",
+      "name": "Zach Hanson",
+      "avatar_url": "https://avatars.githubusercontent.com/u/6897405?v=4",
+      "profile": "https://github.com/devx00",
+      "contributions": [
+        "bug"
+      ]
+    },
+    {
+      "login": "ocervell",
+      "name": "Olivier Cervello",
+      "avatar_url": "https://avatars.githubusercontent.com/u/9629314?v=4",
+      "profile": "https://github.com/ocervell",
+      "contributions": [
+        "ideas"
+      ]
+    },
+    {
+      "login": "RavySena",
+      "name": "RavySena",
+      "avatar_url": "https://avatars.githubusercontent.com/u/67729597?v=4",
+      "profile": "https://github.com/RavySena",
+      "contributions": [
+        "ideas"
+      ]
+    },
+    {
+      "login": "stuhlmann",
+      "name": "Florian Stuhlmann",
+      "avatar_url": "https://avatars.githubusercontent.com/u/11061864?v=4",
+      "profile": "https://github.com/stuhlmann",
+      "contributions": [
+        "bug"
+      ]
+    },
+    {
+      "login": "Mister7F",
+      "name": "Mister7F",
+      "avatar_url": "https://avatars.githubusercontent.com/u/35213773?v=4",
+      "profile": "https://github.com/Mister7F",
+      "contributions": [
+        "ideas"
+      ]
    }
  ],
  "contributorsPerLine": 7,
@@ -466,5 +699,6 @@
  "repoType": "github",
  "repoHost": "https://github.com",
  "skipCi": true,
-  "commitConvention": "angular"
+  "commitConvention": "angular",
+  "commitType": "docs"
 }
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -27,13 +27,13 @@ jobs:
          - type: armv7
            os: ubuntu-latest
            target: armv7-unknown-linux-gnueabihf
-            name: armv7-feroxbuster
+            name: armv7-linux-feroxbuster
            path: target/armv7-unknown-linux-gnueabihf/release/feroxbuster
            pkg_config_path: /usr/lib/x86_64-linux-gnu/pkgconfig
          - type: aarch64
            os: ubuntu-latest
            target: aarch64-unknown-linux-gnu
-            name: aarch64-feroxbuster
+            name: aarch64-linux-feroxbuster
            path: target/aarch64-unknown-linux-gnu/release/feroxbuster
            pkg_config_path: /usr/lib/x86_64-linux-gnu/pkgconfig
    steps:
@@ -73,6 +73,35 @@ jobs:
          name: ${{ matrix.name }}.tar.gz
          path: ${{ matrix.name }}.tar.gz

+  build-debug:
+    env:
+      IN_PIPELINE: true
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Install System Dependencies
+        run: |
+          env
+          sudo apt-get update
+          sudo apt-get install -y --no-install-recommends libssl-dev pkg-config
+      - uses: actions-rs/toolchain@v1
+        with:
+          toolchain: stable
+          target: x86_64-unknown-linux-musl
+          override: true
+      - uses: actions-rs/cargo@v1
+        env:
+          PKG_CONFIG_PATH: /usr/lib/x86_64-linux-gnu/pkgconfig
+          OPENSSL_DIR: /usr/lib/ssl
+        with:
+          use-cross: true
+          command: build
+          args: --target=x86_64-unknown-linux-musl
+      - uses: actions/upload-artifact@v2
+        with:
+          name: x86_64-linux-debug-feroxbuster
+          path: target/x86_64-unknown-linux-musl/debug/feroxbuster
+
  # build-deb:
  #   needs: [build-nix]
  #   runs-on: ubuntu-latest
--- a/.github/workflows/coverage.yml
+++ b/.github/workflows/coverage.yml
@@ -7,18 +7,18 @@ jobs:
    name: LLVM Coverage
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v2
-      - name: Install llvm-tools-preview
-        run: rustup toolchain install stable --component llvm-tools-preview
-      - name: Install cargo-llvm-cov
-        uses: taiki-e/install-action@cargo-llvm-cov
-      - name: Install cargo-nextest
-        uses: taiki-e/install-action@nextest
-      - name: Generate code coverage
-        run: cargo llvm-cov  nextest  --all-features --no-fail-fast --lcov --output-path lcov.info -- --retries 10
-      - name: Upload coverage to Codecov
-        uses: codecov/codecov-action@v1
+      - uses: actions/checkout@v3
+      - uses: dtolnay/rust-toolchain@stable
+        with:
+          components: llvm-tools-preview
+      - name: Install cargo-llvm-cov and cargo-nextest
+        uses: taiki-e/install-action@v2
+        with:
+          tool: cargo-nextest,cargo-llvm-cov
+      - name: Generate code coverage
+        run: cargo llvm-cov nextest --all-features --no-fail-fast --lcov --output-path lcov.info
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v3
        with:
-          token: ${{ secrets.CODECOV_TOKEN }}
          files: lcov.info
          fail_ci_if_error: true
--- a/.gitignore
+++ b/.gitignore
@@ -30,3 +30,6 @@ ferox-*.state

 # python stuff cuz reasons
 Pipfile*
+
+# ignore choco_package generated nupkg
+/choco_package/*.nupkg
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -76,35 +76,35 @@ Now that you have a copy of your fork, there is work you will need to do to keep

 Do this prior to every time you create a branch for a PR:

-1. Make sure you are on the `master` branch
+1. Make sure you are on the `main` branch

  > ```sh
  > $ git status
-  > On branch master
-  > Your branch is up-to-date with 'origin/master'.
+  > On branch main
+  > Your branch is up-to-date with 'origin/main'.
  > ```

-  > If your aren't on `master`, resolve outstanding files and commits and checkout the `master` branch
+  > If your aren't on `main`, resolve outstanding files and commits and checkout the `main` branch

  > ```sh
-  > $ git checkout master
+  > $ git checkout main
  > ```

 2. Do a pull with rebase against `upstream`

  > ```sh
-  > $ git pull --rebase upstream master
+  > $ git pull --rebase upstream main
  > ```

-  > This will pull down all of the changes to the official master branch, without making an additional commit in your local repo.
+  > This will pull down all of the changes to the official main branch, without making an additional commit in your local repo.

-3. (_Optional_) Force push your updated master branch to your GitHub fork
+3. (_Optional_) Force push your updated main branch to your GitHub fork

  > ```sh
-  > $ git push origin master --force
+  > $ git push origin main --force
  > ```

-  > This will overwrite the master branch of your fork.
+  > This will overwrite the main branch of your fork.

 ### Creating a branch

@@ -214,20 +214,20 @@ GitHub has a good guide on how to contribute to open source [here](https://opens

 ##### Editing via your local fork

-1.  Perform the maintenance step of rebasing `master`
-2.  Ensure you're on the `master` branch using `git status`:
+1.  Perform the maintenance step of rebasing `main`
+2.  Ensure you're on the `main` branch using `git status`:

 ```sh
 $ git status
-On branch master
-Your branch is up-to-date with 'origin/master'.
+On branch main
+Your branch is up-to-date with 'origin/main'.

 nothing to commit, working directory clean
 ```

-1.  If you're not on master or your working directory is not clean, resolve
-    any outstanding files/commits and checkout master `git checkout master`
-2.  Create a branch off of `master` with git: `git checkout -B
+1.  If you're not on main or your working directory is not clean, resolve
+    any outstanding files/commits and checkout main `git checkout main`
+2.  Create a branch off of `main` with git: `git checkout -B
    branch/name-here`
 3.  Edit your file(s) locally with the editor of your choice
 4.  Check your `git status` to see unstaged files
@@ -239,8 +239,8 @@ nothing to commit, working directory clean
 8.  Push your commits to your GitHub Fork: `git push -u origin branch/name-here`
 9.  Once the edits have been committed, you will be prompted to create a pull
    request on your fork's GitHub page
-10.  By default, all pull requests should be against the `master` branch
-11.  Submit a pull request from your branch to feroxbuster's `master` branch
+10.  By default, all pull requests should be against the `main` branch
+11.  Submit a pull request from your branch to feroxbuster's `main` branch
 12.  The title (also called the subject) of your PR should be descriptive of your
    changes and succinctly indicate what is being fixed
    -   Examples: `Add test cases for Unicode support`; `Correct typo in overview documentation`
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "feroxbuster"
-version = "2.7.2"
+version = "2.10.2"
 authors = ["Ben 'epi' Risher (@epi052)"]
 license = "MIT"
 edition = "2021"
@@ -22,46 +22,57 @@ build = "build.rs"
 maintenance = { status = "actively-developed" }

 [build-dependencies]
-clap = { version = "4.0.8", features = ["wrap_help", "cargo"] }
-clap_complete = "4.0.2"
-regex = "1.5.5"
-lazy_static = "1.4.0"
-dirs = "4.0.0"
+clap = { version = "4.4", features = ["wrap_help", "cargo"] }
+clap_complete = "4.4"
+regex = "1.10"
+lazy_static = "1.4"
+dirs = "5.0"

 [dependencies]
-scraper = "0.13.0"
-futures = "0.3.21"
-tokio = { version = "1.18.2", features = ["full"] }
-tokio-util = { version = "0.7.1", features = ["codec"] }
-log = "0.4.17"
-env_logger = "0.9.0"
-reqwest = { version = "0.11.10", features = ["socks"] }
+scraper = "0.18"
+futures = "0.3"
+tokio = { version = "1.35", features = ["full"] }
+tokio-util = { version = "0.7", features = ["codec"] }
+log = "0.4"
+env_logger = "0.10"
+reqwest = { version = "0.11", features = ["socks", "native-tls-alpn"] }
 # uses feature unification to add 'serde' to reqwest::Url
-url = { version = "2.2.2", features = ["serde"] }
-serde_regex = "1.1.0"
-clap = { version = "4.0.8", features = ["wrap_help", "cargo"] }
-lazy_static = "1.4.0"
-toml = "0.5.9"
-serde = { version = "1.0.137", features = ["derive", "rc"] }
-serde_json = "1.0.81"
-uuid = { version = "1.0.0", features = ["v4"] }
-indicatif = "0.15"
-console = "0.15.2"
-openssl = { version = "0.10.40", features = ["vendored"] }
-dirs = "4.0.0"
-regex = "1.5.5"
-crossterm = "0.25.0"
-rlimit = "0.8.3"
-ctrlc = "3.2.2"
-fuzzyhash = "0.2.1"
-anyhow = "1.0.57"
-leaky-bucket = "0.12.1"
+url = { version = "2.5", features = ["serde"] }
+serde_regex = "1.1"
+clap = { version = "4.4", features = ["wrap_help", "cargo"] }
+lazy_static = "1.4"
+toml = "0.8"
+serde = { version = "1.0", features = ["derive", "rc"] }
+serde_json = "1.0"
+uuid = { version = "1.6", features = ["v4"] }
+# last known working version of indicatif; 0.17.5 has a bug that causes the 
+# scan menu to fail spectacularly 
+indicatif = { version = "0.17.3" }
+console = "0.15"
+openssl = { version = "0.10", features = ["vendored"] }
+dirs = "5.0"
+regex = "1.10"
+crossterm = "0.27"
+rlimit = "0.10"
+ctrlc = "3.4"
+anyhow = "1.0"
+leaky-bucket = "1.0"
+gaoya = "0.2"
+# 0.37+ relies on the broken version of indicatif and forces
+# the broken version to be used regardless of the version
+# specified above 
+self_update = { version = "0.36", features = [
+    "archive-tar",
+    "compression-flate2",
+    "archive-zip",
+    "compression-zip-deflate",
+] }

 [dev-dependencies]
-tempfile = "3.3.0"
-httpmock = "0.6.6"
-assert_cmd = "2.0.4"
-predicates = "2.1.1"
+tempfile = "3.9"
+httpmock = "0.6"
+assert_cmd = "2.0"
+predicates = "3.1"

 [profile.release]
 lto = true
--- a/11
+++ b/11
@@ -1,10 +1,7 @@
-# Image: alpine:3.14.2
-FROM alpine@sha256:69704ef328d05a9f806b6b8502915e6a0a4faa4d72018dc42343f511490daf8a as build
+FROM alpine:3.17.1 as build
 LABEL maintainer="wfnintr@null.net"

-RUN sed -i -e 's/v[[:digit:]]\..*\//edge\//g' /etc/apk/repositories \
-    && apk upgrade --update-cache --available && apk add --update openssl
-
+RUN apk upgrade --update-cache --available && apk add --update openssl

 # Download latest release
 RUN wget https://github.com/epi052/feroxbuster/releases/latest/download/x86_64-linux-feroxbuster.zip -qO feroxbuster.zip \
@@ -12,9 +9,7 @@ RUN wget https://github.com/epi052/feroxbuster/releases/latest/download/x86_64-l
    && chmod +x /tmp/feroxbuster \
    && wget https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/raft-medium-directories.txt -O /tmp/raft-medium-directories.txt

-# Image: alpine:3.14.2
-FROM alpine@sha256:69704ef328d05a9f806b6b8502915e6a0a4faa4d72018dc42343f511490daf8a as release
-
+from alpine:3.17.1 as release
 COPY --from=build /tmp/raft-medium-directories.txt /usr/share/seclists/Discovery/Web-Content/raft-medium-directories.txt
 COPY --from=build /tmp/feroxbuster /usr/local/bin/feroxbuster

--- a/2
+++ b/2
@@ -1,6 +1,6 @@
 MIT License

-Copyright (c) 2020 epi
+Copyright (c) 2020-2023 epi

 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
--- a/3
+++ b/3
@@ -70,7 +70,8 @@ ifeq (1, $(VENDORED))
 endif

 $(TARGET)/$(BIN): extract
-	mkdir -p .cargo
+	mkdir -p .cargo debian
+	touch debian/cargo.config
 	cp debian/cargo.config .cargo/config.toml
 	cargo build $(ARGS)

--- a/Makefile.toml
+++ b/Makefile.toml
@@ -11,7 +11,7 @@ rm ferox-*.state
 # dependency management
 [tasks.upgrade-deps]
 command = "cargo"
-args = ["upgrade", "--exclude", "indicatif"]
+args = ["upgrade", "--exclude", "indicatif", "--exclude", "self_update"]

 [tasks.update]
 command = "cargo"
@@ -23,3 +23,10 @@ clear = true
 script = """
 cargo clippy --all-targets --all-features -- -D warnings
 """
+
+# tests
+[tasks.test]
+clear = true
+script = """
+cargo nextest run --all-features --all-targets --retries 10
+"""
--- a/README.md
+++ b/README.md
@@ -8,7 +8,7 @@

 <p align="center">
  <a href="https://github.com/epi052/feroxbuster/actions?query=workflow%3A%22CI+Pipeline%22">
-    <img src="https://img.shields.io/github/workflow/status/epi052/feroxbuster/CI%20Pipeline/main?logo=github">
+    <img src="https://img.shields.io/github/actions/workflow/status/epi052/feroxbuster/.github/workflows/check.yml?branch=main&logo=github">
  </a>

  <a href="https://github.com/epi052/feroxbuster/releases">
@@ -97,10 +97,21 @@ sudo apt update && sudo apt install -y feroxbuster

 #### Linux (32 and 64-bit) & MacOS

+Install to a particular directory
 ```
-curl -sL https://raw.githubusercontent.com/epi052/feroxbuster/master/install-nix.sh | bash
+curl -sL https://raw.githubusercontent.com/epi052/feroxbuster/main/install-nix.sh | bash -s $HOME/.local/bin
 ```

+Install to current working directory
+```
+curl -sL https://raw.githubusercontent.com/epi052/feroxbuster/main/install-nix.sh | bash
+```
+
+#### MacOS via Homebrew 
+
+```
+brew install feroxbuster
+```

 #### Windows x86_64

@@ -110,10 +121,22 @@ Expand-Archive .\feroxbuster.zip
 .\feroxbuster\feroxbuster.exe -V
 ```

+#### Windows via Chocolatey
+
+```
+choco install feroxbuster
+```
+
 #### All others 

 Please refer the the [documentation](https://epi052.github.io/feroxbuster-docs/docs/).

+### Updating feroxbuster (new in v2.9.1)
+
+```
+./feroxbuster --update
+```
+
 ## 🧰 Example Usage

 Here are a few brief examples to get you started.  Please note, feroxbuster can do a **lot more** than what's listed below.  As a result, there are **many more** examples, with **demonstration gifs** that highlight specific features, in the [documentation](https://epi052.github.io/feroxbuster-docs/docs/).
@@ -167,6 +190,8 @@ cat targets | ./feroxbuster --stdin --silent -s 200 301 302 --redirects -x js |
 ./feroxbuster -u http://127.1 --query token=0123456789ABCDEF
 ```

+
+
 ## 🚀 Documentation has **moved** 🚀  

 For realsies, there used to be over 1300 lines in this README, but it's all been moved to the [new documentation site](https://epi052.github.io/feroxbuster-docs/docs/). Go check it out! 
@@ -183,67 +208,100 @@ Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/d
 <table>
  <tbody>
    <tr>
-      <td align="center"><a href="https://io.fi"><img src="https://avatars.githubusercontent.com/u/5235109?v=4?s=100" width="100px;" alt="Joona Hoikkala"/><br /><sub><b>Joona Hoikkala</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=joohoi" title="Documentation">📖</a></td>
-      <td align="center"><a href="https://github.com/jsav0"><img src="https://avatars.githubusercontent.com/u/20546041?v=4?s=100" width="100px;" alt="J Savage"/><br /><sub><b>J Savage</b></sub></a><br /><a href="#infra-jsav0" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="https://github.com/epi052/feroxbuster/commits?author=jsav0" title="Documentation">📖</a></td>
-      <td align="center"><a href="http://www.tgotwig.dev"><img src="https://avatars.githubusercontent.com/u/30773779?v=4?s=100" width="100px;" alt="Thomas Gotwig"/><br /><sub><b>Thomas Gotwig</b></sub></a><br /><a href="#infra-TGotwig" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="https://github.com/epi052/feroxbuster/commits?author=TGotwig" title="Documentation">📖</a></td>
-      <td align="center"><a href="https://github.com/spikecodes"><img src="https://avatars.githubusercontent.com/u/19519553?v=4?s=100" width="100px;" alt="Spike"/><br /><sub><b>Spike</b></sub></a><br /><a href="#infra-spikecodes" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="https://github.com/epi052/feroxbuster/commits?author=spikecodes" title="Documentation">📖</a></td>
-      <td align="center"><a href="https://github.com/evanrichter"><img src="https://avatars.githubusercontent.com/u/330292?v=4?s=100" width="100px;" alt="Evan Richter"/><br /><sub><b>Evan Richter</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=evanrichter" title="Code">💻</a> <a href="https://github.com/epi052/feroxbuster/commits?author=evanrichter" title="Documentation">📖</a></td>
-      <td align="center"><a href="https://github.com/mzpqnxow"><img src="https://avatars.githubusercontent.com/u/8016228?v=4?s=100" width="100px;" alt="AG"/><br /><sub><b>AG</b></sub></a><br /><a href="#ideas-mzpqnxow" title="Ideas, Planning, & Feedback">🤔</a> <a href="https://github.com/epi052/feroxbuster/commits?author=mzpqnxow" title="Documentation">📖</a></td>
-      <td align="center"><a href="https://n-thumann.de/"><img src="https://avatars.githubusercontent.com/u/46975855?v=4?s=100" width="100px;" alt="Nicolas Thumann"/><br /><sub><b>Nicolas Thumann</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=n-thumann" title="Code">💻</a> <a href="https://github.com/epi052/feroxbuster/commits?author=n-thumann" title="Documentation">📖</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://io.fi"><img src="https://avatars.githubusercontent.com/u/5235109?v=4?s=100" width="100px;" alt="Joona Hoikkala"/><br /><sub><b>Joona Hoikkala</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=joohoi" title="Documentation">📖</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/jsav0"><img src="https://avatars.githubusercontent.com/u/20546041?v=4?s=100" width="100px;" alt="J Savage"/><br /><sub><b>J Savage</b></sub></a><br /><a href="#infra-jsav0" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="https://github.com/epi052/feroxbuster/commits?author=jsav0" title="Documentation">📖</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="http://www.tgotwig.dev"><img src="https://avatars.githubusercontent.com/u/30773779?v=4?s=100" width="100px;" alt="Thomas Gotwig"/><br /><sub><b>Thomas Gotwig</b></sub></a><br /><a href="#infra-TGotwig" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="https://github.com/epi052/feroxbuster/commits?author=TGotwig" title="Documentation">📖</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/spikecodes"><img src="https://avatars.githubusercontent.com/u/19519553?v=4?s=100" width="100px;" alt="Spike"/><br /><sub><b>Spike</b></sub></a><br /><a href="#infra-spikecodes" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="https://github.com/epi052/feroxbuster/commits?author=spikecodes" title="Documentation">📖</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/evanrichter"><img src="https://avatars.githubusercontent.com/u/330292?v=4?s=100" width="100px;" alt="Evan Richter"/><br /><sub><b>Evan Richter</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=evanrichter" title="Code">💻</a> <a href="https://github.com/epi052/feroxbuster/commits?author=evanrichter" title="Documentation">📖</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/mzpqnxow"><img src="https://avatars.githubusercontent.com/u/8016228?v=4?s=100" width="100px;" alt="AG"/><br /><sub><b>AG</b></sub></a><br /><a href="#ideas-mzpqnxow" title="Ideas, Planning, & Feedback">🤔</a> <a href="https://github.com/epi052/feroxbuster/commits?author=mzpqnxow" title="Documentation">📖</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://n-thumann.de/"><img src="https://avatars.githubusercontent.com/u/46975855?v=4?s=100" width="100px;" alt="Nicolas Thumann"/><br /><sub><b>Nicolas Thumann</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=n-thumann" title="Code">💻</a> <a href="https://github.com/epi052/feroxbuster/commits?author=n-thumann" title="Documentation">📖</a></td>
    </tr>
    <tr>
-      <td align="center"><a href="https://github.com/tomtastic"><img src="https://avatars.githubusercontent.com/u/302127?v=4?s=100" width="100px;" alt="Tom Matthews"/><br /><sub><b>Tom Matthews</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=tomtastic" title="Documentation">📖</a></td>
-      <td align="center"><a href="https://github.com/bsysop"><img src="https://avatars.githubusercontent.com/u/9998303?v=4?s=100" width="100px;" alt="bsysop"/><br /><sub><b>bsysop</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=bsysop" title="Documentation">📖</a></td>
-      <td align="center"><a href="http://bpsizemore.me"><img src="https://avatars.githubusercontent.com/u/11645898?v=4?s=100" width="100px;" alt="Brian Sizemore"/><br /><sub><b>Brian Sizemore</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=bpsizemore" title="Code">💻</a></td>
-      <td align="center"><a href="https://pwn.by/noraj"><img src="https://avatars.githubusercontent.com/u/16578570?v=4?s=100" width="100px;" alt="Alexandre ZANNI"/><br /><sub><b>Alexandre ZANNI</b></sub></a><br /><a href="#infra-noraj" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="https://github.com/epi052/feroxbuster/commits?author=noraj" title="Documentation">📖</a></td>
-      <td align="center"><a href="https://github.com/craig"><img src="https://avatars.githubusercontent.com/u/99729?v=4?s=100" width="100px;" alt="Craig"/><br /><sub><b>Craig</b></sub></a><br /><a href="#infra-craig" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a></td>
-      <td align="center"><a href="https://www.reddit.com/u/EONRaider"><img src="https://avatars.githubusercontent.com/u/15611424?v=4?s=100" width="100px;" alt="EONRaider"/><br /><sub><b>EONRaider</b></sub></a><br /><a href="#infra-EONRaider" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a></td>
-      <td align="center"><a href="https://github.com/wtwver"><img src="https://avatars.githubusercontent.com/u/53866088?v=4?s=100" width="100px;" alt="wtwver"/><br /><sub><b>wtwver</b></sub></a><br /><a href="#infra-wtwver" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/tomtastic"><img src="https://avatars.githubusercontent.com/u/302127?v=4?s=100" width="100px;" alt="Tom Matthews"/><br /><sub><b>Tom Matthews</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=tomtastic" title="Documentation">📖</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/bsysop"><img src="https://avatars.githubusercontent.com/u/9998303?v=4?s=100" width="100px;" alt="bsysop"/><br /><sub><b>bsysop</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=bsysop" title="Documentation">📖</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="http://bpsizemore.me"><img src="https://avatars.githubusercontent.com/u/11645898?v=4?s=100" width="100px;" alt="Brian Sizemore"/><br /><sub><b>Brian Sizemore</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=bpsizemore" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://pwn.by/noraj"><img src="https://avatars.githubusercontent.com/u/16578570?v=4?s=100" width="100px;" alt="Alexandre ZANNI"/><br /><sub><b>Alexandre ZANNI</b></sub></a><br /><a href="#infra-noraj" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="https://github.com/epi052/feroxbuster/commits?author=noraj" title="Documentation">📖</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/craig"><img src="https://avatars.githubusercontent.com/u/99729?v=4?s=100" width="100px;" alt="Craig"/><br /><sub><b>Craig</b></sub></a><br /><a href="#infra-craig" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://www.reddit.com/u/EONRaider"><img src="https://avatars.githubusercontent.com/u/15611424?v=4?s=100" width="100px;" alt="EONRaider"/><br /><sub><b>EONRaider</b></sub></a><br /><a href="#infra-EONRaider" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/wtwver"><img src="https://avatars.githubusercontent.com/u/53866088?v=4?s=100" width="100px;" alt="wtwver"/><br /><sub><b>wtwver</b></sub></a><br /><a href="#infra-wtwver" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a></td>
    </tr>
    <tr>
-      <td align="center"><a href="https://tib3rius.com"><img src="https://avatars.githubusercontent.com/u/48113936?v=4?s=100" width="100px;" alt="Tib3rius"/><br /><sub><b>Tib3rius</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3ATib3rius" title="Bug reports">🐛</a></td>
-      <td align="center"><a href="https://github.com/0xdf"><img src="https://avatars.githubusercontent.com/u/1489045?v=4?s=100" width="100px;" alt="0xdf"/><br /><sub><b>0xdf</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3A0xdf" title="Bug reports">🐛</a></td>
-      <td align="center"><a href="http://secure77.de"><img src="https://avatars.githubusercontent.com/u/31564517?v=4?s=100" width="100px;" alt="secure-77"/><br /><sub><b>secure-77</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Asecure-77" title="Bug reports">🐛</a></td>
-      <td align="center"><a href="https://github.com/sbrun"><img src="https://avatars.githubusercontent.com/u/7712154?v=4?s=100" width="100px;" alt="Sophie Brun"/><br /><sub><b>Sophie Brun</b></sub></a><br /><a href="#infra-sbrun" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a></td>
-      <td align="center"><a href="https://github.com/black-A"><img src="https://avatars.githubusercontent.com/u/30686803?v=4?s=100" width="100px;" alt="black-A"/><br /><sub><b>black-A</b></sub></a><br /><a href="#ideas-black-A" title="Ideas, Planning, & Feedback">🤔</a></td>
-      <td align="center"><a href="https://github.com/dinosn"><img src="https://avatars.githubusercontent.com/u/3851678?v=4?s=100" width="100px;" alt="Nicolas Krassas"/><br /><sub><b>Nicolas Krassas</b></sub></a><br /><a href="#ideas-dinosn" title="Ideas, Planning, & Feedback">🤔</a></td>
-      <td align="center"><a href="https://github.com/N0ur5"><img src="https://avatars.githubusercontent.com/u/24260009?v=4?s=100" width="100px;" alt="N0ur5"/><br /><sub><b>N0ur5</b></sub></a><br /><a href="#ideas-N0ur5" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://tib3rius.com"><img src="https://avatars.githubusercontent.com/u/48113936?v=4?s=100" width="100px;" alt="Tib3rius"/><br /><sub><b>Tib3rius</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3ATib3rius" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/0xdf"><img src="https://avatars.githubusercontent.com/u/1489045?v=4?s=100" width="100px;" alt="0xdf"/><br /><sub><b>0xdf</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3A0xdf" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="http://secure77.de"><img src="https://avatars.githubusercontent.com/u/31564517?v=4?s=100" width="100px;" alt="secure-77"/><br /><sub><b>secure-77</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Asecure-77" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/sbrun"><img src="https://avatars.githubusercontent.com/u/7712154?v=4?s=100" width="100px;" alt="Sophie Brun"/><br /><sub><b>Sophie Brun</b></sub></a><br /><a href="#infra-sbrun" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/black-A"><img src="https://avatars.githubusercontent.com/u/30686803?v=4?s=100" width="100px;" alt="black-A"/><br /><sub><b>black-A</b></sub></a><br /><a href="#ideas-black-A" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/dinosn"><img src="https://avatars.githubusercontent.com/u/3851678?v=4?s=100" width="100px;" alt="Nicolas Krassas"/><br /><sub><b>Nicolas Krassas</b></sub></a><br /><a href="#ideas-dinosn" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/N0ur5"><img src="https://avatars.githubusercontent.com/u/24260009?v=4?s=100" width="100px;" alt="N0ur5"/><br /><sub><b>N0ur5</b></sub></a><br /><a href="#ideas-N0ur5" title="Ideas, Planning, & Feedback">🤔</a> <a href="https://github.com/epi052/feroxbuster/issues?q=author%3AN0ur5" title="Bug reports">🐛</a></td>
    </tr>
    <tr>
-      <td align="center"><a href="https://github.com/moscowchill"><img src="https://avatars.githubusercontent.com/u/72578879?v=4?s=100" width="100px;" alt="mchill"/><br /><sub><b>mchill</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Amoscowchill" title="Bug reports">🐛</a></td>
-      <td align="center"><a href="http://BitThr3at.github.io"><img src="https://avatars.githubusercontent.com/u/45028933?v=4?s=100" width="100px;" alt="Naman"/><br /><sub><b>Naman</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3ABitThr3at" title="Bug reports">🐛</a></td>
-      <td align="center"><a href="https://github.com/Sicks3c"><img src="https://avatars.githubusercontent.com/u/32225186?v=4?s=100" width="100px;" alt="Ayoub Elaich"/><br /><sub><b>Ayoub Elaich</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Asicks3c" title="Bug reports">🐛</a></td>
-      <td align="center"><a href="https://github.com/HenryHoggard"><img src="https://avatars.githubusercontent.com/u/1208121?v=4?s=100" width="100px;" alt="Henry"/><br /><sub><b>Henry</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3AHenryHoggard" title="Bug reports">🐛</a></td>
-      <td align="center"><a href="https://github.com/SleepiPanda"><img src="https://avatars.githubusercontent.com/u/6428561?v=4?s=100" width="100px;" alt="SleepiPanda"/><br /><sub><b>SleepiPanda</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3ASleepiPanda" title="Bug reports">🐛</a></td>
-      <td align="center"><a href="https://github.com/uBadRequest"><img src="https://avatars.githubusercontent.com/u/47282747?v=4?s=100" width="100px;" alt="Bad Requests"/><br /><sub><b>Bad Requests</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3AuBadRequest" title="Bug reports">🐛</a></td>
-      <td align="center"><a href="https://home.dnaka91.rocks"><img src="https://avatars.githubusercontent.com/u/36804488?v=4?s=100" width="100px;" alt="Dominik Nakamura"/><br /><sub><b>Dominik Nakamura</b></sub></a><br /><a href="#infra-dnaka91" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/moscowchill"><img src="https://avatars.githubusercontent.com/u/72578879?v=4?s=100" width="100px;" alt="mchill"/><br /><sub><b>mchill</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Amoscowchill" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="http://BitThr3at.github.io"><img src="https://avatars.githubusercontent.com/u/45028933?v=4?s=100" width="100px;" alt="Naman"/><br /><sub><b>Naman</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3ABitThr3at" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/Sicks3c"><img src="https://avatars.githubusercontent.com/u/32225186?v=4?s=100" width="100px;" alt="Ayoub Elaich"/><br /><sub><b>Ayoub Elaich</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Asicks3c" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/HenryHoggard"><img src="https://avatars.githubusercontent.com/u/1208121?v=4?s=100" width="100px;" alt="Henry"/><br /><sub><b>Henry</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3AHenryHoggard" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/SleepiPanda"><img src="https://avatars.githubusercontent.com/u/6428561?v=4?s=100" width="100px;" alt="SleepiPanda"/><br /><sub><b>SleepiPanda</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3ASleepiPanda" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/uBadRequest"><img src="https://avatars.githubusercontent.com/u/47282747?v=4?s=100" width="100px;" alt="Bad Requests"/><br /><sub><b>Bad Requests</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3AuBadRequest" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://home.dnaka91.rocks"><img src="https://avatars.githubusercontent.com/u/36804488?v=4?s=100" width="100px;" alt="Dominik Nakamura"/><br /><sub><b>Dominik Nakamura</b></sub></a><br /><a href="#infra-dnaka91" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a></td>
    </tr>
    <tr>
-      <td align="center"><a href="https://github.com/hunter0x8"><img src="https://avatars.githubusercontent.com/u/46222314?v=4?s=100" width="100px;" alt="Muhammad Ahsan"/><br /><sub><b>Muhammad Ahsan</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Ahunter0x8" title="Bug reports">🐛</a></td>
-      <td align="center"><a href="https://github.com/cortantief"><img src="https://avatars.githubusercontent.com/u/34527333?v=4?s=100" width="100px;" alt="cortantief"/><br /><sub><b>cortantief</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Acortantief" title="Bug reports">🐛</a> <a href="https://github.com/epi052/feroxbuster/commits?author=cortantief" title="Code">💻</a></td>
-      <td align="center"><a href="https://github.com/dsaxton"><img src="https://avatars.githubusercontent.com/u/2658661?v=4?s=100" width="100px;" alt="Daniel Saxton"/><br /><sub><b>Daniel Saxton</b></sub></a><br /><a href="#ideas-dsaxton" title="Ideas, Planning, & Feedback">🤔</a> <a href="https://github.com/epi052/feroxbuster/commits?author=dsaxton" title="Code">💻</a></td>
-      <td align="center"><a href="https://github.com/narkopolo"><img src="https://avatars.githubusercontent.com/u/16690056?v=4?s=100" width="100px;" alt="narkopolo"/><br /><sub><b>narkopolo</b></sub></a><br /><a href="#ideas-narkopolo" title="Ideas, Planning, & Feedback">🤔</a></td>
-      <td align="center"><a href="https://ring0.lol"><img src="https://avatars.githubusercontent.com/u/1893909?v=4?s=100" width="100px;" alt="Justin Steven"/><br /><sub><b>Justin Steven</b></sub></a><br /><a href="#ideas-justinsteven" title="Ideas, Planning, & Feedback">🤔</a></td>
-      <td align="center"><a href="https://github.com/7047payloads"><img src="https://avatars.githubusercontent.com/u/95562424?v=4?s=100" width="100px;" alt="7047payloads"/><br /><sub><b>7047payloads</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=7047payloads" title="Code">💻</a></td>
-      <td align="center"><a href="https://github.com/unkn0wnsyst3m"><img src="https://avatars.githubusercontent.com/u/21272239?v=4?s=100" width="100px;" alt="unkn0wnsyst3m"/><br /><sub><b>unkn0wnsyst3m</b></sub></a><br /><a href="#ideas-unkn0wnsyst3m" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/hunter0x8"><img src="https://avatars.githubusercontent.com/u/46222314?v=4?s=100" width="100px;" alt="Muhammad Ahsan"/><br /><sub><b>Muhammad Ahsan</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Ahunter0x8" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/cortantief"><img src="https://avatars.githubusercontent.com/u/34527333?v=4?s=100" width="100px;" alt="cortantief"/><br /><sub><b>cortantief</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Acortantief" title="Bug reports">🐛</a> <a href="https://github.com/epi052/feroxbuster/commits?author=cortantief" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/dsaxton"><img src="https://avatars.githubusercontent.com/u/2658661?v=4?s=100" width="100px;" alt="Daniel Saxton"/><br /><sub><b>Daniel Saxton</b></sub></a><br /><a href="#ideas-dsaxton" title="Ideas, Planning, & Feedback">🤔</a> <a href="https://github.com/epi052/feroxbuster/commits?author=dsaxton" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/n0kovo"><img src="https://avatars.githubusercontent.com/u/16690056?v=4?s=100" width="100px;" alt="n0kovo"/><br /><sub><b>n0kovo</b></sub></a><br /><a href="#ideas-n0kovo" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://ring0.lol"><img src="https://avatars.githubusercontent.com/u/1893909?v=4?s=100" width="100px;" alt="Justin Steven"/><br /><sub><b>Justin Steven</b></sub></a><br /><a href="#ideas-justinsteven" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/7047payloads"><img src="https://avatars.githubusercontent.com/u/95562424?v=4?s=100" width="100px;" alt="7047payloads"/><br /><sub><b>7047payloads</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=7047payloads" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/unkn0wnsyst3m"><img src="https://avatars.githubusercontent.com/u/21272239?v=4?s=100" width="100px;" alt="unkn0wnsyst3m"/><br /><sub><b>unkn0wnsyst3m</b></sub></a><br /><a href="#ideas-unkn0wnsyst3m" title="Ideas, Planning, & Feedback">🤔</a></td>
    </tr>
    <tr>
-      <td align="center"><a href="https://ironwort.me/"><img src="https://avatars.githubusercontent.com/u/15280042?v=4?s=100" width="100px;" alt="0x08"/><br /><sub><b>0x08</b></sub></a><br /><a href="#ideas-its0x08" title="Ideas, Planning, & Feedback">🤔</a></td>
-      <td align="center"><a href="https://github.com/MD-Levitan"><img src="https://avatars.githubusercontent.com/u/12116508?v=4?s=100" width="100px;" alt="kusok"/><br /><sub><b>kusok</b></sub></a><br /><a href="#ideas-MD-Levitan" title="Ideas, Planning, & Feedback">🤔</a> <a href="https://github.com/epi052/feroxbuster/commits?author=MD-Levitan" title="Code">💻</a></td>
-      <td align="center"><a href="https://github.com/godylockz"><img src="https://avatars.githubusercontent.com/u/81207744?v=4?s=100" width="100px;" alt="godylockz"/><br /><sub><b>godylockz</b></sub></a><br /><a href="#ideas-godylockz" title="Ideas, Planning, & Feedback">🤔</a> <a href="https://github.com/epi052/feroxbuster/commits?author=godylockz" title="Code">💻</a></td>
-      <td align="center"><a href="http://ryanmontgomery.me"><img src="https://avatars.githubusercontent.com/u/44453666?v=4?s=100" width="100px;" alt="Ryan Montgomery"/><br /><sub><b>Ryan Montgomery</b></sub></a><br /><a href="#ideas-0dayCTF" title="Ideas, Planning, & Feedback">🤔</a></td>
-      <td align="center"><a href="https://github.com/IppSec"><img src="https://avatars.githubusercontent.com/u/24677271?v=4?s=100" width="100px;" alt="ippsec"/><br /><sub><b>ippsec</b></sub></a><br /><a href="#ideas-ippsec" title="Ideas, Planning, & Feedback">🤔</a></td>
-      <td align="center"><a href="https://github.com/gtjamesa"><img src="https://avatars.githubusercontent.com/u/2078364?v=4?s=100" width="100px;" alt="James"/><br /><sub><b>James</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Agtjamesa" title="Bug reports">🐛</a></td>
-      <td align="center"><a href="https://twitter.com/Jhaddix"><img src="https://avatars.githubusercontent.com/u/3488554?v=4?s=100" width="100px;" alt="Jason Haddix"/><br /><sub><b>Jason Haddix</b></sub></a><br /><a href="#ideas-jhaddix" title="Ideas, Planning, & Feedback">🤔</a> <a href="https://github.com/epi052/feroxbuster/issues?q=author%3Ajhaddix" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://ironwort.me/"><img src="https://avatars.githubusercontent.com/u/15280042?v=4?s=100" width="100px;" alt="0x08"/><br /><sub><b>0x08</b></sub></a><br /><a href="#ideas-its0x08" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/MD-Levitan"><img src="https://avatars.githubusercontent.com/u/12116508?v=4?s=100" width="100px;" alt="kusok"/><br /><sub><b>kusok</b></sub></a><br /><a href="#ideas-MD-Levitan" title="Ideas, Planning, & Feedback">🤔</a> <a href="https://github.com/epi052/feroxbuster/commits?author=MD-Levitan" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/godylockz"><img src="https://avatars.githubusercontent.com/u/81207744?v=4?s=100" width="100px;" alt="godylockz"/><br /><sub><b>godylockz</b></sub></a><br /><a href="#ideas-godylockz" title="Ideas, Planning, & Feedback">🤔</a> <a href="https://github.com/epi052/feroxbuster/commits?author=godylockz" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="http://ryanmontgomery.me"><img src="https://avatars.githubusercontent.com/u/44453666?v=4?s=100" width="100px;" alt="Ryan Montgomery"/><br /><sub><b>Ryan Montgomery</b></sub></a><br /><a href="#ideas-0dayCTF" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/IppSec"><img src="https://avatars.githubusercontent.com/u/24677271?v=4?s=100" width="100px;" alt="ippsec"/><br /><sub><b>ippsec</b></sub></a><br /><a href="#ideas-ippsec" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/gtjamesa"><img src="https://avatars.githubusercontent.com/u/2078364?v=4?s=100" width="100px;" alt="James"/><br /><sub><b>James</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Agtjamesa" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://twitter.com/Jhaddix"><img src="https://avatars.githubusercontent.com/u/3488554?v=4?s=100" width="100px;" alt="Jason Haddix"/><br /><sub><b>Jason Haddix</b></sub></a><br /><a href="#ideas-jhaddix" title="Ideas, Planning, & Feedback">🤔</a> <a href="https://github.com/epi052/feroxbuster/issues?q=author%3Ajhaddix" title="Bug reports">🐛</a></td>
    </tr>
    <tr>
-      <td align="center"><a href="https://github.com/ThisLimn0"><img src="https://avatars.githubusercontent.com/u/67125885?v=4?s=100" width="100px;" alt="Limn0"/><br /><sub><b>Limn0</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3AThisLimn0" title="Bug reports">🐛</a></td>
-      <td align="center"><a href="https://github.com/0xdf223"><img src="https://avatars.githubusercontent.com/u/76954092?v=4?s=100" width="100px;" alt="0xdf"/><br /><sub><b>0xdf</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3A0xdf223" title="Bug reports">🐛</a> <a href="#ideas-0xdf223" title="Ideas, Planning, & Feedback">🤔</a></td>
-      <td align="center"><a href="https://github.com/Flangyver"><img src="https://avatars.githubusercontent.com/u/59575870?v=4?s=100" width="100px;" alt="Flangyver"/><br /><sub><b>Flangyver</b></sub></a><br /><a href="#ideas-Flangyver" title="Ideas, Planning, & Feedback">🤔</a></td>
-      <td align="center"><a href="https://github.com/DonatoReis"><img src="https://avatars.githubusercontent.com/u/93531354?v=4?s=100" width="100px;" alt="PeakyBlinder"/><br /><sub><b>PeakyBlinder</b></sub></a><br /><a href="#ideas-DonatoReis" title="Ideas, Planning, & Feedback">🤔</a></td>
-      <td align="center"><a href="https://postmodern.github.io/"><img src="https://avatars.githubusercontent.com/u/12671?v=4?s=100" width="100px;" alt="Postmodern"/><br /><sub><b>Postmodern</b></sub></a><br /><a href="#ideas-postmodern" title="Ideas, Planning, & Feedback">🤔</a></td>
-      <td align="center"><a href="https://github.com/herrcykel"><img src="https://avatars.githubusercontent.com/u/1936757?v=4?s=100" width="100px;" alt="O"/><br /><sub><b>O</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=herrcykel" title="Code">💻</a></td>
-      <td align="center"><a href="http://udoprog.github.io/"><img src="https://avatars.githubusercontent.com/u/111092?v=4?s=100" width="100px;" alt="John-John Tedro"/><br /><sub><b>John-John Tedro</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=udoprog" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/ThisLimn0"><img src="https://avatars.githubusercontent.com/u/67125885?v=4?s=100" width="100px;" alt="Limn0"/><br /><sub><b>Limn0</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3AThisLimn0" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/0xdf223"><img src="https://avatars.githubusercontent.com/u/76954092?v=4?s=100" width="100px;" alt="0xdf"/><br /><sub><b>0xdf</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3A0xdf223" title="Bug reports">🐛</a> <a href="#ideas-0xdf223" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/Flangyver"><img src="https://avatars.githubusercontent.com/u/59575870?v=4?s=100" width="100px;" alt="Flangyver"/><br /><sub><b>Flangyver</b></sub></a><br /><a href="#ideas-Flangyver" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/DonatoReis"><img src="https://avatars.githubusercontent.com/u/93531354?v=4?s=100" width="100px;" alt="PeakyBlinder"/><br /><sub><b>PeakyBlinder</b></sub></a><br /><a href="#ideas-DonatoReis" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://postmodern.github.io/"><img src="https://avatars.githubusercontent.com/u/12671?v=4?s=100" width="100px;" alt="Postmodern"/><br /><sub><b>Postmodern</b></sub></a><br /><a href="#ideas-postmodern" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/herrcykel"><img src="https://avatars.githubusercontent.com/u/1936757?v=4?s=100" width="100px;" alt="O"/><br /><sub><b>O</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=herrcykel" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="http://udoprog.github.io/"><img src="https://avatars.githubusercontent.com/u/111092?v=4?s=100" width="100px;" alt="John-John Tedro"/><br /><sub><b>John-John Tedro</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=udoprog" title="Code">💻</a></td>
+    </tr>
+    <tr>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/kmanc"><img src="https://avatars.githubusercontent.com/u/14863147?v=4?s=100" width="100px;" alt="kmanc"/><br /><sub><b>kmanc</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Akmanc" title="Bug reports">🐛</a> <a href="https://github.com/epi052/feroxbuster/commits?author=kmanc" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/hakdogpinas"><img src="https://avatars.githubusercontent.com/u/71529469?v=4?s=100" width="100px;" alt="hakdogpinas"/><br /><sub><b>hakdogpinas</b></sub></a><br /><a href="#ideas-hakdogpinas" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/duokebei"><img src="https://avatars.githubusercontent.com/u/75022552?v=4?s=100" width="100px;" alt="多可悲"/><br /><sub><b>多可悲</b></sub></a><br /><a href="#ideas-duokebei" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://blog.ah34.net/"><img src="https://avatars.githubusercontent.com/u/58670593?v=4?s=100" width="100px;" alt="Aidan Hall"/><br /><sub><b>Aidan Hall</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=aidanhall34" title="Code">💻</a> <a href="#infra-aidanhall34" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://hachyderm.io/@JohnnyCiocca"><img src="https://avatars.githubusercontent.com/u/6473725?v=4?s=100" width="100px;" alt="João Ciocca"/><br /><sub><b>João Ciocca</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Ajoaociocca" title="Bug reports">🐛</a> <a href="#ideas-joaociocca" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/f3rn0s"><img src="https://avatars.githubusercontent.com/u/1351279?v=4?s=100" width="100px;" alt="f3rn0s"/><br /><sub><b>f3rn0s</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Af3rn0s" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://sth.sh"><img src="https://avatars.githubusercontent.com/u/2099767?v=4?s=100" width="100px;" alt="LongCat"/><br /><sub><b>LongCat</b></sub></a><br /><a href="#ideas-pich4ya" title="Ideas, Planning, & Feedback">🤔</a></td>
+    </tr>
+    <tr>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/xaeroborg"><img src="https://avatars.githubusercontent.com/u/33274680?v=4?s=100" width="100px;" alt="xaeroborg"/><br /><sub><b>xaeroborg</b></sub></a><br /><a href="#ideas-xaeroborg" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/Luoooio"><img src="https://avatars.githubusercontent.com/u/26653157?v=4?s=100" width="100px;" alt="Luoooio"/><br /><sub><b>Luoooio</b></sub></a><br /><a href="#ideas-Luoooio" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://petruknisme.com"><img src="https://avatars.githubusercontent.com/u/6284204?v=4?s=100" width="100px;" alt="Aan"/><br /><sub><b>Aan</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=aancw" title="Code">💻</a> <a href="#infra-aancw" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="#ideas-aancw" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/imBigo"><img src="https://avatars.githubusercontent.com/u/54672433?v=4?s=100" width="100px;" alt="Simon"/><br /><sub><b>Simon</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3AimBigo" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://acut3.github.io/"><img src="https://avatars.githubusercontent.com/u/17295243?v=4?s=100" width="100px;" alt="Nicolas Christin"/><br /><sub><b>Nicolas Christin</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Aacut3" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/DrorDvash"><img src="https://avatars.githubusercontent.com/u/8413651?v=4?s=100" width="100px;" alt="DrDv"/><br /><sub><b>DrDv</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3ADrorDvash" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/aroly"><img src="https://avatars.githubusercontent.com/u/1257705?v=4?s=100" width="100px;" alt="Antoine Roly"/><br /><sub><b>Antoine Roly</b></sub></a><br /><a href="#ideas-aroly" title="Ideas, Planning, & Feedback">🤔</a></td>
+    </tr>
+    <tr>
+      <td align="center" valign="top" width="14.28%"><a href="http://lavafroth.is-a.dev"><img src="https://avatars.githubusercontent.com/u/107522312?v=4?s=100" width="100px;" alt="Himadri Bhattacharjee"/><br /><sub><b>Himadri Bhattacharjee</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=lavafroth" title="Code">💻</a> <a href="#ideas-lavafroth" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/AkechiShiro"><img src="https://avatars.githubusercontent.com/u/14914796?v=4?s=100" width="100px;" alt="Samy Lahfa"/><br /><sub><b>Samy Lahfa</b></sub></a><br /><a href="#ideas-AkechiShiro" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/sectroyer"><img src="https://avatars.githubusercontent.com/u/6706818?v=4?s=100" width="100px;" alt="sectroyer"/><br /><sub><b>sectroyer</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Asectroyer" title="Bug reports">🐛</a> <a href="#ideas-sectroyer" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://medium.com/@b3rm1nG"><img src="https://avatars.githubusercontent.com/u/19836003?v=4?s=100" width="100px;" alt="ktecv2000"/><br /><sub><b>ktecv2000</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Aktecv2000" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="http://untrue.me"><img src="https://avatars.githubusercontent.com/u/56048157?v=4?s=100" width="100px;" alt="Andrea De Murtas"/><br /><sub><b>Andrea De Murtas</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/commits?author=andreademurtas" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/sawmj"><img src="https://avatars.githubusercontent.com/u/30024085?v=4?s=100" width="100px;" alt="sawmj"/><br /><sub><b>sawmj</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Asawmj" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/devx00"><img src="https://avatars.githubusercontent.com/u/6897405?v=4?s=100" width="100px;" alt="Zach Hanson"/><br /><sub><b>Zach Hanson</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Adevx00" title="Bug reports">🐛</a></td>
+    </tr>
+    <tr>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/ocervell"><img src="https://avatars.githubusercontent.com/u/9629314?v=4?s=100" width="100px;" alt="Olivier Cervello"/><br /><sub><b>Olivier Cervello</b></sub></a><br /><a href="#ideas-ocervell" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/RavySena"><img src="https://avatars.githubusercontent.com/u/67729597?v=4?s=100" width="100px;" alt="RavySena"/><br /><sub><b>RavySena</b></sub></a><br /><a href="#ideas-RavySena" title="Ideas, Planning, & Feedback">🤔</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/stuhlmann"><img src="https://avatars.githubusercontent.com/u/11061864?v=4?s=100" width="100px;" alt="Florian Stuhlmann"/><br /><sub><b>Florian Stuhlmann</b></sub></a><br /><a href="https://github.com/epi052/feroxbuster/issues?q=author%3Astuhlmann" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/Mister7F"><img src="https://avatars.githubusercontent.com/u/35213773?v=4?s=100" width="100px;" alt="Mister7F"/><br /><sub><b>Mister7F</b></sub></a><br /><a href="#ideas-Mister7F" title="Ideas, Planning, & Feedback">🤔</a></td>
    </tr>
  </tbody>
 </table>
--- a/build.rs
+++ b/build.rs
@@ -1,5 +1,5 @@
 use std::fs::{copy, create_dir_all, OpenOptions};
-use std::io::{Read, Seek, SeekFrom, Write};
+use std::io::{Read, Seek, Write};

 use clap_complete::{generate_to, shells};

@@ -30,7 +30,7 @@ fn main() {
    let mut bash_file = OpenOptions::new()
        .read(true)
        .write(true)
-        .open(format!("{}/feroxbuster.bash", outdir))
+        .open(format!("{outdir}/feroxbuster.bash"))
        .expect("Couldn't open bash completion script");

    bash_file
@@ -40,7 +40,7 @@ fn main() {
    contents = contents.replace("default feroxbuster", "default -o plusdirs feroxbuster");

    bash_file
-        .seek(SeekFrom::Start(0))
+        .rewind()
        .expect("Couldn't seek to position 0 in bash completion script");

    bash_file
--- a/choco_package/feroxbuster.nuspec
+++ b/choco_package/feroxbuster.nuspec
@@ -0,0 +1,79 @@
+<?xml version="1.0" encoding="utf-8"?>
+<package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
+  <metadata>
+    <id>feroxbuster</id>
+    <version>2.8.0</version>
+    <packageSourceUrl>https://github.com/epi052/feroxbuster/releases/</packageSourceUrl>
+    <owners>epi052</owners>
+    <title>feroxbuster (Install)</title>
+    <authors>epi052</authors>
+    <projectUrl>https://github.com/epi052/feroxbuster</projectUrl>
+    <iconUrl>https://rawcdn.githack.com/epi052/feroxbuster/2d381e7e057ce60c580b324dd36c9abaf30c2ec7/img/logo/logo.png</iconUrl>
+    <copyright>2020-2023</copyright>
+    <licenseUrl>https://github.com/epi052/feroxbuster/blob/main/LICENSE</licenseUrl>
+    <requireLicenseAcceptance>true</requireLicenseAcceptance>
+    <projectSourceUrl>https://github.com/epi052/feroxbuster</projectSourceUrl>
+    <docsUrl>https://epi052.github.io/feroxbuster-docs/docs/</docsUrl>
+    <!--<mailingListUrl></mailingListUrl>-->
+    <bugTrackerUrl>https://github.com/epi052/feroxbuster/issues</bugTrackerUrl>
+    <tags>content-discovery pentesting-tool url-bruteforcer</tags>
+    <summary>A simple, fast, recursive content discovery tool written in Rust</summary>
+    <description>
+    A simple, fast, recursive content discovery tool written in Rust
+[![Feroxbuster](https://github.com/epi052/feroxbuster/raw/main/img/logo/default-cropped.png)](https://github.com/epi052/feroxbuster)
+
+## What the heck is a ferox anyway?
+
+Ferox is short for Ferric Oxide. Ferric Oxide, simply put, is rust. The name rustbuster was taken, so I decided on a
+variation. 
+
+## What's it do tho?
+
+`feroxbuster` is a tool designed to perform [Forced Browsing](https://owasp.org/www-community/attacks/Forced_browsing).
+
+Forced browsing is an attack where the aim is to enumerate and access resources that are not referenced by the web
+application, but are still accessible by an attacker.
+
+`feroxbuster` uses brute force combined with a wordlist to search for unlinked content in target directories. These
+resources may store sensitive information about web applications and operational systems, such as source code,
+credentials, internal network addressing, etc...
+
+This attack is also known as Predictable Resource Location, File Enumeration, Directory Enumeration, and Resource
+Enumeration.
+
+## Quick Start
+
+This section will cover the minimum amount of information to get up and running with feroxbuster. Please refer the the [documentation](https://epi052.github.io/feroxbuster-docs/docs/), as it's much more comprehensive.
+
+### Installation
+
+There are quite a few other [installation methods](https://epi052.github.io/feroxbuster-docs/docs/installation/), but these snippets should cover the majority of users. 
+
+#### All others Docs
+
+Please refer the the [documentation](https://epi052.github.io/feroxbuster-docs/docs/).
+
+## Example Usage
+
+Here are a few brief examples to get you started.  Please note, feroxbuster can do a **lot more** than what's listed below.  As a result, there are **many more** examples, with **demonstration gifs** that highlight specific features, in the [documentation](https://epi052.github.io/feroxbuster-docs/docs/).
+
+### Multiple Values
+
+Options that take multiple values are very flexible. Consider the following ways of specifying extensions:
+
+```
+./feroxbuster -u http://127.1 -x pdf -x js,html -x php txt json,docx
+```
+
+The command above adds .pdf, .js, .html, .php, .txt, .json, and .docx to each url
+
+All of the methods above (multiple flags, space separated, comma separated, etc...) are valid and interchangeable. The
+same goes for urls, headers, status codes, queries, and size filters.
+</description>
+    <!-- <releaseNotes>__REPLACE_OR_REMOVE__MarkDown_Okay</releaseNotes> -->
+  </metadata>
+  <files>
+    <!-- this section controls what actually gets packaged into the Chocolatey package -->
+    <file src="tools\**" target="tools" />
+  </files>
+</package>
--- a/choco_package/legal/LICENSE.txt
+++ b/choco_package/legal/LICENSE.txt
@@ -0,0 +1,26 @@
+
+From: https://github.com/epi052/feroxbuster/blob/main/LICENSE
+
+LICENSE
+
+MIT License
+
+Copyright (c) 2020-2023 epi
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
--- a/choco_package/legal/VERIFICATION.txt
+++ b/choco_package/legal/VERIFICATION.txt
@@ -0,0 +1,5 @@
+
+VERIFICATION
+
+checksum -t sha512 -f .\x86-windows-feroxbuster.exe.zip
+checksum -t sha512 -f .\x86_64-windows-feroxbuster.exe.zip
--- a/choco_package/tools/chocolateyinstall.ps1
+++ b/choco_package/tools/chocolateyinstall.ps1
@@ -0,0 +1,27 @@
+$ErrorActionPreference = 'Stop' 
+
+$toolsDir   = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
+$version    = '2.8.0'
+$url        = "https://github.com/epi052/feroxbuster/releases/download/v$version/x86-windows-feroxbuster.exe.zip"
+$url64      = "https://github.com/epi052/feroxbuster/releases/download/v$version/x86_64-windows-feroxbuster.exe.zip"
+
+$packageArgs = @{
+  packageName   = $env:ChocolateyPackageName
+  unzipLocation = $toolsDir
+  fileType      = 'exe' #only one of these: exe, msi, msu
+  url           = $url
+  url64bit      = $url64
+  #file         = $fileLocation
+
+  softwareName  = 'feroxbuster*' 
+
+  # Checksums are now required as of 0.10.0.
+  # To determine checksums, you can get that from the original site if provided.
+  # You can also use checksum.exe (choco install checksum) and use it
+  # e.g. checksum -t sha256 -f path\to\file
+  checksum      = 'e5cac59c737260233903a17706a68bac11fe0d7a15169e1c5a9637cc221e7230fd6ddbfc1a7243833dde6472ad053c033449ca8338164654f7354363da54ba88'
+  checksumType  = 'sha512'
+  checksum64    = 'cce58d6eacef7e12c31076f5a00fee9742a4e3fdfc69d807d98736200e50469f77359978e137ecafd87b14460845c65c6808d1f8b23ae561f7e7c637e355dee3'
+  checksumType64= 'sha512'
+}
+Install-ChocolateyZipPackage @packageArgs # https://docs.chocolatey.org/en-us/create/functions/install-chocolateyzippackage
--- a/choco_package/tools/chocolateyuninstall.ps1
+++ b/choco_package/tools/chocolateyuninstall.ps1
@@ -0,0 +1,47 @@
+$ErrorActionPreference = 'Stop' # stop on all errors
+$packageArgs = @{
+  packageName   = $env:ChocolateyPackageName
+  softwareName  = 'feroxbuster*'  #part or all of the Display Name as you see it in Programs and Features. It should be enough to be unique
+  fileType      = 'exe' #only one of these: MSI or EXE (ignore MSU for now)
+}
+
+# Get-UninstallRegistryKey is new to 0.9.10, if supporting 0.9.9.x and below,
+# take a dependency on "chocolatey-core.extension" in your nuspec file.
+# This is only a fuzzy search if $softwareName includes '*'. Otherwise it is
+# exact. In the case of versions in key names, we recommend removing the version
+# and using '*'.
+[array]$key = Get-UninstallRegistryKey -SoftwareName $packageArgs['softwareName']
+
+if ($key.Count -eq 1) {
+  $key | % {
+    $packageArgs['file'] = "$($_.UninstallString)" #NOTE: You may need to split this if it contains spaces, see below
+
+    if ($packageArgs['fileType'] -eq 'MSI') {
+      # The Product Code GUID is all that should be passed for MSI, and very
+      # FIRST, because it comes directly after /x, which is already set in the
+      # Uninstall-ChocolateyPackage msiargs (facepalm).
+      $packageArgs['silentArgs'] = "$($_.PSChildName) $($packageArgs['silentArgs'])"
+
+      # Don't pass anything for file, it is ignored for msi (facepalm number 2)
+      # Alternatively if you need to pass a path to an msi, determine that and
+      # use it instead of the above in silentArgs, still very first
+      $packageArgs['file'] = ''
+    } else {
+      # NOTES:
+      # - You probably will need to sanitize $packageArgs['file'] as it comes from the registry and could be in a variety of fun but unusable formats
+      # - Split args from exe in $packageArgs['file'] and pass those args through $packageArgs['silentArgs'] or ignore them
+      # - Ensure you don't pass double quotes in $file (aka $packageArgs['file']) - otherwise you will get "Illegal characters in path when you attempt to run this"
+      # - Review the code for auto-uninstaller for all of the fun things it does in sanitizing - https://github.com/chocolatey/choco/blob/bfe351b7d10c798014efe4bfbb100b171db25099/src/chocolatey/infrastructure.app/services/AutomaticUninstallerService.cs#L142-L192
+    }
+
+    Uninstall-ChocolateyPackage @packageArgs
+  }
+} elseif ($key.Count -eq 0) {
+  Write-Warning "$packageName has already been uninstalled by other means."
+} elseif ($key.Count -gt 1) {
+  Write-Warning "$($key.Count) matches found!"
+  Write-Warning "To prevent accidental data loss, no programs will be uninstalled."
+  Write-Warning "Please alert package maintainer the following keys were matched:"
+  $key | % {Write-Warning "- $($_.DisplayName)"}
+}
+
--- a/ferox-config.toml.example
+++ b/ferox-config.toml.example
@@ -54,6 +54,9 @@
 # queries = [["name","value"], ["rick", "astley"]]
 # save_state = false
 # time_limit = "10m"
+# server_certs = ["/some/cert.pem", "/some/other/cert.pem"]
+# client_cert = "/some/client/cert.pem"
+# client_key = "/some/client/key.pem"

 # headers can be specified on multiple lines or as an inline table
 #
--- a/img/logo/logo.png
+++ b/img/logo/logo.png
--- a/install-nix.sh
+++ b/install-nix.sh
@@ -13,13 +13,13 @@ LIN64_URL="$BASE_URL/$LIN64_ZIP"

 EMOJI_URL=https://gist.github.com/epi052/8196b550ea51d0907ad4b93751b1b57d/raw/6112c9f32ae07922983fdc549c54fd3fb9a38e4c/NotoColorEmoji.ttf

-echo "[+] Installing feroxbuster!"
+INSTALL_DIR="${1:-$(pwd)}"
+
+echo "[+] Installing feroxbuster to ${INSTALL_DIR}!"

 which unzip &>/dev/null
-if [ "$?" = "0" ]; then
-  echo "[+] unzip found"
-else
-  echo "[ ] unzip not found, exiting. "
+if [ "$?" != "0" ]; then
+  echo "[!] unzip not found, exiting. "
  exit -1
 fi

@@ -27,20 +27,20 @@ if [[ "$(uname)" == "Darwin" ]]; then
  echo "[=] Found MacOS, downloading from $MAC_URL"

  curl -sLO "$MAC_URL"
-  unzip -o "$MAC_ZIP" >/dev/null
+  unzip -o "$MAC_ZIP" -d "${INSTALL_DIR}" >/dev/null
  rm "$MAC_ZIP"
 elif [[ "$(expr substr $(uname -s) 1 5)" == "Linux" ]]; then
  if [[ $(getconf LONG_BIT) == 32 ]]; then
    echo "[=] Found 32-bit Linux, downloading from $LIN32_URL"

    curl -sLO "$LIN32_URL"
-    unzip -o "$LIN32_ZIP" >/dev/null
+    unzip -o "$LIN32_ZIP" -d "${INSTALL_DIR}" >/dev/null
    rm "$LIN32_ZIP"
  else
    echo "[=] Found 64-bit Linux, downloading from $LIN64_URL"

    curl -sLO "$LIN64_URL"
-    unzip -o "$LIN64_ZIP" >/dev/null
+    unzip -o "$LIN64_ZIP" -d "${INSTALL_DIR}" >/dev/null
    rm "$LIN64_ZIP"
  fi

@@ -60,6 +60,8 @@ elif [[ "$(expr substr $(uname -s) 1 5)" == "Linux" ]]; then
  fi
 fi

-chmod +x ./feroxbuster
+chmod +x "${INSTALL_DIR}/feroxbuster"

-echo "[+] Installed feroxbuster version $(./feroxbuster -V)"
+echo "[+] Installed feroxbuster"
+echo "  [-] path: ${INSTALL_DIR}/feroxbuster"
+echo "  [-] version: $(${INSTALL_DIR}/feroxbuster -V | awk '{print $2}')"
--- a/shell_completions/_feroxbuster
+++ b/shell_completions/_feroxbuster
@@ -18,62 +18,67 @@ _feroxbuster() {
 '-u+[The target URL (required, unless \[--stdin || --resume-from\] used)]:URL:_urls' \
 '--url=[The target URL (required, unless \[--stdin || --resume-from\] used)]:URL:_urls' \
 '(-u --url)--resume-from=[State file from which to resume a partially complete scan (ex. --resume-from ferox-1606586780.state)]:STATE_FILE:_files' \
-'-p+[Proxy to use for requests (ex: http(s)://host:port, socks5(h)://host:port)]:PROXY:_urls' \
-'--proxy=[Proxy to use for requests (ex: http(s)://host:port, socks5(h)://host:port)]:PROXY:_urls' \
+'-p+[Proxy to use for requests (ex\: http(s)\://host\:port, socks5(h)\://host\:port)]:PROXY:_urls' \
+'--proxy=[Proxy to use for requests (ex\: http(s)\://host\:port, socks5(h)\://host\:port)]:PROXY:_urls' \
 '-P+[Send only unfiltered requests through a Replay Proxy, instead of all requests]:REPLAY_PROXY:_urls' \
 '--replay-proxy=[Send only unfiltered requests through a Replay Proxy, instead of all requests]:REPLAY_PROXY:_urls' \
-'*-R+[Status Codes to send through a Replay Proxy when found (default: --status-codes value)]:REPLAY_CODE: ' \
-'*--replay-codes=[Status Codes to send through a Replay Proxy when found (default: --status-codes value)]:REPLAY_CODE: ' \
-'-a+[Sets the User-Agent (default: feroxbuster/2.7.1)]:USER_AGENT: ' \
-'--user-agent=[Sets the User-Agent (default: feroxbuster/2.7.1)]:USER_AGENT: ' \
-'*-x+[File extension(s) to search for (ex: -x php -x pdf js)]:FILE_EXTENSION: ' \
-'*--extensions=[File extension(s) to search for (ex: -x php -x pdf js)]:FILE_EXTENSION: ' \
-'*-m+[Which HTTP request method(s) should be sent (default: GET)]:HTTP_METHODS: ' \
-'*--methods=[Which HTTP request method(s) should be sent (default: GET)]:HTTP_METHODS: ' \
-'--data=[Request'\''s Body; can read data from a file if input starts with an @ (ex: @post.bin)]:DATA: ' \
-'*-H+[Specify HTTP headers to be used in each request (ex: -H Header:val -H '\''stuff: things'\'')]:HEADER: ' \
-'*--headers=[Specify HTTP headers to be used in each request (ex: -H Header:val -H '\''stuff: things'\'')]:HEADER: ' \
-'*-b+[Specify HTTP cookies to be used in each request (ex: -b stuff=things)]:COOKIE: ' \
-'*--cookies=[Specify HTTP cookies to be used in each request (ex: -b stuff=things)]:COOKIE: ' \
-'*-Q+[Request'\''s URL query parameters (ex: -Q token=stuff -Q secret=key)]:QUERY: ' \
-'*--query=[Request'\''s URL query parameters (ex: -Q token=stuff -Q secret=key)]:QUERY: ' \
+'*-R+[Status Codes to send through a Replay Proxy when found (default\: --status-codes value)]:REPLAY_CODE: ' \
+'*--replay-codes=[Status Codes to send through a Replay Proxy when found (default\: --status-codes value)]:REPLAY_CODE: ' \
+'-a+[Sets the User-Agent (default\: feroxbuster/2.10.2)]:USER_AGENT: ' \
+'--user-agent=[Sets the User-Agent (default\: feroxbuster/2.10.2)]:USER_AGENT: ' \
+'*-x+[File extension(s) to search for (ex\: -x php -x pdf js); reads values (newline-separated) from file if input starts with an @ (ex\: @ext.txt)]:FILE_EXTENSION: ' \
+'*--extensions=[File extension(s) to search for (ex\: -x php -x pdf js); reads values (newline-separated) from file if input starts with an @ (ex\: @ext.txt)]:FILE_EXTENSION: ' \
+'*-m+[Which HTTP request method(s) should be sent (default\: GET)]:HTTP_METHODS: ' \
+'*--methods=[Which HTTP request method(s) should be sent (default\: GET)]:HTTP_METHODS: ' \
+'--data=[Request'\''s Body; can read data from a file if input starts with an @ (ex\: @post.bin)]:DATA: ' \
+'*-H+[Specify HTTP headers to be used in each request (ex\: -H Header\:val -H '\''stuff\: things'\'')]:HEADER: ' \
+'*--headers=[Specify HTTP headers to be used in each request (ex\: -H Header\:val -H '\''stuff\: things'\'')]:HEADER: ' \
+'*-b+[Specify HTTP cookies to be used in each request (ex\: -b stuff=things)]:COOKIE: ' \
+'*--cookies=[Specify HTTP cookies to be used in each request (ex\: -b stuff=things)]:COOKIE: ' \
+'*-Q+[Request'\''s URL query parameters (ex\: -Q token=stuff -Q secret=key)]:QUERY: ' \
+'*--query=[Request'\''s URL query parameters (ex\: -Q token=stuff -Q secret=key)]:QUERY: ' \
 '*--dont-scan=[URL(s) or Regex Pattern(s) to exclude from recursion/scans]:URL: ' \
-'*-S+[Filter out messages of a particular size (ex: -S 5120 -S 4927,1970)]:SIZE: ' \
-'*--filter-size=[Filter out messages of a particular size (ex: -S 5120 -S 4927,1970)]:SIZE: ' \
-'*-X+[Filter out messages via regular expression matching on the response'\''s body (ex: -X '\''^ignore me$'\'')]:REGEX: ' \
-'*--filter-regex=[Filter out messages via regular expression matching on the response'\''s body (ex: -X '\''^ignore me$'\'')]:REGEX: ' \
-'*-W+[Filter out messages of a particular word count (ex: -W 312 -W 91,82)]:WORDS: ' \
-'*--filter-words=[Filter out messages of a particular word count (ex: -W 312 -W 91,82)]:WORDS: ' \
-'*-N+[Filter out messages of a particular line count (ex: -N 20 -N 31,30)]:LINES: ' \
-'*--filter-lines=[Filter out messages of a particular line count (ex: -N 20 -N 31,30)]:LINES: ' \
-'(-s --status-codes)*-C+[Filter out status codes (deny list) (ex: -C 200 -C 401)]:STATUS_CODE: ' \
-'(-s --status-codes)*--filter-status=[Filter out status codes (deny list) (ex: -C 200 -C 401)]:STATUS_CODE: ' \
-'*--filter-similar-to=[Filter out pages that are similar to the given page (ex. --filter-similar-to http://site.xyz/soft404)]:UNWANTED_PAGE:_urls' \
-'*-s+[Status Codes to include (allow list) (default: 200 204 301 302 307 308 401 403 405)]:STATUS_CODE: ' \
-'*--status-codes=[Status Codes to include (allow list) (default: 200 204 301 302 307 308 401 403 405)]:STATUS_CODE: ' \
-'-T+[Number of seconds before a client'\''s request times out (default: 7)]:SECONDS: ' \
-'--timeout=[Number of seconds before a client'\''s request times out (default: 7)]:SECONDS: ' \
-'-t+[Number of concurrent threads (default: 50)]:THREADS: ' \
-'--threads=[Number of concurrent threads (default: 50)]:THREADS: ' \
-'-d+[Maximum recursion depth, a depth of 0 is infinite recursion (default: 4)]:RECURSION_DEPTH: ' \
-'--depth=[Maximum recursion depth, a depth of 0 is infinite recursion (default: 4)]:RECURSION_DEPTH: ' \
-'-L+[Limit total number of concurrent scans (default: 0, i.e. no limit)]:SCAN_LIMIT: ' \
-'--scan-limit=[Limit total number of concurrent scans (default: 0, i.e. no limit)]:SCAN_LIMIT: ' \
+'*-S+[Filter out messages of a particular size (ex\: -S 5120 -S 4927,1970)]:SIZE: ' \
+'*--filter-size=[Filter out messages of a particular size (ex\: -S 5120 -S 4927,1970)]:SIZE: ' \
+'*-X+[Filter out messages via regular expression matching on the response'\''s body (ex\: -X '\''^ignore me\$'\'')]:REGEX: ' \
+'*--filter-regex=[Filter out messages via regular expression matching on the response'\''s body (ex\: -X '\''^ignore me\$'\'')]:REGEX: ' \
+'*-W+[Filter out messages of a particular word count (ex\: -W 312 -W 91,82)]:WORDS: ' \
+'*--filter-words=[Filter out messages of a particular word count (ex\: -W 312 -W 91,82)]:WORDS: ' \
+'*-N+[Filter out messages of a particular line count (ex\: -N 20 -N 31,30)]:LINES: ' \
+'*--filter-lines=[Filter out messages of a particular line count (ex\: -N 20 -N 31,30)]:LINES: ' \
+'(-s --status-codes)*-C+[Filter out status codes (deny list) (ex\: -C 200 -C 401)]:STATUS_CODE: ' \
+'(-s --status-codes)*--filter-status=[Filter out status codes (deny list) (ex\: -C 200 -C 401)]:STATUS_CODE: ' \
+'*--filter-similar-to=[Filter out pages that are similar to the given page (ex. --filter-similar-to http\://site.xyz/soft404)]:UNWANTED_PAGE:_urls' \
+'*-s+[Status Codes to include (allow list) (default\: All Status Codes)]:STATUS_CODE: ' \
+'*--status-codes=[Status Codes to include (allow list) (default\: All Status Codes)]:STATUS_CODE: ' \
+'-T+[Number of seconds before a client'\''s request times out (default\: 7)]:SECONDS: ' \
+'--timeout=[Number of seconds before a client'\''s request times out (default\: 7)]:SECONDS: ' \
+'--server-certs=[Add custom root certificate(s) for servers with unknown certificates]:PEM|DER:_files' \
+'--client-cert=[Add a PEM encoded certificate for mutual authentication (mTLS)]:PEM:_files' \
+'--client-key=[Add a PEM encoded private key for mutual authentication (mTLS)]:PEM:_files' \
+'-t+[Number of concurrent threads (default\: 50)]:THREADS: ' \
+'--threads=[Number of concurrent threads (default\: 50)]:THREADS: ' \
+'-d+[Maximum recursion depth, a depth of 0 is infinite recursion (default\: 4)]:RECURSION_DEPTH: ' \
+'--depth=[Maximum recursion depth, a depth of 0 is infinite recursion (default\: 4)]:RECURSION_DEPTH: ' \
+'-L+[Limit total number of concurrent scans (default\: 0, i.e. no limit)]:SCAN_LIMIT: ' \
+'--scan-limit=[Limit total number of concurrent scans (default\: 0, i.e. no limit)]:SCAN_LIMIT: ' \
 '--parallel=[Run parallel feroxbuster instances (one child process per url passed via stdin)]:PARALLEL_SCANS: ' \
-'(--auto-tune)--rate-limit=[Limit number of requests per second (per directory) (default: 0, i.e. no limit)]:RATE_LIMIT: ' \
-'--time-limit=[Limit total run time of all scans (ex: --time-limit 10m)]:TIME_SPEC: ' \
-'-w+[Path to the wordlist]:FILE:_files' \
-'--wordlist=[Path to the wordlist]:FILE:_files' \
+'(--auto-tune)--rate-limit=[Limit number of requests per second (per directory) (default\: 0, i.e. no limit)]:RATE_LIMIT: ' \
+'--time-limit=[Limit total run time of all scans (ex\: --time-limit 10m)]:TIME_SPEC: ' \
+'-w+[Path or URL of the wordlist]:FILE:_files' \
+'--wordlist=[Path or URL of the wordlist]:FILE:_files' \
+'-B+[Automatically request likely backup extensions for "found" urls (default\: ~, .bak, .bak2, .old, .1)]' \
+'--collect-backups=[Automatically request likely backup extensions for "found" urls (default\: ~, .bak, .bak2, .old, .1)]' \
 '*-I+[File extension(s) to Ignore while collecting extensions (only used with --collect-extensions)]:FILE_EXTENSION: ' \
 '*--dont-collect=[File extension(s) to Ignore while collecting extensions (only used with --collect-extensions)]:FILE_EXTENSION: ' \
 '-o+[Output file to write results to (use w/ --json for JSON entries)]:FILE:_files' \
 '--output=[Output file to write results to (use w/ --json for JSON entries)]:FILE:_files' \
 '--debug-log=[Output file to write log entries (use w/ --json for JSON entries)]:FILE:_files' \
 '(-u --url)--stdin[Read url(s) from STDIN]' \
-'(-p --proxy -k --insecure --burp-replay)--burp[Set --proxy to http://127.0.0.1:8080 and set --insecure to true]' \
-'(-P --replay-proxy -k --insecure)--burp-replay[Set --replay-proxy to http://127.0.0.1:8080 and set --insecure to true]' \
-'--smart[Set --extract-links, --auto-tune, --collect-words, and --collect-backups to true]' \
-'--thorough[Use the same settings as --smart and set --collect-extensions to true]' \
+'(-p --proxy -k --insecure --burp-replay)--burp[Set --proxy to http\://127.0.0.1\:8080 and set --insecure to true]' \
+'(-P --replay-proxy -k --insecure)--burp-replay[Set --replay-proxy to http\://127.0.0.1\:8080 and set --insecure to true]' \
+'(--rate-limit --auto-bail)--smart[Set --auto-tune, --collect-words, and --collect-backups to true]' \
+'(--rate-limit --auto-bail)--thorough[Use the same settings as --smart and set --collect-extensions to true]' \
 '-A[Use a random User-Agent]' \
 '--random-agent[Use a random User-Agent]' \
 '-f[Append / to each request'\''s URL]' \
@@ -85,29 +90,30 @@ _feroxbuster() {
 '-n[Do not scan recursively]' \
 '--no-recursion[Do not scan recursively]' \
 '(-n --no-recursion)--force-recursion[Force recursion attempts on all '\''found'\'' endpoints (still respects recursion depth)]' \
-'-e[Extract links from response body (html, javascript, etc...); make new requests based on findings]' \
-'--extract-links[Extract links from response body (html, javascript, etc...); make new requests based on findings]' \
+'-e[Extract links from response body (html, javascript, etc...); make new requests based on findings (default\: true)]' \
+'--extract-links[Extract links from response body (html, javascript, etc...); make new requests based on findings (default\: true)]' \
+'--dont-extract-links[Don'\''t extract links from response body (html, javascript, etc...)]' \
 '(--auto-bail)--auto-tune[Automatically lower scan rate when an excessive amount of errors are encountered]' \
 '--auto-bail[Automatically stop scanning when an excessive amount of errors are encountered]' \
 '-D[Don'\''t auto-filter wildcard responses]' \
 '--dont-filter[Don'\''t auto-filter wildcard responses]' \
 '-E[Automatically discover extensions and add them to --extensions (unless they'\''re in --dont-collect)]' \
 '--collect-extensions[Automatically discover extensions and add them to --extensions (unless they'\''re in --dont-collect)]' \
-'-B[Automatically request likely backup extensions for "found" urls]' \
-'--collect-backups[Automatically request likely backup extensions for "found" urls]' \
 '-g[Automatically discover important words from within responses and add them to the wordlist]' \
 '--collect-words[Automatically discover important words from within responses and add them to the wordlist]' \
 '(--silent)*-v[Increase verbosity level (use -vv or more for greater effect. \[CAUTION\] 4 -v'\''s is probably too much)]' \
 '(--silent)*--verbosity[Increase verbosity level (use -vv or more for greater effect. \[CAUTION\] 4 -v'\''s is probably too much)]' \
-'(-q --quiet)--silent[Only print URLs + turn off logging (good for piping a list of urls to other commands)]' \
+'(-q --quiet)--silent[Only print URLs (or JSON w/ --json) + turn off logging (good for piping a list of urls to other commands)]' \
 '-q[Hide progress bars and banner (good for tmux windows w/ notifications)]' \
 '--quiet[Hide progress bars and banner (good for tmux windows w/ notifications)]' \
 '--json[Emit JSON logs to --output and --debug-log instead of normal text]' \
 '--no-state[Disable state output file (*.state)]' \
-'-h[Print help information (use `--help` for more detail)]' \
-'--help[Print help information (use `--help` for more detail)]' \
-'-V[Print version information]' \
-'--version[Print version information]' \
+'-U[Update feroxbuster to the latest version]' \
+'--update[Update feroxbuster to the latest version]' \
+'-h[Print help (see more with '\''--help'\'')]' \
+'--help[Print help (see more with '\''--help'\'')]' \
+'-V[Print version]' \
+'--version[Print version]' \
 && ret=0
 }

@@ -117,4 +123,8 @@ _feroxbuster_commands() {
    _describe -t commands 'feroxbuster commands' commands "$@"
 }

-_feroxbuster "$@"
+if [ "$funcstack[1]" = "_feroxbuster" ]; then
+    _feroxbuster "$@"
+else
+    compdef _feroxbuster feroxbuster
+fi
--- a/shell_completions/_feroxbuster.ps1
+++ b/shell_completions/_feroxbuster.ps1
@@ -26,51 +26,56 @@ Register-ArgumentCompleter -Native -CommandName 'feroxbuster' -ScriptBlock {
            [CompletionResult]::new('--resume-from', 'resume-from', [CompletionResultType]::ParameterName, 'State file from which to resume a partially complete scan (ex. --resume-from ferox-1606586780.state)')
            [CompletionResult]::new('-p', 'p', [CompletionResultType]::ParameterName, 'Proxy to use for requests (ex: http(s)://host:port, socks5(h)://host:port)')
            [CompletionResult]::new('--proxy', 'proxy', [CompletionResultType]::ParameterName, 'Proxy to use for requests (ex: http(s)://host:port, socks5(h)://host:port)')
-            [CompletionResult]::new('-P', 'P', [CompletionResultType]::ParameterName, 'Send only unfiltered requests through a Replay Proxy, instead of all requests')
+            [CompletionResult]::new('-P', 'P ', [CompletionResultType]::ParameterName, 'Send only unfiltered requests through a Replay Proxy, instead of all requests')
            [CompletionResult]::new('--replay-proxy', 'replay-proxy', [CompletionResultType]::ParameterName, 'Send only unfiltered requests through a Replay Proxy, instead of all requests')
-            [CompletionResult]::new('-R', 'R', [CompletionResultType]::ParameterName, 'Status Codes to send through a Replay Proxy when found (default: --status-codes value)')
+            [CompletionResult]::new('-R', 'R ', [CompletionResultType]::ParameterName, 'Status Codes to send through a Replay Proxy when found (default: --status-codes value)')
            [CompletionResult]::new('--replay-codes', 'replay-codes', [CompletionResultType]::ParameterName, 'Status Codes to send through a Replay Proxy when found (default: --status-codes value)')
-            [CompletionResult]::new('-a', 'a', [CompletionResultType]::ParameterName, 'Sets the User-Agent (default: feroxbuster/2.7.1)')
-            [CompletionResult]::new('--user-agent', 'user-agent', [CompletionResultType]::ParameterName, 'Sets the User-Agent (default: feroxbuster/2.7.1)')
-            [CompletionResult]::new('-x', 'x', [CompletionResultType]::ParameterName, 'File extension(s) to search for (ex: -x php -x pdf js)')
-            [CompletionResult]::new('--extensions', 'extensions', [CompletionResultType]::ParameterName, 'File extension(s) to search for (ex: -x php -x pdf js)')
+            [CompletionResult]::new('-a', 'a', [CompletionResultType]::ParameterName, 'Sets the User-Agent (default: feroxbuster/2.10.2)')
+            [CompletionResult]::new('--user-agent', 'user-agent', [CompletionResultType]::ParameterName, 'Sets the User-Agent (default: feroxbuster/2.10.2)')
+            [CompletionResult]::new('-x', 'x', [CompletionResultType]::ParameterName, 'File extension(s) to search for (ex: -x php -x pdf js); reads values (newline-separated) from file if input starts with an @ (ex: @ext.txt)')
+            [CompletionResult]::new('--extensions', 'extensions', [CompletionResultType]::ParameterName, 'File extension(s) to search for (ex: -x php -x pdf js); reads values (newline-separated) from file if input starts with an @ (ex: @ext.txt)')
            [CompletionResult]::new('-m', 'm', [CompletionResultType]::ParameterName, 'Which HTTP request method(s) should be sent (default: GET)')
            [CompletionResult]::new('--methods', 'methods', [CompletionResultType]::ParameterName, 'Which HTTP request method(s) should be sent (default: GET)')
            [CompletionResult]::new('--data', 'data', [CompletionResultType]::ParameterName, 'Request''s Body; can read data from a file if input starts with an @ (ex: @post.bin)')
-            [CompletionResult]::new('-H', 'H', [CompletionResultType]::ParameterName, 'Specify HTTP headers to be used in each request (ex: -H Header:val -H ''stuff: things'')')
+            [CompletionResult]::new('-H', 'H ', [CompletionResultType]::ParameterName, 'Specify HTTP headers to be used in each request (ex: -H Header:val -H ''stuff: things'')')
            [CompletionResult]::new('--headers', 'headers', [CompletionResultType]::ParameterName, 'Specify HTTP headers to be used in each request (ex: -H Header:val -H ''stuff: things'')')
            [CompletionResult]::new('-b', 'b', [CompletionResultType]::ParameterName, 'Specify HTTP cookies to be used in each request (ex: -b stuff=things)')
            [CompletionResult]::new('--cookies', 'cookies', [CompletionResultType]::ParameterName, 'Specify HTTP cookies to be used in each request (ex: -b stuff=things)')
-            [CompletionResult]::new('-Q', 'Q', [CompletionResultType]::ParameterName, 'Request''s URL query parameters (ex: -Q token=stuff -Q secret=key)')
+            [CompletionResult]::new('-Q', 'Q ', [CompletionResultType]::ParameterName, 'Request''s URL query parameters (ex: -Q token=stuff -Q secret=key)')
            [CompletionResult]::new('--query', 'query', [CompletionResultType]::ParameterName, 'Request''s URL query parameters (ex: -Q token=stuff -Q secret=key)')
            [CompletionResult]::new('--dont-scan', 'dont-scan', [CompletionResultType]::ParameterName, 'URL(s) or Regex Pattern(s) to exclude from recursion/scans')
-            [CompletionResult]::new('-S', 'S', [CompletionResultType]::ParameterName, 'Filter out messages of a particular size (ex: -S 5120 -S 4927,1970)')
+            [CompletionResult]::new('-S', 'S ', [CompletionResultType]::ParameterName, 'Filter out messages of a particular size (ex: -S 5120 -S 4927,1970)')
            [CompletionResult]::new('--filter-size', 'filter-size', [CompletionResultType]::ParameterName, 'Filter out messages of a particular size (ex: -S 5120 -S 4927,1970)')
-            [CompletionResult]::new('-X', 'X', [CompletionResultType]::ParameterName, 'Filter out messages via regular expression matching on the response''s body (ex: -X ''^ignore me$'')')
+            [CompletionResult]::new('-X', 'X ', [CompletionResultType]::ParameterName, 'Filter out messages via regular expression matching on the response''s body (ex: -X ''^ignore me$'')')
            [CompletionResult]::new('--filter-regex', 'filter-regex', [CompletionResultType]::ParameterName, 'Filter out messages via regular expression matching on the response''s body (ex: -X ''^ignore me$'')')
-            [CompletionResult]::new('-W', 'W', [CompletionResultType]::ParameterName, 'Filter out messages of a particular word count (ex: -W 312 -W 91,82)')
+            [CompletionResult]::new('-W', 'W ', [CompletionResultType]::ParameterName, 'Filter out messages of a particular word count (ex: -W 312 -W 91,82)')
            [CompletionResult]::new('--filter-words', 'filter-words', [CompletionResultType]::ParameterName, 'Filter out messages of a particular word count (ex: -W 312 -W 91,82)')
-            [CompletionResult]::new('-N', 'N', [CompletionResultType]::ParameterName, 'Filter out messages of a particular line count (ex: -N 20 -N 31,30)')
+            [CompletionResult]::new('-N', 'N ', [CompletionResultType]::ParameterName, 'Filter out messages of a particular line count (ex: -N 20 -N 31,30)')
            [CompletionResult]::new('--filter-lines', 'filter-lines', [CompletionResultType]::ParameterName, 'Filter out messages of a particular line count (ex: -N 20 -N 31,30)')
-            [CompletionResult]::new('-C', 'C', [CompletionResultType]::ParameterName, 'Filter out status codes (deny list) (ex: -C 200 -C 401)')
+            [CompletionResult]::new('-C', 'C ', [CompletionResultType]::ParameterName, 'Filter out status codes (deny list) (ex: -C 200 -C 401)')
            [CompletionResult]::new('--filter-status', 'filter-status', [CompletionResultType]::ParameterName, 'Filter out status codes (deny list) (ex: -C 200 -C 401)')
            [CompletionResult]::new('--filter-similar-to', 'filter-similar-to', [CompletionResultType]::ParameterName, 'Filter out pages that are similar to the given page (ex. --filter-similar-to http://site.xyz/soft404)')
-            [CompletionResult]::new('-s', 's', [CompletionResultType]::ParameterName, 'Status Codes to include (allow list) (default: 200 204 301 302 307 308 401 403 405)')
-            [CompletionResult]::new('--status-codes', 'status-codes', [CompletionResultType]::ParameterName, 'Status Codes to include (allow list) (default: 200 204 301 302 307 308 401 403 405)')
-            [CompletionResult]::new('-T', 'T', [CompletionResultType]::ParameterName, 'Number of seconds before a client''s request times out (default: 7)')
+            [CompletionResult]::new('-s', 's', [CompletionResultType]::ParameterName, 'Status Codes to include (allow list) (default: All Status Codes)')
+            [CompletionResult]::new('--status-codes', 'status-codes', [CompletionResultType]::ParameterName, 'Status Codes to include (allow list) (default: All Status Codes)')
+            [CompletionResult]::new('-T', 'T ', [CompletionResultType]::ParameterName, 'Number of seconds before a client''s request times out (default: 7)')
            [CompletionResult]::new('--timeout', 'timeout', [CompletionResultType]::ParameterName, 'Number of seconds before a client''s request times out (default: 7)')
+            [CompletionResult]::new('--server-certs', 'server-certs', [CompletionResultType]::ParameterName, 'Add custom root certificate(s) for servers with unknown certificates')
+            [CompletionResult]::new('--client-cert', 'client-cert', [CompletionResultType]::ParameterName, 'Add a PEM encoded certificate for mutual authentication (mTLS)')
+            [CompletionResult]::new('--client-key', 'client-key', [CompletionResultType]::ParameterName, 'Add a PEM encoded private key for mutual authentication (mTLS)')
            [CompletionResult]::new('-t', 't', [CompletionResultType]::ParameterName, 'Number of concurrent threads (default: 50)')
            [CompletionResult]::new('--threads', 'threads', [CompletionResultType]::ParameterName, 'Number of concurrent threads (default: 50)')
            [CompletionResult]::new('-d', 'd', [CompletionResultType]::ParameterName, 'Maximum recursion depth, a depth of 0 is infinite recursion (default: 4)')
            [CompletionResult]::new('--depth', 'depth', [CompletionResultType]::ParameterName, 'Maximum recursion depth, a depth of 0 is infinite recursion (default: 4)')
-            [CompletionResult]::new('-L', 'L', [CompletionResultType]::ParameterName, 'Limit total number of concurrent scans (default: 0, i.e. no limit)')
+            [CompletionResult]::new('-L', 'L ', [CompletionResultType]::ParameterName, 'Limit total number of concurrent scans (default: 0, i.e. no limit)')
            [CompletionResult]::new('--scan-limit', 'scan-limit', [CompletionResultType]::ParameterName, 'Limit total number of concurrent scans (default: 0, i.e. no limit)')
            [CompletionResult]::new('--parallel', 'parallel', [CompletionResultType]::ParameterName, 'Run parallel feroxbuster instances (one child process per url passed via stdin)')
            [CompletionResult]::new('--rate-limit', 'rate-limit', [CompletionResultType]::ParameterName, 'Limit number of requests per second (per directory) (default: 0, i.e. no limit)')
            [CompletionResult]::new('--time-limit', 'time-limit', [CompletionResultType]::ParameterName, 'Limit total run time of all scans (ex: --time-limit 10m)')
-            [CompletionResult]::new('-w', 'w', [CompletionResultType]::ParameterName, 'Path to the wordlist')
-            [CompletionResult]::new('--wordlist', 'wordlist', [CompletionResultType]::ParameterName, 'Path to the wordlist')
-            [CompletionResult]::new('-I', 'I', [CompletionResultType]::ParameterName, 'File extension(s) to Ignore while collecting extensions (only used with --collect-extensions)')
+            [CompletionResult]::new('-w', 'w', [CompletionResultType]::ParameterName, 'Path or URL of the wordlist')
+            [CompletionResult]::new('--wordlist', 'wordlist', [CompletionResultType]::ParameterName, 'Path or URL of the wordlist')
+            [CompletionResult]::new('-B', 'B ', [CompletionResultType]::ParameterName, 'Automatically request likely backup extensions for "found" urls (default: ~, .bak, .bak2, .old, .1)')
+            [CompletionResult]::new('--collect-backups', 'collect-backups', [CompletionResultType]::ParameterName, 'Automatically request likely backup extensions for "found" urls (default: ~, .bak, .bak2, .old, .1)')
+            [CompletionResult]::new('-I', 'I ', [CompletionResultType]::ParameterName, 'File extension(s) to Ignore while collecting extensions (only used with --collect-extensions)')
            [CompletionResult]::new('--dont-collect', 'dont-collect', [CompletionResultType]::ParameterName, 'File extension(s) to Ignore while collecting extensions (only used with --collect-extensions)')
            [CompletionResult]::new('-o', 'o', [CompletionResultType]::ParameterName, 'Output file to write results to (use w/ --json for JSON entries)')
            [CompletionResult]::new('--output', 'output', [CompletionResultType]::ParameterName, 'Output file to write results to (use w/ --json for JSON entries)')
@@ -78,9 +83,9 @@ Register-ArgumentCompleter -Native -CommandName 'feroxbuster' -ScriptBlock {
            [CompletionResult]::new('--stdin', 'stdin', [CompletionResultType]::ParameterName, 'Read url(s) from STDIN')
            [CompletionResult]::new('--burp', 'burp', [CompletionResultType]::ParameterName, 'Set --proxy to http://127.0.0.1:8080 and set --insecure to true')
            [CompletionResult]::new('--burp-replay', 'burp-replay', [CompletionResultType]::ParameterName, 'Set --replay-proxy to http://127.0.0.1:8080 and set --insecure to true')
-            [CompletionResult]::new('--smart', 'smart', [CompletionResultType]::ParameterName, 'Set --extract-links, --auto-tune, --collect-words, and --collect-backups to true')
+            [CompletionResult]::new('--smart', 'smart', [CompletionResultType]::ParameterName, 'Set --auto-tune, --collect-words, and --collect-backups to true')
            [CompletionResult]::new('--thorough', 'thorough', [CompletionResultType]::ParameterName, 'Use the same settings as --smart and set --collect-extensions to true')
-            [CompletionResult]::new('-A', 'A', [CompletionResultType]::ParameterName, 'Use a random User-Agent')
+            [CompletionResult]::new('-A', 'A ', [CompletionResultType]::ParameterName, 'Use a random User-Agent')
            [CompletionResult]::new('--random-agent', 'random-agent', [CompletionResultType]::ParameterName, 'Use a random User-Agent')
            [CompletionResult]::new('-f', 'f', [CompletionResultType]::ParameterName, 'Append / to each request''s URL')
            [CompletionResult]::new('--add-slash', 'add-slash', [CompletionResultType]::ParameterName, 'Append / to each request''s URL')
@@ -91,29 +96,30 @@ Register-ArgumentCompleter -Native -CommandName 'feroxbuster' -ScriptBlock {
            [CompletionResult]::new('-n', 'n', [CompletionResultType]::ParameterName, 'Do not scan recursively')
            [CompletionResult]::new('--no-recursion', 'no-recursion', [CompletionResultType]::ParameterName, 'Do not scan recursively')
            [CompletionResult]::new('--force-recursion', 'force-recursion', [CompletionResultType]::ParameterName, 'Force recursion attempts on all ''found'' endpoints (still respects recursion depth)')
-            [CompletionResult]::new('-e', 'e', [CompletionResultType]::ParameterName, 'Extract links from response body (html, javascript, etc...); make new requests based on findings')
-            [CompletionResult]::new('--extract-links', 'extract-links', [CompletionResultType]::ParameterName, 'Extract links from response body (html, javascript, etc...); make new requests based on findings')
+            [CompletionResult]::new('-e', 'e', [CompletionResultType]::ParameterName, 'Extract links from response body (html, javascript, etc...); make new requests based on findings (default: true)')
+            [CompletionResult]::new('--extract-links', 'extract-links', [CompletionResultType]::ParameterName, 'Extract links from response body (html, javascript, etc...); make new requests based on findings (default: true)')
+            [CompletionResult]::new('--dont-extract-links', 'dont-extract-links', [CompletionResultType]::ParameterName, 'Don''t extract links from response body (html, javascript, etc...)')
            [CompletionResult]::new('--auto-tune', 'auto-tune', [CompletionResultType]::ParameterName, 'Automatically lower scan rate when an excessive amount of errors are encountered')
            [CompletionResult]::new('--auto-bail', 'auto-bail', [CompletionResultType]::ParameterName, 'Automatically stop scanning when an excessive amount of errors are encountered')
-            [CompletionResult]::new('-D', 'D', [CompletionResultType]::ParameterName, 'Don''t auto-filter wildcard responses')
+            [CompletionResult]::new('-D', 'D ', [CompletionResultType]::ParameterName, 'Don''t auto-filter wildcard responses')
            [CompletionResult]::new('--dont-filter', 'dont-filter', [CompletionResultType]::ParameterName, 'Don''t auto-filter wildcard responses')
-            [CompletionResult]::new('-E', 'E', [CompletionResultType]::ParameterName, 'Automatically discover extensions and add them to --extensions (unless they''re in --dont-collect)')
+            [CompletionResult]::new('-E', 'E ', [CompletionResultType]::ParameterName, 'Automatically discover extensions and add them to --extensions (unless they''re in --dont-collect)')
            [CompletionResult]::new('--collect-extensions', 'collect-extensions', [CompletionResultType]::ParameterName, 'Automatically discover extensions and add them to --extensions (unless they''re in --dont-collect)')
-            [CompletionResult]::new('-B', 'B', [CompletionResultType]::ParameterName, 'Automatically request likely backup extensions for "found" urls')
-            [CompletionResult]::new('--collect-backups', 'collect-backups', [CompletionResultType]::ParameterName, 'Automatically request likely backup extensions for "found" urls')
            [CompletionResult]::new('-g', 'g', [CompletionResultType]::ParameterName, 'Automatically discover important words from within responses and add them to the wordlist')
            [CompletionResult]::new('--collect-words', 'collect-words', [CompletionResultType]::ParameterName, 'Automatically discover important words from within responses and add them to the wordlist')
            [CompletionResult]::new('-v', 'v', [CompletionResultType]::ParameterName, 'Increase verbosity level (use -vv or more for greater effect. [CAUTION] 4 -v''s is probably too much)')
            [CompletionResult]::new('--verbosity', 'verbosity', [CompletionResultType]::ParameterName, 'Increase verbosity level (use -vv or more for greater effect. [CAUTION] 4 -v''s is probably too much)')
-            [CompletionResult]::new('--silent', 'silent', [CompletionResultType]::ParameterName, 'Only print URLs + turn off logging (good for piping a list of urls to other commands)')
+            [CompletionResult]::new('--silent', 'silent', [CompletionResultType]::ParameterName, 'Only print URLs (or JSON w/ --json) + turn off logging (good for piping a list of urls to other commands)')
            [CompletionResult]::new('-q', 'q', [CompletionResultType]::ParameterName, 'Hide progress bars and banner (good for tmux windows w/ notifications)')
            [CompletionResult]::new('--quiet', 'quiet', [CompletionResultType]::ParameterName, 'Hide progress bars and banner (good for tmux windows w/ notifications)')
            [CompletionResult]::new('--json', 'json', [CompletionResultType]::ParameterName, 'Emit JSON logs to --output and --debug-log instead of normal text')
            [CompletionResult]::new('--no-state', 'no-state', [CompletionResultType]::ParameterName, 'Disable state output file (*.state)')
-            [CompletionResult]::new('-h', 'h', [CompletionResultType]::ParameterName, 'Print help information (use `--help` for more detail)')
-            [CompletionResult]::new('--help', 'help', [CompletionResultType]::ParameterName, 'Print help information (use `--help` for more detail)')
-            [CompletionResult]::new('-V', 'V', [CompletionResultType]::ParameterName, 'Print version information')
-            [CompletionResult]::new('--version', 'version', [CompletionResultType]::ParameterName, 'Print version information')
+            [CompletionResult]::new('-U', 'U ', [CompletionResultType]::ParameterName, 'Update feroxbuster to the latest version')
+            [CompletionResult]::new('--update', 'update', [CompletionResultType]::ParameterName, 'Update feroxbuster to the latest version')
+            [CompletionResult]::new('-h', 'h', [CompletionResultType]::ParameterName, 'Print help (see more with ''--help'')')
+            [CompletionResult]::new('--help', 'help', [CompletionResultType]::ParameterName, 'Print help (see more with ''--help'')')
+            [CompletionResult]::new('-V', 'V ', [CompletionResultType]::ParameterName, 'Print version')
+            [CompletionResult]::new('--version', 'version', [CompletionResultType]::ParameterName, 'Print version')
            break
        }
    })
--- a/shell_completions/feroxbuster.bash
+++ b/shell_completions/feroxbuster.bash
@@ -1,5 +1,5 @@
 _feroxbuster() {
-    local i cur prev opts cmds
+    local i cur prev opts cmd
    COMPREPLY=()
    cur="${COMP_WORDS[COMP_CWORD]}"
    prev="${COMP_WORDS[COMP_CWORD-1]}"
@@ -19,7 +19,7 @@ _feroxbuster() {

    case "${cmd}" in
        feroxbuster)
-            opts="-u -p -P -R -a -A -x -m -H -b -Q -f -S -X -W -N -C -s -T -r -k -t -n -d -e -L -w -D -E -B -g -I -v -q -o -h -V --url --stdin --resume-from --burp --burp-replay --smart --thorough --proxy --replay-proxy --replay-codes --user-agent --random-agent --extensions --methods --data --headers --cookies --query --add-slash --dont-scan --filter-size --filter-regex --filter-words --filter-lines --filter-status --filter-similar-to --status-codes --timeout --redirects --insecure --threads --no-recursion --depth --force-recursion --extract-links --scan-limit --parallel --rate-limit --time-limit --wordlist --auto-tune --auto-bail --dont-filter --collect-extensions --collect-backups --collect-words --dont-collect --verbosity --silent --quiet --json --output --debug-log --no-state --help --version"
+            opts="-u -p -P -R -a -A -x -m -H -b -Q -f -S -X -W -N -C -s -T -r -k -t -n -d -e -L -w -D -E -B -g -I -v -q -o -U -h -V --url --stdin --resume-from --burp --burp-replay --smart --thorough --proxy --replay-proxy --replay-codes --user-agent --random-agent --extensions --methods --data --headers --cookies --query --add-slash --dont-scan --filter-size --filter-regex --filter-words --filter-lines --filter-status --filter-similar-to --status-codes --timeout --redirects --insecure --server-certs --client-cert --client-key --threads --no-recursion --depth --force-recursion --extract-links --dont-extract-links --scan-limit --parallel --rate-limit --time-limit --wordlist --auto-tune --auto-bail --dont-filter --collect-extensions --collect-backups --collect-words --dont-collect --verbosity --silent --quiet --json --output --debug-log --no-state --update --help --version"
            if [[ ${cur} == -* || ${COMP_CWORD} -eq 1 ]] ; then
                COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") )
                return 0
@@ -177,6 +177,18 @@ _feroxbuster() {
                    COMPREPLY=($(compgen -f "${cur}"))
                    return 0
                    ;;
+                --server-certs)
+                    COMPREPLY=($(compgen -f "${cur}"))
+                    return 0
+                    ;;
+                --client-cert)
+                    COMPREPLY=($(compgen -f "${cur}"))
+                    return 0
+                    ;;
+                --client-key)
+                    COMPREPLY=($(compgen -f "${cur}"))
+                    return 0
+                    ;;
                --threads)
                    COMPREPLY=($(compgen -f "${cur}"))
                    return 0
@@ -221,6 +233,14 @@ _feroxbuster() {
                    COMPREPLY=($(compgen -f "${cur}"))
                    return 0
                    ;;
+                --collect-backups)
+                    COMPREPLY=($(compgen -f "${cur}"))
+                    return 0
+                    ;;
+                -B)
+                    COMPREPLY=($(compgen -f "${cur}"))
+                    return 0
+                    ;;
                --dont-collect)
                    COMPREPLY=($(compgen -f "${cur}"))
                    return 0
@@ -251,4 +271,8 @@ _feroxbuster() {
    esac
 }

-complete -F _feroxbuster -o bashdefault -o default -o plusdirs feroxbuster
+if [[ "${BASH_VERSINFO[0]}" -eq 4 && "${BASH_VERSINFO[1]}" -ge 4 || "${BASH_VERSINFO[0]}" -gt 4 ]]; then
+    complete -F _feroxbuster -o nosort -o bashdefault -o default -o plusdirs feroxbuster
+else
+    complete -F _feroxbuster -o bashdefault -o default -o plusdirs feroxbuster
+fi
--- a/shell_completions/feroxbuster.elv
+++ b/shell_completions/feroxbuster.elv
@@ -27,10 +27,10 @@ set edit:completion:arg-completer[feroxbuster] = {|@words|
            cand --replay-proxy 'Send only unfiltered requests through a Replay Proxy, instead of all requests'
            cand -R 'Status Codes to send through a Replay Proxy when found (default: --status-codes value)'
            cand --replay-codes 'Status Codes to send through a Replay Proxy when found (default: --status-codes value)'
-            cand -a 'Sets the User-Agent (default: feroxbuster/2.7.1)'
-            cand --user-agent 'Sets the User-Agent (default: feroxbuster/2.7.1)'
-            cand -x 'File extension(s) to search for (ex: -x php -x pdf js)'
-            cand --extensions 'File extension(s) to search for (ex: -x php -x pdf js)'
+            cand -a 'Sets the User-Agent (default: feroxbuster/2.10.2)'
+            cand --user-agent 'Sets the User-Agent (default: feroxbuster/2.10.2)'
+            cand -x 'File extension(s) to search for (ex: -x php -x pdf js); reads values (newline-separated) from file if input starts with an @ (ex: @ext.txt)'
+            cand --extensions 'File extension(s) to search for (ex: -x php -x pdf js); reads values (newline-separated) from file if input starts with an @ (ex: @ext.txt)'
            cand -m 'Which HTTP request method(s) should be sent (default: GET)'
            cand --methods 'Which HTTP request method(s) should be sent (default: GET)'
            cand --data 'Request''s Body; can read data from a file if input starts with an @ (ex: @post.bin)'
@@ -52,10 +52,13 @@ set edit:completion:arg-completer[feroxbuster] = {|@words|
            cand -C 'Filter out status codes (deny list) (ex: -C 200 -C 401)'
            cand --filter-status 'Filter out status codes (deny list) (ex: -C 200 -C 401)'
            cand --filter-similar-to 'Filter out pages that are similar to the given page (ex. --filter-similar-to http://site.xyz/soft404)'
-            cand -s 'Status Codes to include (allow list) (default: 200 204 301 302 307 308 401 403 405)'
-            cand --status-codes 'Status Codes to include (allow list) (default: 200 204 301 302 307 308 401 403 405)'
+            cand -s 'Status Codes to include (allow list) (default: All Status Codes)'
+            cand --status-codes 'Status Codes to include (allow list) (default: All Status Codes)'
            cand -T 'Number of seconds before a client''s request times out (default: 7)'
            cand --timeout 'Number of seconds before a client''s request times out (default: 7)'
+            cand --server-certs 'Add custom root certificate(s) for servers with unknown certificates'
+            cand --client-cert 'Add a PEM encoded certificate for mutual authentication (mTLS)'
+            cand --client-key 'Add a PEM encoded private key for mutual authentication (mTLS)'
            cand -t 'Number of concurrent threads (default: 50)'
            cand --threads 'Number of concurrent threads (default: 50)'
            cand -d 'Maximum recursion depth, a depth of 0 is infinite recursion (default: 4)'
@@ -65,8 +68,10 @@ set edit:completion:arg-completer[feroxbuster] = {|@words|
            cand --parallel 'Run parallel feroxbuster instances (one child process per url passed via stdin)'
            cand --rate-limit 'Limit number of requests per second (per directory) (default: 0, i.e. no limit)'
            cand --time-limit 'Limit total run time of all scans (ex: --time-limit 10m)'
-            cand -w 'Path to the wordlist'
-            cand --wordlist 'Path to the wordlist'
+            cand -w 'Path or URL of the wordlist'
+            cand --wordlist 'Path or URL of the wordlist'
+            cand -B 'Automatically request likely backup extensions for "found" urls (default: ~, .bak, .bak2, .old, .1)'
+            cand --collect-backups 'Automatically request likely backup extensions for "found" urls (default: ~, .bak, .bak2, .old, .1)'
            cand -I 'File extension(s) to Ignore while collecting extensions (only used with --collect-extensions)'
            cand --dont-collect 'File extension(s) to Ignore while collecting extensions (only used with --collect-extensions)'
            cand -o 'Output file to write results to (use w/ --json for JSON entries)'
@@ -75,7 +80,7 @@ set edit:completion:arg-completer[feroxbuster] = {|@words|
            cand --stdin 'Read url(s) from STDIN'
            cand --burp 'Set --proxy to http://127.0.0.1:8080 and set --insecure to true'
            cand --burp-replay 'Set --replay-proxy to http://127.0.0.1:8080 and set --insecure to true'
-            cand --smart 'Set --extract-links, --auto-tune, --collect-words, and --collect-backups to true'
+            cand --smart 'Set --auto-tune, --collect-words, and --collect-backups to true'
            cand --thorough 'Use the same settings as --smart and set --collect-extensions to true'
            cand -A 'Use a random User-Agent'
            cand --random-agent 'Use a random User-Agent'
@@ -88,29 +93,30 @@ set edit:completion:arg-completer[feroxbuster] = {|@words|
            cand -n 'Do not scan recursively'
            cand --no-recursion 'Do not scan recursively'
            cand --force-recursion 'Force recursion attempts on all ''found'' endpoints (still respects recursion depth)'
-            cand -e 'Extract links from response body (html, javascript, etc...); make new requests based on findings'
-            cand --extract-links 'Extract links from response body (html, javascript, etc...); make new requests based on findings'
+            cand -e 'Extract links from response body (html, javascript, etc...); make new requests based on findings (default: true)'
+            cand --extract-links 'Extract links from response body (html, javascript, etc...); make new requests based on findings (default: true)'
+            cand --dont-extract-links 'Don''t extract links from response body (html, javascript, etc...)'
            cand --auto-tune 'Automatically lower scan rate when an excessive amount of errors are encountered'
            cand --auto-bail 'Automatically stop scanning when an excessive amount of errors are encountered'
            cand -D 'Don''t auto-filter wildcard responses'
            cand --dont-filter 'Don''t auto-filter wildcard responses'
            cand -E 'Automatically discover extensions and add them to --extensions (unless they''re in --dont-collect)'
            cand --collect-extensions 'Automatically discover extensions and add them to --extensions (unless they''re in --dont-collect)'
-            cand -B 'Automatically request likely backup extensions for "found" urls'
-            cand --collect-backups 'Automatically request likely backup extensions for "found" urls'
            cand -g 'Automatically discover important words from within responses and add them to the wordlist'
            cand --collect-words 'Automatically discover important words from within responses and add them to the wordlist'
            cand -v 'Increase verbosity level (use -vv or more for greater effect. [CAUTION] 4 -v''s is probably too much)'
            cand --verbosity 'Increase verbosity level (use -vv or more for greater effect. [CAUTION] 4 -v''s is probably too much)'
-            cand --silent 'Only print URLs + turn off logging (good for piping a list of urls to other commands)'
+            cand --silent 'Only print URLs (or JSON w/ --json) + turn off logging (good for piping a list of urls to other commands)'
            cand -q 'Hide progress bars and banner (good for tmux windows w/ notifications)'
            cand --quiet 'Hide progress bars and banner (good for tmux windows w/ notifications)'
            cand --json 'Emit JSON logs to --output and --debug-log instead of normal text'
            cand --no-state 'Disable state output file (*.state)'
-            cand -h 'Print help information (use `--help` for more detail)'
-            cand --help 'Print help information (use `--help` for more detail)'
-            cand -V 'Print version information'
-            cand --version 'Print version information'
+            cand -U 'Update feroxbuster to the latest version'
+            cand --update 'Update feroxbuster to the latest version'
+            cand -h 'Print help (see more with ''--help'')'
+            cand --help 'Print help (see more with ''--help'')'
+            cand -V 'Print version'
+            cand --version 'Print version'
        }
    ]
    $completions[$command]
--- a/src/banner/container.rs
+++ b/src/banner/container.rs
@@ -1,14 +1,15 @@
 use super::entry::BannerEntry;
 use crate::{
+    client,
    config::Configuration,
    event_handlers::Handles,
-    utils::{logged_request, status_colorizer},
-    DEFAULT_IGNORED_EXTENSIONS, DEFAULT_METHOD, VERSION,
+    utils::{make_request, parse_url_with_raw_path, status_colorizer},
+    DEFAULT_IGNORED_EXTENSIONS, DEFAULT_METHOD, DEFAULT_STATUS_CODES, VERSION,
 };
 use anyhow::{bail, Result};
 use console::{style, Emoji};
-use reqwest::Url;
 use serde_json::Value;
+use std::collections::HashMap;
 use std::{io::Write, sync::Arc};

 /// Url used to query github's api; specifically used to look for the latest tagged release name
@@ -59,6 +60,15 @@ pub struct Banner {
    /// represents Configuration.proxy
    proxy: BannerEntry,

+    /// represents Configuration.client_key
+    client_key: BannerEntry,
+
+    /// represents Configuration.client_cert
+    client_cert: BannerEntry,
+
+    /// represents Configuration.server_certs
+    server_certs: BannerEntry,
+
    /// represents Configuration.replay_proxy
    replay_proxy: BannerEntry,

@@ -204,12 +214,25 @@ impl Banner {
            ));
        }

-        let mut codes = vec![];
-        for code in &config.status_codes {
-            codes.push(status_colorizer(&code.to_string()))
-        }
-        let status_codes =
-            BannerEntry::new("👌", "Status Codes", &format!("[{}]", codes.join(", ")));
+        // the +2 is for the 2 experimental status codes we add to the default list manually
+        let status_codes = if config.status_codes.len() == DEFAULT_STATUS_CODES.len() + 2 {
+            let all_str = format!(
+                "{} {} {}{}",
+                style("All").cyan(),
+                style("Status").green(),
+                style("Codes").yellow(),
+                style("!").red()
+            );
+            BannerEntry::new("👌", "Status Codes", &all_str)
+        } else {
+            let mut codes = vec![];
+
+            for code in &config.status_codes {
+                codes.push(status_colorizer(&code.to_string()))
+            }
+
+            BannerEntry::new("👌", "Status Codes", &format!("[{}]", codes.join(", ")))
+        };

        for code in &config.filter_status {
            code_filters.push(status_colorizer(&code.to_string()))
@@ -233,7 +256,7 @@ impl Banner {
            headers.push(BannerEntry::new(
                "🤯",
                "Header",
-                &format!("{}: {}", name, value),
+                &format!("{name}: {value}"),
            ));
        }

@@ -307,9 +330,16 @@ impl Banner {
            BannerEntry::new("🤘", "Force Recursion", &config.force_recursion.to_string());
        let replay_proxy = BannerEntry::new("🎥", "Replay Proxy", &config.replay_proxy);
        let auto_tune = BannerEntry::new("🎶", "Auto Tune", &config.auto_tune.to_string());
-        let auto_bail = BannerEntry::new("🪣", "Auto Bail", &config.auto_bail.to_string());
+        let auto_bail = BannerEntry::new("🙅", "Auto Bail", &config.auto_bail.to_string());
        let cfg = BannerEntry::new("💉", "Config File", &config.config);
        let proxy = BannerEntry::new("💎", "Proxy", &config.proxy);
+        let server_certs = BannerEntry::new(
+            "🏅",
+            "Server Certificates",
+            &format!("[{}]", config.server_certs.join(", ")),
+        );
+        let client_cert = BannerEntry::new("🏅", "Client Certificate", &config.client_cert);
+        let client_key = BannerEntry::new("🔑", "Client Key", &config.client_key);
        let threads = BannerEntry::new("🚀", "Threads", &config.threads.to_string());
        let wordlist = BannerEntry::new("📖", "Wordlist", &config.wordlist);
        let timeout = BannerEntry::new("💥", "Timeout (secs)", &config.timeout.to_string());
@@ -389,6 +419,9 @@ impl Banner {
            auto_bail,
            auto_tune,
            proxy,
+            client_cert,
+            client_key,
+            server_certs,
            replay_codes,
            replay_proxy,
            headers,
@@ -441,7 +474,7 @@ by Ben "epi" Risher {}                 ver: {}"#,

        let top = "───────────────────────────┬──────────────────────";

-        format!("{}\n{}", artwork, top)
+        format!("{artwork}\n{top}")
    }

    /// get a fancy footer for the banner
@@ -455,7 +488,7 @@ by Ben "epi" Risher {}                 ver: {}"#,
            style("Scan Management Menu").bright().yellow(),
        );

-        format!("{}\n{}\n{}", bottom, instructions, addl_section)
+        format!("{bottom}\n{instructions}\n{addl_section}")
    }

    /// Makes a request to the given url, expecting to receive a JSON response that contains a field
@@ -465,9 +498,36 @@ by Ben "epi" Risher {}                 ver: {}"#,
    pub async fn check_for_updates(&mut self, url: &str, handles: Arc<Handles>) -> Result<()> {
        log::trace!("enter: needs_update({}, {:?})", url, handles);

-        let api_url = Url::parse(url)?;
+        let api_url = parse_url_with_raw_path(url)?;
+
+        // we don't want to leak sensitive header info / include auth headers
+        // with the github api request, so we'll build a client specifically
+        // for this task. thanks to @stuhlmann for the suggestion!
+        let client = client::initialize(
+            handles.config.timeout,
+            "feroxbuster-update-check",
+            handles.config.redirects,
+            handles.config.insecure,
+            &HashMap::new(),
+            Some(&handles.config.proxy),
+            &handles.config.server_certs,
+            Some(&handles.config.client_cert),
+            Some(&handles.config.client_key),
+        )?;
+        let level = handles.config.output_level;
+        let tx_stats = handles.stats.tx.clone();
+
+        let result = make_request(
+            &client,
+            &api_url,
+            DEFAULT_METHOD,
+            None,
+            level,
+            &handles.config,
+            tx_stats,
+        )
+        .await?;

-        let result = logged_request(&api_url, DEFAULT_METHOD, None, handles.clone()).await?;
        let body = result.text().await?;

        let json_response: Value = serde_json::from_str(&body)?;
@@ -508,11 +568,11 @@ by Ben "epi" Risher {}                 ver: {}"#,

        // begin with always printed items
        for target in &self.targets {
-            writeln!(&mut writer, "{}", target)?;
+            writeln!(&mut writer, "{target}")?;
        }

        for denied_url in &self.url_denylist {
-            writeln!(&mut writer, "{}", denied_url)?;
+            writeln!(&mut writer, "{denied_url}")?;
        }

        writeln!(&mut writer, "{}", self.threads)?;
@@ -543,6 +603,18 @@ by Ben "epi" Risher {}                 ver: {}"#,
            writeln!(&mut writer, "{}", self.proxy)?;
        }

+        if !config.client_cert.is_empty() {
+            writeln!(&mut writer, "{}", self.client_cert)?;
+        }
+
+        if !config.client_key.is_empty() {
+            writeln!(&mut writer, "{}", self.client_key)?;
+        }
+
+        if !config.server_certs.is_empty() {
+            writeln!(&mut writer, "{}", self.server_certs)?;
+        }
+
        if !config.replay_proxy.is_empty() {
            // i include replay codes logic here because in config.rs, replay codes are set to the
            // value in status codes, meaning it's never empty
@@ -551,27 +623,27 @@ by Ben "epi" Risher {}                 ver: {}"#,
        }

        for header in &self.headers {
-            writeln!(&mut writer, "{}", header)?;
+            writeln!(&mut writer, "{header}")?;
        }

        for filter in &self.filter_size {
-            writeln!(&mut writer, "{}", filter)?;
+            writeln!(&mut writer, "{filter}")?;
        }

        for filter in &self.filter_similar {
-            writeln!(&mut writer, "{}", filter)?;
+            writeln!(&mut writer, "{filter}")?;
        }

        for filter in &self.filter_word_count {
-            writeln!(&mut writer, "{}", filter)?;
+            writeln!(&mut writer, "{filter}")?;
        }

        for filter in &self.filter_line_count {
-            writeln!(&mut writer, "{}", filter)?;
+            writeln!(&mut writer, "{filter}")?;
        }

        for filter in &self.filter_regex {
-            writeln!(&mut writer, "{}", filter)?;
+            writeln!(&mut writer, "{filter}")?;
        }

        if config.extract_links {
@@ -583,7 +655,7 @@ by Ben "epi" Risher {}                 ver: {}"#,
        }

        for query in &self.queries {
-            writeln!(&mut writer, "{}", query)?;
+            writeln!(&mut writer, "{query}")?;
        }

        if !config.output.is_empty() {
@@ -675,7 +747,7 @@ by Ben "epi" Risher {}                 ver: {}"#,
                "New Version Available",
                "https://github.com/epi052/feroxbuster/releases/latest",
            );
-            writeln!(&mut writer, "{}", update)?;
+            writeln!(&mut writer, "{update}")?;
        }

        writeln!(&mut writer, "{}", self.footer())?;
--- a/src/client.rs
+++ b/src/client.rs
@@ -1,19 +1,29 @@
-use anyhow::Result;
+use anyhow::{Context, Result};
 use reqwest::header::HeaderMap;
 use reqwest::{redirect::Policy, Client, Proxy};
 use std::collections::HashMap;
 use std::convert::TryInto;
+use std::path::Path;
 use std::time::Duration;

 /// Create and return an instance of [reqwest::Client](https://docs.rs/reqwest/latest/reqwest/struct.Client.html)
-pub fn initialize(
+/// For now, silence clippy for this one
+#[allow(clippy::too_many_arguments)]
+pub fn initialize<I>(
    timeout: u64,
    user_agent: &str,
    redirects: bool,
    insecure: bool,
    headers: &HashMap<String, String>,
    proxy: Option<&str>,
-) -> Result<Client> {
+    server_certs: I,
+    client_cert: Option<&str>,
+    client_key: Option<&str>,
+) -> Result<Client>
+where
+    I: IntoIterator,
+    I::Item: AsRef<Path> + std::fmt::Debug,
+{
    let policy = if redirects {
        Policy::limited(10)
    } else {
@@ -22,7 +32,7 @@ pub fn initialize(

    let header_map: HeaderMap = headers.try_into()?;

-    let client = Client::builder()
+    let mut client = Client::builder()
        .timeout(Duration::new(timeout, 0))
        .user_agent(user_agent)
        .danger_accept_invalid_certs(insecure)
@@ -34,7 +44,41 @@ pub fn initialize(
        if !some_proxy.is_empty() {
            // it's not an empty string; set the proxy
            let proxy_obj = Proxy::all(some_proxy)?;
-            return Ok(client.proxy(proxy_obj).build()?);
+            // just add the proxy to the client
+            // don't build and return it just yet
+            client = client.proxy(proxy_obj);
+        }
+    }
+
+    for cert_path in server_certs {
+        let buf = std::fs::read(&cert_path)?;
+
+        let cert = match reqwest::Certificate::from_pem(&buf) {
+            Ok(cert) => cert,
+            Err(err) => reqwest::Certificate::from_der(&buf).with_context(|| {
+                format!(
+                    "{:?} does not contain a valid PEM or DER certificate\n{}",
+                    &cert_path, err
+                )
+            })?,
+        };
+
+        client = client.add_root_certificate(cert);
+    }
+
+    if let (Some(cert_path), Some(key_path)) = (client_cert, client_key) {
+        if !cert_path.is_empty() && !key_path.is_empty() {
+            let cert = std::fs::read(cert_path)?;
+            let key = std::fs::read(key_path)?;
+
+            let identity = reqwest::Identity::from_pkcs8_pem(&cert, &key).with_context(|| {
+                format!(
+                    "either {} or {} are invalid; expecting PEM encoded certificate and key",
+                    cert_path, key_path
+                )
+            })?;
+
+            client = client.identity(identity);
        }
    }

@@ -50,7 +94,18 @@ mod tests {
    /// create client with a bad proxy, expect panic
    fn client_with_bad_proxy() {
        let headers = HashMap::new();
-        initialize(0, "stuff", true, false, &headers, Some("not a valid proxy")).unwrap();
+        initialize(
+            0,
+            "stuff",
+            true,
+            false,
+            &headers,
+            Some("not a valid proxy"),
+            Vec::<String>::new(),
+            None,
+            None,
+        )
+        .unwrap();
    }

    #[test]
@@ -58,6 +113,99 @@ mod tests {
    fn client_with_good_proxy() {
        let headers = HashMap::new();
        let proxy = "http://127.0.0.1:8080";
-        initialize(0, "stuff", true, true, &headers, Some(proxy)).unwrap();
+        initialize(
+            0,
+            "stuff",
+            true,
+            true,
+            &headers,
+            Some(proxy),
+            Vec::<String>::new(),
+            None,
+            None,
+        )
+        .unwrap();
+    }
+
+    #[test]
+    /// create client with a server cert in pem format, expect no error
+    fn client_with_valid_server_pem() {
+        let headers = HashMap::new();
+
+        initialize(
+            0,
+            "stuff",
+            true,
+            true,
+            &headers,
+            None,
+            vec!["tests/mutual-auth/certs/server/server.crt.1".to_string()],
+            None,
+            None,
+        )
+        .unwrap();
+    }
+
+    #[test]
+    /// create client with a server cert in der format, expect no error
+    fn client_with_valid_server_der() {
+        let headers = HashMap::new();
+
+        initialize(
+            0,
+            "stuff",
+            true,
+            true,
+            &headers,
+            None,
+            vec!["tests/mutual-auth/certs/server/server.der".to_string()],
+            None,
+            None,
+        )
+        .unwrap();
+    }
+
+    #[test]
+    /// create client with two server certs (pem and der), expect no error
+    fn client_with_valid_server_pem_and_der() {
+        let headers = HashMap::new();
+
+        println!("{}", std::env::current_dir().unwrap().display());
+
+        initialize(
+            0,
+            "stuff",
+            true,
+            true,
+            &headers,
+            None,
+            vec![
+                "tests/mutual-auth/certs/server/server.crt.1".to_string(),
+                "tests/mutual-auth/certs/server/server.der".to_string(),
+            ],
+            None,
+            None,
+        )
+        .unwrap();
+    }
+
+    /// create client with invalid certificate, expect panic
+    #[test]
+    #[should_panic]
+    fn client_with_invalid_server_cert() {
+        let headers = HashMap::new();
+
+        initialize(
+            0,
+            "stuff",
+            true,
+            true,
+            &headers,
+            None,
+            vec!["tests/mutual-auth/certs/client/client.key".to_string()],
+            None,
+            None,
+        )
+        .unwrap();
    }
 }
--- a/src/config/container.rs
+++ b/src/config/container.rs
@@ -1,11 +1,15 @@
 use super::utils::{
-    depth, ignored_extensions, methods, report_and_exit, save_state, serialized_type, status_codes,
-    threads, timeout, user_agent, wordlist, OutputLevel, RequesterPolicy,
+    backup_extensions, depth, extract_links, ignored_extensions, methods, report_and_exit,
+    save_state, serialized_type, status_codes, threads, timeout, user_agent, wordlist, OutputLevel,
+    RequesterPolicy,
 };
 use crate::config::determine_output_level;
 use crate::config::utils::determine_requester_policy;
 use crate::{
-    client, parser, scan_manager::resume_scan, traits::FeroxSerialize, utils::fmt_err,
+    client, parser,
+    scan_manager::resume_scan,
+    traits::FeroxSerialize,
+    utils::{fmt_err, parse_url_with_raw_path},
    DEFAULT_CONFIG_NAME,
 };
 use anyhow::{anyhow, Context, Result};
@@ -100,6 +104,18 @@ pub struct Configuration {
    #[serde(default)]
    pub replay_proxy: String,

+    /// Path to a custom root certificate for connecting to servers with a self-signed certificate
+    #[serde(default)]
+    pub server_certs: Vec<String>,
+
+    /// Path to a client's PEM encoded X509 certificate used during mutual authentication
+    #[serde(default)]
+    pub client_cert: String,
+
+    /// Path to a client's PEM encoded PKSC #8 private key used during mutual authentication
+    #[serde(default)]
+    pub client_key: String,
+
    /// The target URL
    #[serde(default)]
    pub target_url: String,
@@ -214,7 +230,7 @@ pub struct Configuration {
    pub no_recursion: bool,

    /// Extract links from html/javscript
-    #[serde(default)]
+    #[serde(default = "extract_links")]
    pub extract_links: bool,

    /// Append / to each request
@@ -302,6 +318,9 @@ pub struct Configuration {
    #[serde(default)]
    pub collect_backups: bool,

+    #[serde(default = "backup_extensions")]
+    pub backup_extensions: Vec<String>,
+
    /// Automatically discover important words from within responses and add them to the wordlist
    #[serde(default)]
    pub collect_words: bool,
@@ -309,6 +328,10 @@ pub struct Configuration {
    /// override recursion logic to always attempt recursion, still respects --depth
    #[serde(default)]
    pub force_recursion: bool,
+
+    /// Auto update app feature
+    #[serde(skip)]
+    pub update_app: bool,
 }

 impl Default for Configuration {
@@ -316,14 +339,25 @@ impl Default for Configuration {
    fn default() -> Self {
        let timeout = timeout();
        let user_agent = user_agent();
-        let client = client::initialize(timeout, &user_agent, false, false, &HashMap::new(), None)
-            .expect("Could not build client");
+        let client = client::initialize(
+            timeout,
+            &user_agent,
+            false,
+            false,
+            &HashMap::new(),
+            None,
+            Vec::<String>::new(),
+            None,
+            None,
+        )
+        .expect("Could not build client");
        let replay_client = None;
        let status_codes = status_codes();
        let replay_codes = status_codes.clone();
        let kind = serialized_type();
        let output_level = OutputLevel::Default;
        let requester_policy = RequesterPolicy::Default;
+        let extract_links = extract_links();

        Configuration {
            kind,
@@ -332,6 +366,7 @@ impl Default for Configuration {
            user_agent,
            replay_codes,
            status_codes,
+            extract_links,
            replay_client,
            requester_policy,
            dont_filter: false,
@@ -351,14 +386,16 @@ impl Default for Configuration {
            insecure: false,
            redirects: false,
            no_recursion: false,
-            extract_links: false,
            random_agent: false,
            collect_extensions: false,
            collect_backups: false,
            collect_words: false,
            save_state: true,
            force_recursion: false,
+            update_app: false,
            proxy: String::new(),
+            client_cert: String::new(),
+            client_key: String::new(),
            config: String::new(),
            output: String::new(),
            debug_log: String::new(),
@@ -366,6 +403,7 @@ impl Default for Configuration {
            time_limit: String::new(),
            resume_from: String::new(),
            replay_proxy: String::new(),
+            server_certs: Vec::new(),
            queries: Vec::new(),
            extensions: Vec::new(),
            methods: methods(),
@@ -383,6 +421,7 @@ impl Default for Configuration {
            threads: threads(),
            wordlist: wordlist(),
            dont_collect: ignored_extensions(),
+            backup_extensions: backup_extensions(),
        }
    }
 }
@@ -393,7 +432,7 @@ impl Configuration {
    ///
    /// - **timeout**: `5` seconds
    /// - **redirects**: `false`
-    /// - **extract-links**: `false`
+    /// - **extract_links**: `true`
    /// - **wordlist**: [`DEFAULT_WORDLIST`](constant.DEFAULT_WORDLIST.html)
    /// - **config**: `None`
    /// - **threads**: `50`
@@ -415,6 +454,7 @@ impl Configuration {
    /// - **extensions**: `None`
    /// - **collect_extensions**: `false`
    /// - **collect_backups**: `false`
+    /// - **backup_extensions**: [`DEFAULT_BACKUP_EXTENSIONS`](constant.DEFAULT_BACKUP_EXTENSIONS.html)
    /// - **collect_words**: `false`
    /// - **dont_collect**: [`DEFAULT_IGNORED_EXTENSIONS`](constant.DEFAULT_RESPONSE_CODES.html)
    /// - **methods**: [`DEFAULT_METHOD`](constant.DEFAULT_METHOD.html)
@@ -441,6 +481,7 @@ impl Configuration {
    /// - **time_limit**: `None` (no limit on length of scan imposed)
    /// - **replay_proxy**: `None` (no limit on concurrent scans imposed)
    /// - **replay_codes**: [`DEFAULT_RESPONSE_CODES`](constant.DEFAULT_RESPONSE_CODES.html)
+    /// - **update_app**: `false`
    ///
    /// After which, any values defined in a
    /// [ferox-config.toml](constant.DEFAULT_CONFIG_NAME.html) config file will override the
@@ -619,9 +660,27 @@ impl Configuration {
        }

        if let Some(arg) = args.get_many::<String>("extensions") {
-            config.extensions = arg
-                .map(|val| val.trim_start_matches('.').to_string())
-                .collect();
+            let mut extensions = Vec::<String>::new();
+            for ext in arg {
+                if let Some(stripped) = ext.strip_prefix('@') {
+                    let contents = read_to_string(stripped)
+                        .unwrap_or_else(|e| report_and_exit(&e.to_string()));
+                    let exts_from_file = contents.split('\n').filter_map(|s| {
+                        let trimmed = s.trim().trim_start_matches('.');
+
+                        if trimmed.is_empty() || trimmed.starts_with('#') {
+                            None
+                        } else {
+                            Some(trimmed.to_string())
+                        }
+                    });
+
+                    extensions.extend(exts_from_file);
+                } else {
+                    extensions.push(ext.trim().trim_start_matches('.').to_string());
+                }
+            }
+            config.extensions = extensions;
        }

        if let Some(arg) = args.get_many::<String>("dont_collect") {
@@ -665,7 +724,7 @@ impl Configuration {
            for denier in arg {
                // could be an absolute url or a regex, need to determine which and populate the
                // appropriate vector
-                match Url::parse(denier.trim_end_matches('/')) {
+                match parse_url_with_raw_path(denier.trim_end_matches('/')) {
                    Ok(absolute) => {
                        // denier is an absolute url and can be parsed as such
                        config.url_denylist.push(absolute);
@@ -740,7 +799,11 @@ impl Configuration {
            // if the line below is outside of the if, we'd overwrite true with
            // false if no --silent is used on the command line
            config.silent = true;
-            config.output_level = OutputLevel::Silent;
+            config.output_level = if config.json {
+                OutputLevel::SilentJSON
+            } else {
+                OutputLevel::Silent
+            };
        }

        if came_from_cli!(args, "quiet") {
@@ -778,6 +841,20 @@ impl Configuration {
            || came_from_cli!(args, "thorough")
        {
            config.collect_backups = true;
+            config.backup_extensions = backup_extensions();
+
+            if came_from_cli!(args, "collect_backups") {
+                if let Some(arg) = args.get_many::<String>("collect_backups") {
+                    let backup_exts = arg
+                        .map(|ext| ext.trim().to_string())
+                        .collect::<Vec<String>>();
+
+                    if !backup_exts.is_empty() {
+                        // have at least one cli backup, override the defaults
+                        config.backup_extensions = backup_exts;
+                    }
+                }
+            }
        }

        if came_from_cli!(args, "collect_words")
@@ -790,7 +867,7 @@ impl Configuration {
        if args.get_count("verbosity") > 0 {
            // occurrences_of returns 0 if none are found; this is protected in
            // an if block for the same reason as the quiet option
-            config.verbosity = args.get_count("verbosity") as u8;
+            config.verbosity = args.get_count("verbosity");
        }

        if came_from_cli!(args, "no_recursion") {
@@ -801,11 +878,8 @@ impl Configuration {
            config.add_slash = true;
        }

-        if came_from_cli!(args, "extract_links")
-            || came_from_cli!(args, "smart")
-            || came_from_cli!(args, "thorough")
-        {
-            config.extract_links = true;
+        if came_from_cli!(args, "dont_extract_links") {
+            config.extract_links = false;
        }

        if came_from_cli!(args, "json") {
@@ -816,10 +890,16 @@ impl Configuration {
            config.force_recursion = true;
        }

+        if came_from_cli!(args, "update_app") {
+            config.update_app = true;
+        }
+
        ////
        // organizational breakpoint; all options below alter the Client configuration
        ////
        update_config_if_present!(&mut config.proxy, args, "proxy", String);
+        update_config_if_present!(&mut config.client_cert, args, "client_cert", String);
+        update_config_if_present!(&mut config.client_key, args, "client_key", String);
        update_config_if_present!(&mut config.replay_proxy, args, "replay_proxy", String);
        update_config_if_present!(&mut config.user_agent, args, "user_agent", String);
        update_config_with_num_type_if_present!(&mut config.timeout, args, "timeout", u64);
@@ -890,6 +970,12 @@ impl Configuration {
            }
        }

+        if let Some(certs) = args.get_many::<String>("server_certs") {
+            for val in certs {
+                config.server_certs.push(val.to_string());
+            }
+        }
+
        config
    }

@@ -897,35 +983,53 @@ impl Configuration {
    /// either the config file or command line arguments; if we have, we need to rebuild
    /// the client and store it in the config struct
    fn try_rebuild_clients(configuration: &mut Configuration) {
-        if !configuration.proxy.is_empty()
+        // check if the proxy and certificate fields are empty
+        // and parse them into Some or None variants ahead of time
+        // so we may use the is_some method on them instead of
+        // multiple initializations
+        let proxy = if configuration.proxy.is_empty() {
+            None
+        } else {
+            Some(configuration.proxy.as_str())
+        };
+
+        let server_certs = &configuration.server_certs;
+
+        let client_cert = if configuration.client_cert.is_empty() {
+            None
+        } else {
+            Some(configuration.client_cert.as_str())
+        };
+
+        let client_key = if configuration.client_key.is_empty() {
+            None
+        } else {
+            Some(configuration.client_key.as_str())
+        };
+
+        if proxy.is_some()
            || configuration.timeout != timeout()
            || configuration.user_agent != user_agent()
            || configuration.redirects
            || configuration.insecure
            || !configuration.headers.is_empty()
            || configuration.resumed
+            || !server_certs.is_empty()
+            || client_cert.is_some()
+            || client_key.is_some()
        {
-            if configuration.proxy.is_empty() {
-                configuration.client = client::initialize(
-                    configuration.timeout,
-                    &configuration.user_agent,
-                    configuration.redirects,
-                    configuration.insecure,
-                    &configuration.headers,
-                    None,
-                )
-                .expect("Could not rebuild client")
-            } else {
-                configuration.client = client::initialize(
-                    configuration.timeout,
-                    &configuration.user_agent,
-                    configuration.redirects,
-                    configuration.insecure,
-                    &configuration.headers,
-                    Some(&configuration.proxy),
-                )
-                .expect("Could not rebuild client")
-            }
+            configuration.client = client::initialize(
+                configuration.timeout,
+                &configuration.user_agent,
+                configuration.redirects,
+                configuration.insecure,
+                &configuration.headers,
+                proxy,
+                server_certs,
+                client_cert,
+                client_key,
+            )
+            .expect("Could not rebuild client");
        }

        if !configuration.replay_proxy.is_empty() {
@@ -938,6 +1042,9 @@ impl Configuration {
                    configuration.insecure,
                    &configuration.headers,
                    Some(&configuration.replay_proxy),
+                    server_certs,
+                    client_cert,
+                    client_key,
                )
                .expect("Could not rebuild client"),
            );
@@ -946,7 +1053,7 @@ impl Configuration {

    /// Given a configuration file's location and an instance of `Configuration`, read in
    /// the config file if found and update the current settings with the settings found therein
-    fn parse_and_merge_config(config_file: PathBuf, mut config: &mut Self) -> Result<()> {
+    fn parse_and_merge_config(config_file: PathBuf, config: &mut Self) -> Result<()> {
        if config_file.exists() {
            // save off a string version of the path before it goes out of scope
            let conf_str = config_file.to_str().unwrap_or("").to_string();
@@ -972,6 +1079,14 @@ impl Configuration {
        update_if_not_default!(&mut conf.target_url, new.target_url, "");
        update_if_not_default!(&mut conf.time_limit, new.time_limit, "");
        update_if_not_default!(&mut conf.proxy, new.proxy, "");
+        update_if_not_default!(
+            &mut conf.server_certs,
+            new.server_certs,
+            Vec::<String>::new()
+        );
+        update_if_not_default!(&mut conf.json, new.json, false);
+        update_if_not_default!(&mut conf.client_cert, new.client_cert, "");
+        update_if_not_default!(&mut conf.client_key, new.client_key, "");
        update_if_not_default!(&mut conf.verbosity, new.verbosity, 0);
        update_if_not_default!(&mut conf.silent, new.silent, false);
        update_if_not_default!(&mut conf.quiet, new.quiet, false);
@@ -981,17 +1096,18 @@ impl Configuration {
        update_if_not_default!(&mut conf.collect_backups, new.collect_backups, false);
        update_if_not_default!(&mut conf.collect_words, new.collect_words, false);
        // use updated quiet/silent values to determine output level; same for requester policy
-        conf.output_level = determine_output_level(conf.quiet, conf.silent);
+        conf.output_level = determine_output_level(conf.quiet, conf.silent, conf.json);
        conf.requester_policy = determine_requester_policy(conf.auto_tune, conf.auto_bail);
        update_if_not_default!(&mut conf.output, new.output, "");
        update_if_not_default!(&mut conf.redirects, new.redirects, false);
        update_if_not_default!(&mut conf.insecure, new.insecure, false);
        update_if_not_default!(&mut conf.force_recursion, new.force_recursion, false);
-        update_if_not_default!(&mut conf.extract_links, new.extract_links, false);
+        update_if_not_default!(&mut conf.extract_links, new.extract_links, extract_links());
        update_if_not_default!(&mut conf.extensions, new.extensions, Vec::<String>::new());
        update_if_not_default!(&mut conf.methods, new.methods, methods());
        update_if_not_default!(&mut conf.data, new.data, Vec::<u8>::new());
        update_if_not_default!(&mut conf.url_denylist, new.url_denylist, Vec::<Url>::new());
+        update_if_not_default!(&mut conf.update_app, new.update_app, false);
        if !new.regex_denylist.is_empty() {
            // cant use the update_if_not_default macro due to the following error
            //
@@ -1038,10 +1154,14 @@ impl Configuration {
        update_if_not_default!(&mut conf.replay_proxy, new.replay_proxy, "");
        update_if_not_default!(&mut conf.debug_log, new.debug_log, "");
        update_if_not_default!(&mut conf.resume_from, new.resume_from, "");
-        update_if_not_default!(&mut conf.json, new.json, false);

        update_if_not_default!(&mut conf.timeout, new.timeout, timeout());
        update_if_not_default!(&mut conf.user_agent, new.user_agent, user_agent());
+        update_if_not_default!(
+            &mut conf.backup_extensions,
+            new.backup_extensions,
+            backup_extensions()
+        );
        update_if_not_default!(&mut conf.random_agent, new.random_agent, false);
        update_if_not_default!(&mut conf.threads, new.threads, threads());
        update_if_not_default!(&mut conf.depth, new.depth, depth());
--- a/src/config/tests.rs
+++ b/src/config/tests.rs
@@ -45,7 +45,7 @@ fn setup_config_test() -> Configuration {
            add_slash = true
            stdin = true
            dont_filter = true
-            extract_links = true
+            extract_links = false
            json = true
            save_state = false
            depth = 1
@@ -56,6 +56,10 @@ fn setup_config_test() -> Configuration {
            filter_word_count = [994, 992]
            filter_line_count = [34]
            filter_status = [201]
+            server_certs = ["/some/cert.pem", "/some/other/cert.pem"]
+            client_cert = "/some/client/cert.pem"
+            client_key = "/some/client/key.pem"
+            backup_extensions = [".save"]
        "#;
    let tmp_dir = TempDir::new().unwrap();
    let file = tmp_dir.path().join(DEFAULT_CONFIG_NAME);
@@ -98,7 +102,7 @@ fn default_configuration() {
    assert!(!config.add_slash);
    assert!(!config.force_recursion);
    assert!(!config.redirects);
-    assert!(!config.extract_links);
+    assert!(config.extract_links);
    assert!(!config.insecure);
    assert!(!config.collect_extensions);
    assert!(!config.collect_backups);
@@ -117,6 +121,10 @@ fn default_configuration() {
    assert_eq!(config.filter_line_count, Vec::<usize>::new());
    assert_eq!(config.filter_status, Vec::<u16>::new());
    assert_eq!(config.headers, HashMap::new());
+    assert_eq!(config.server_certs, Vec::<String>::new());
+    assert_eq!(config.client_cert, String::new());
+    assert_eq!(config.client_key, String::new());
+    assert_eq!(config.backup_extensions, backup_extensions());
 }

 #[test]
@@ -305,7 +313,7 @@ fn config_reads_add_slash() {
 /// parse the test config and see that the value parsed is correct
 fn config_reads_extract_links() {
    let config = setup_config_test();
-    assert!(config.extract_links);
+    assert!(!config.extract_links);
 }

 #[test]
@@ -443,6 +451,37 @@ fn config_reads_resume_from() {
    assert_eq!(config.resume_from, "/some/state/file");
 }

+#[test]
+/// parse the test config and see that the value parsed is correct
+fn config_reads_server_certs() {
+    let config = setup_config_test();
+    assert_eq!(
+        config.server_certs,
+        ["/some/cert.pem", "/some/other/cert.pem"]
+    );
+}
+
+#[test]
+/// parse the test config and see that the value parsed is correct
+fn config_reads_backup_extensions() {
+    let config = setup_config_test();
+    assert_eq!(config.backup_extensions, [".save"]);
+}
+
+#[test]
+/// parse the test config and see that the value parsed is correct
+fn config_reads_client_cert() {
+    let config = setup_config_test();
+    assert_eq!(config.client_cert, "/some/client/cert.pem");
+}
+
+#[test]
+/// parse the test config and see that the value parsed is correct
+fn config_reads_client_key() {
+    let config = setup_config_test();
+    assert_eq!(config.client_key, "/some/client/key.pem");
+}
+
 #[test]
 /// parse the test config and see that the values parsed are correct
 fn config_reads_headers() {
@@ -482,7 +521,7 @@ fn config_report_and_exit_works() {
 fn as_str_returns_string_with_newline() {
    let config = Configuration::new().unwrap();
    let config_str = config.as_str();
-    println!("{}", config_str);
+    println!("{config_str}");
    assert!(config_str.starts_with("Configuration {"));
    assert!(config_str.ends_with("}\n"));
    assert!(config_str.contains("replay_codes:"));
--- a/src/config/utils.rs
+++ b/src/config/utils.rs
@@ -1,6 +1,7 @@
 use crate::{
    utils::{module_colorizer, status_colorizer},
-    DEFAULT_IGNORED_EXTENSIONS, DEFAULT_METHOD, DEFAULT_STATUS_CODES, DEFAULT_WORDLIST, VERSION,
+    DEFAULT_BACKUP_EXTENSIONS, DEFAULT_IGNORED_EXTENSIONS, DEFAULT_METHOD, DEFAULT_STATUS_CODES,
+    DEFAULT_WORDLIST, VERSION,
 };
 #[cfg(not(test))]
 use std::process::exit;
@@ -49,6 +50,10 @@ pub(super) fn status_codes() -> Vec<u16> {
    DEFAULT_STATUS_CODES
        .iter()
        .map(|code| code.as_u16())
+        // add experimental codes not found in reqwest
+        // - 103 - EARLY_HINTS
+        // - 425 - TOO_EARLY
+        .chain([103, 425])
        .collect()
 }

@@ -65,6 +70,14 @@ pub(super) fn ignored_extensions() -> Vec<String> {
        .collect()
 }

+/// default backup extensions to collect
+pub(super) fn backup_extensions() -> Vec<String> {
+    DEFAULT_BACKUP_EXTENSIONS
+        .iter()
+        .map(|s| s.to_string())
+        .collect()
+}
+
 /// default wordlist
 pub(super) fn wordlist() -> String {
    String::from(DEFAULT_WORDLIST)
@@ -72,7 +85,7 @@ pub(super) fn wordlist() -> String {

 /// default user-agent
 pub(super) fn user_agent() -> String {
-    format!("feroxbuster/{}", VERSION)
+    format!("feroxbuster/{VERSION}")
 }

 /// default recursion depth
@@ -80,6 +93,11 @@ pub(super) fn depth() -> usize {
    4
 }

+/// default extract links
+pub(super) fn extract_links() -> bool {
+    true
+}
+
 /// enum representing the three possible states for informational output (not logging verbosity)
 #[derive(Debug, Copy, Clone, PartialEq, Eq)]
 pub enum OutputLevel {
@@ -91,6 +109,9 @@ pub enum OutputLevel {

    /// silent scan, only print urls (used to be --quiet in versions 1.x.x)
    Silent,
+
+    /// silent scan, but with JSON output
+    SilentJSON,
 }

 /// implement a default for OutputLevel
@@ -102,14 +123,22 @@ impl Default for OutputLevel {
 }

 /// given the current settings for quiet and silent, determine output_level (DRY helper)
-pub fn determine_output_level(quiet: bool, silent: bool) -> OutputLevel {
+pub fn determine_output_level(quiet: bool, silent: bool, json: bool) -> OutputLevel {
    if quiet && silent {
        // user COULD have both as true in config file, take the more quiet of the two
-        OutputLevel::Silent
+        if json {
+            OutputLevel::SilentJSON
+        } else {
+            OutputLevel::Silent
+        }
    } else if quiet {
        OutputLevel::Quiet
    } else if silent {
-        OutputLevel::Silent
+        if json {
+            OutputLevel::SilentJSON
+        } else {
+            OutputLevel::Silent
+        }
    } else {
        OutputLevel::Default
    }
@@ -157,16 +186,28 @@ mod tests {
    #[test]
    /// test determine_output_level returns higher of the two levels if both given values are true
    fn determine_output_level_returns_correct_results() {
-        let mut level = determine_output_level(true, true);
+        let mut level = determine_output_level(true, true, false);
        assert_eq!(level, OutputLevel::Silent);

-        level = determine_output_level(false, true);
+        level = determine_output_level(false, true, false);
        assert_eq!(level, OutputLevel::Silent);

-        level = determine_output_level(false, false);
+        let mut level = determine_output_level(true, true, true);
+        assert_eq!(level, OutputLevel::SilentJSON);
+
+        level = determine_output_level(false, true, true);
+        assert_eq!(level, OutputLevel::SilentJSON);
+
+        level = determine_output_level(false, false, false);
        assert_eq!(level, OutputLevel::Default);

-        level = determine_output_level(true, false);
+        level = determine_output_level(true, false, false);
+        assert_eq!(level, OutputLevel::Quiet);
+
+        level = determine_output_level(false, false, true);
+        assert_eq!(level, OutputLevel::Default);
+
+        level = determine_output_level(true, false, true);
        assert_eq!(level, OutputLevel::Quiet);
    }

--- a/src/event_handlers/command.rs
+++ b/src/event_handlers/command.rs
@@ -24,7 +24,9 @@ pub enum Command {
    AddStatus(StatusCode),

    /// Create the progress bar (`BarType::Total`) that is updated from the stats thread
-    CreateBar,
+    ///
+    /// the u64 value is the offset at which to start the progress bar (can be 0)
+    CreateBar(u64),

    /// Add to a `Stats` field that corresponds to the given `StatField` by the given `usize` value
    AddToUsizeField(StatField, usize),
--- a/src/event_handlers/container.rs
+++ b/src/event_handlers/container.rs
@@ -160,13 +160,17 @@ impl Handles {
    /// number of extensions plus the number of request method types plus any dynamically collected
    /// extensions
    pub fn expected_num_requests_multiplier(&self) -> usize {
-        let multiplier = self.config.extensions.len()
-            + self.config.methods.len()
-            + self.num_collected_extensions();
+        let mut multiplier = self.config.extensions.len().max(1);

-        // methods should always have at least 1 member, likely making this .max call unneeded
-        // but leaving it for 'just in case' reasons
-        multiplier.max(1)
+        if multiplier > 1 {
+            // when we have more than one extension, we need to account for the fact that we'll
+            // be making a request for each extension and the base word (e.g. /foo.html and /foo)
+            multiplier += 1;
+        }
+
+        multiplier *= self.config.methods.len().max(1) * self.num_collected_extensions().max(1);
+
+        multiplier
    }

    /// Helper to easily get the (locked) underlying FeroxScans object
--- a/src/event_handlers/inputs.rs
+++ b/src/event_handlers/inputs.rs
@@ -12,6 +12,7 @@ use anyhow::Result;
 use console::style;
 use crossterm::event::{self, Event, KeyCode};
 use std::{
+    env::temp_dir,
    sync::{
        atomic::{AtomicBool, Ordering},
        Arc,
@@ -101,10 +102,39 @@ impl TermInputHandler {
            handles.filters.data.clone(),
        );

-        let state_file = open_file(&filename);
+        // User didn't set the --no-state flag (so saved_state is still the default true)
+        if handles.config.save_state {
+            let Ok(mut state_file) = open_file(&filename) else {
+                // couldn't open the file, let the user know we're going to try again
+                let error = format!(
+                    "❌ Could not save {}, falling back to {}",
+                    filename,
+                    temp_dir().to_string_lossy()
+                );
+                PROGRESS_PRINTER.println(error);

-        let mut buffered_file = state_file?;
-        write_to(&state, &mut buffered_file, true)?;
+                let temp_filename = temp_dir().join(&filename);
+
+                let Ok(mut state_file) = open_file(&temp_filename.to_string_lossy()) else {
+                    // couldn't open the fallback file, let the user know
+                    let error = format!("❌❌ Could not save {:?}, giving up...", temp_filename);
+                    PROGRESS_PRINTER.println(error);
+
+                    log::trace!("exit: sigint_handler (failed to write)");
+                    std::process::exit(1);
+                };
+
+                write_to(&state, &mut state_file, true)?;
+
+                let msg = format!("✅ Saved scan state to {:?}", temp_filename);
+                PROGRESS_PRINTER.println(msg);
+
+                log::trace!("exit: sigint_handler (saved to temp folder)");
+                std::process::exit(1);
+            };
+
+            write_to(&state, &mut state_file, true)?;
+        }

        log::trace!("exit: sigint_handler (end of program)");
        std::process::exit(1);
--- a/src/event_handlers/outputs.rs
+++ b/src/event_handlers/outputs.rs
@@ -209,8 +209,12 @@ impl TermOutHandler {
        while let Some(command) = self.receiver.recv().await {
            match command {
                Command::Report(resp) => {
-                    self.process_response(tx_stats.clone(), resp, ProcessResponseCall::Recursive)
-                        .await?;
+                    if let Err(err) = self
+                        .process_response(tx_stats.clone(), resp, ProcessResponseCall::Recursive)
+                        .await
+                    {
+                        log::warn!("{}", err);
+                    }
                }
                Command::Sync(sender) => {
                    sender.send(true).unwrap_or_default();
@@ -242,14 +246,6 @@ impl TermOutHandler {
        log::trace!("enter: process_response({:?}, {:?})", resp, call_type);

        async move {
-            let should_filter = self
-                .handles
-                .as_ref()
-                .unwrap()
-                .filters
-                .data
-                .should_filter_response(&resp, self.handles.as_ref().unwrap().stats.tx.clone());
-
            let contains_sentry = if !self.config.filter_status.is_empty() {
                // -C was used, meaning -s was not and we should ignore the defaults
                // https://github.com/epi052/feroxbuster/issues/535
@@ -261,7 +257,7 @@ impl TermOutHandler {
            };

            let unknown_sentry = !RESPONSES.contains(&resp); // !contains == unknown
-            let should_process_response = contains_sentry && unknown_sentry && !should_filter;
+            let should_process_response = contains_sentry && unknown_sentry;

            if should_process_response {
                // print to stdout
@@ -274,7 +270,7 @@ impl TermOutHandler {
                    self.tx_file
                        .send(Command::Report(resp.clone()))
                        .with_context(|| {
-                            fmt_err(&format!("Could not send {} to file handler", resp))
+                            fmt_err(&format!("Could not send {resp} to file handler"))
                        })?;
                }
            }
@@ -336,6 +332,21 @@ impl TermOutHandler {
                    )
                    .await;

+                    let Some(handles) = self.handles.as_ref() else {
+                        // shouldn't ever happen, but we'll log and return early if it does
+                        log::error!("handles were unexpectedly None, this shouldn't happen");
+                        return Ok(());
+                    };
+
+                    if handles
+                        .filters
+                        .data
+                        .should_filter_response(&ferox_response, tx_stats.clone())
+                    {
+                        // response was filtered for one reason or another, don't process it
+                        continue;
+                    }
+
                    self.process_response(
                        tx_stats.clone(),
                        Box::new(ferox_response),
@@ -393,12 +404,12 @@ impl TermOutHandler {

        if !filename.is_empty() {
            // append rules
-            for suffix in ["~", ".bak", ".bak2", ".old", ".1"] {
-                self.add_new_url_to_vec(url, &format!("{}{}", filename, suffix), &mut urls);
+            for suffix in &self.config.backup_extensions {
+                self.add_new_url_to_vec(url, &format!("{filename}{suffix}"), &mut urls);
            }

            // vim swap rule
-            self.add_new_url_to_vec(url, &format!(".{}.swp", filename), &mut urls);
+            self.add_new_url_to_vec(url, &format!(".{filename}.swp"), &mut urls);

            // replace original extension rule
            let parts: Vec<_> = filename
@@ -432,7 +443,7 @@ mod tests {
            config,
            receiver: rx,
        };
-        println!("{:?}", foh);
+        println!("{foh:?}");
    }

    #[tokio::test(flavor = "multi_thread", worker_threads = 1)]
@@ -451,7 +462,7 @@ mod tests {
            handles: Some(handles),
        };

-        println!("{:?}", toh);
+        println!("{toh:?}");
        tx.send(Command::Exit).unwrap();
    }

--- a/src/event_handlers/scans.rs
+++ b/src/event_handlers/scans.rs
@@ -6,7 +6,7 @@ use tokio::sync::{mpsc, Semaphore};
 use crate::{
    response::FeroxResponse,
    scan_manager::{FeroxScan, FeroxScans, ScanOrder},
-    scanner::FeroxScanner,
+    scanner::{FeroxScanner, RESPONSES},
    statistics::StatField::TotalScans,
    url::FeroxUrl,
    utils::should_deny_url,
@@ -16,7 +16,7 @@ use crate::{
 use super::command::Command::AddToUsizeField;
 use super::*;
 use crate::statistics::StatField;
-use reqwest::Url;
+use crate::utils::parse_url_with_raw_path;
 use tokio::time::Duration;

 #[derive(Debug)]
@@ -218,11 +218,11 @@ impl ScanHandler {
        // current number of requests expected per scan
        // ExpectedPerScan and TotalExpected are a += action, so we need the wordlist length to
        // update them while the other updates use expected_num_requests_per_dir
-        let num_words = self.get_wordlist()?.len();
+        let num_words = self.get_wordlist(0)?.len();
        let current_expectation = self.handles.expected_num_requests_per_dir() as u64;

        // used in the calculation of bar width down below, see explanation there
-        let divisor = self.handles.expected_num_requests_multiplier() as u64 - 1;
+        let divisor = (self.handles.expected_num_requests_multiplier() as u64 - 1).max(1);

        // add another `wordlist.len` to the expected per scan tracker in the statistics handler
        self.handles
@@ -266,7 +266,7 @@ impl ScanHandler {
                        let bar = scan.progress_bar();

                        // (4000 - 3000) / 2 => 500 words left to send
-                        let length = bar.length();
+                        let length = bar.length().unwrap_or(1);
                        let num_words_left = (length - bar.position()) / divisor;

                        // accumulate each bar's increment value for incrementing the total bar
@@ -290,10 +290,14 @@ impl ScanHandler {
    }

    /// Helper to easily get the (locked) underlying wordlist
-    pub fn get_wordlist(&self) -> Result<Arc<Vec<String>>> {
+    pub fn get_wordlist(&self, offset: usize) -> Result<Arc<Vec<String>>> {
        if let Ok(guard) = self.wordlist.lock().as_ref() {
            if let Some(list) = guard.as_ref() {
-                return Ok(list.clone());
+                return if offset > 0 {
+                    Ok(Arc::new(list[offset..].to_vec()))
+                } else {
+                    Ok(list.clone())
+                };
            }
        }

@@ -321,14 +325,27 @@ impl ScanHandler {
                self.data.add_directory_scan(&target, order).1 // add the new target; return FeroxScan
            };

-            if should_test_deny && should_deny_url(&Url::parse(&target)?, self.handles.clone())? {
+            if should_test_deny
+                && should_deny_url(&parse_url_with_raw_path(&target)?, self.handles.clone())?
+            {
                // response was caught by a user-provided deny list
                // checking this last, since it's most susceptible to longer runtimes due to what
                // input is received
                continue;
            }

-            let list = self.get_wordlist()?;
+            let divisor = self.handles.expected_num_requests_multiplier();
+
+            let list = if divisor > 1 && scan.requests() > 0 {
+                // if there were extensions provided and/or more than a single method used, and some
+                // number of requests have already been sent, we need to adjust the offset into the
+                // wordlist to ensure we don't index out of bounds
+
+                let adjusted = scan.requests_made_so_far() as f64 / (divisor as f64 - 1.0).max(1.0);
+                self.get_wordlist(adjusted as usize)?
+            } else {
+                self.get_wordlist(scan.requests_made_so_far() as usize)?
+            };

            log::info!("scan handler received {} - beginning scan", target);

@@ -386,6 +403,58 @@ impl ScanHandler {
            return Ok(());
        }

+        if let Ok(responses) = RESPONSES.responses.read() {
+            for maybe_wild in responses.iter() {
+                if !maybe_wild.wildcard() || !maybe_wild.is_directory() {
+                    // if the stored response isn't a wildcard, skip it
+                    // if the stored response isn't a directory, skip it
+                    // we're only interested in preventing recursion into wildcard directories
+                    continue;
+                }
+
+                if maybe_wild.method() != response.method() {
+                    // methods don't match, skip it
+                    continue;
+                }
+
+                // methods match and is a directory wildcard
+                // need to check the wildcard's parent directory
+                // for equality with the incoming response's parent directory
+                //
+                // if the parent directories match, we need to prevent recursion
+                // into the wildcard directory
+
+                match (
+                    maybe_wild.url().path_segments(),
+                    response.url().path_segments(),
+                ) {
+                    // both urls must have path segments
+                    (Some(mut maybe_wild_segments), Some(mut response_segments)) => {
+                        match (
+                            maybe_wild_segments.nth_back(1),
+                            response_segments.nth_back(1),
+                        ) {
+                            // both urls must have at least 2 path segments, the next to last being the parent
+                            (Some(maybe_wild_parent), Some(response_parent)) => {
+                                if maybe_wild_parent == response_parent {
+                                    // the parent directories match, so we need to prevent recursion
+                                    return Ok(());
+                                }
+                            }
+                            _ => {
+                                // we couldn't get the parent directory, so we'll skip this
+                                continue;
+                            }
+                        }
+                    }
+                    _ => {
+                        // we couldn't get the path segments, so we'll skip this
+                        continue;
+                    }
+                }
+            }
+        }
+
        let targets = vec![response.url().to_string()];
        self.ordered_scan_url(targets, ScanOrder::Latest).await?;

--- a/src/event_handlers/statistics.rs
+++ b/src/event_handlers/statistics.rs
@@ -115,8 +115,9 @@ impl StatsHandler {
                    }
                }
                Command::AddToF64Field(field, value) => self.stats.update_f64_field(field, value),
-                Command::CreateBar => {
+                Command::CreateBar(offset) => {
                    self.bar = add_bar("", self.stats.total_expected() as u64, BarType::Total);
+                    self.bar.set_position(offset);
                }
                Command::LoadStats(filename) => {
                    self.stats.merge_from(&filename)?;
@@ -146,8 +147,13 @@ impl StatsHandler {
            self.stats.errors(),
        );

-        self.bar.set_message(&msg);
-        self.bar.inc(1);
+        self.bar.set_message(msg);
+
+        if self.bar.position() < self.stats.total_expected() as u64 {
+            // don't run off the end when we're a few requests over the expected total
+            // due to the heuristics tests
+            self.bar.inc(1);
+        }
    }

    /// Initialize new `Stats` object and the sc side of an mpsc channel that is responsible for
--- a/src/extractor/container.rs
+++ b/src/extractor/container.rs
@@ -11,16 +11,60 @@ use crate::{
        StatField::{LinksExtracted, TotalExpected},
    },
    url::FeroxUrl,
-    utils::{logged_request, make_request, send_try_recursion_command, should_deny_url},
+    utils::{
+        logged_request, make_request, parse_url_with_raw_path, send_try_recursion_command,
+        should_deny_url,
+    },
    ExtractionResult, DEFAULT_METHOD,
 };
 use anyhow::{bail, Context, Result};
-use reqwest::{Client, StatusCode, Url};
+use futures::StreamExt;
+use reqwest::{Client, Response, StatusCode, Url};
 use scraper::{Html, Selector};
 use std::{borrow::Cow, collections::HashSet};

+/// Wrapper around link extraction logic
+///   - create a new Url object based on cli options/args
+///   - check if the new Url has already been seen/scanned -> None
+///   - make a request to the new Url ? -> Some(response) : None
+pub(super) async fn request_link(url: &str, handles: Arc<Handles>) -> Result<Response> {
+    log::trace!("enter: request_link({})", url);
+
+    let ferox_url = FeroxUrl::from_string(url, handles.clone());
+
+    // create a url based on the given command line options
+    let new_url = ferox_url.format("", None)?;
+
+    let scanned_urls = handles.ferox_scans()?;
+
+    if scanned_urls.get_scan_by_url(new_url.as_ref()).is_some() {
+        //we've seen the url before and don't need to scan again
+        log::trace!("exit: request_link -> None");
+        bail!("previously seen url");
+    }
+
+    if (!handles.config.url_denylist.is_empty() || !handles.config.regex_denylist.is_empty())
+        && should_deny_url(&new_url, handles.clone())?
+    {
+        // can't allow a denied url to be requested
+        bail!(
+            "prevented request to {} due to {:?} || {:?}",
+            url,
+            handles.config.url_denylist,
+            handles.config.regex_denylist,
+        );
+    }
+
+    // make the request and store the response
+    let new_response = logged_request(&new_url, DEFAULT_METHOD, None, handles.clone()).await?;
+
+    log::trace!("exit: request_link -> {:?}", new_response);
+
+    Ok(new_response)
+}
+
 /// Whether an active scan is recursive or not
-#[derive(Debug)]
+#[derive(Debug, Copy, Clone)]
 enum RecursionStatus {
    /// Scan is recursive
    Recursive,
@@ -81,7 +125,7 @@ impl<'a> Extractor<'a> {
    ) -> Result<()> {
        log::trace!("enter: parse_url_and_add_subpaths({:?})", links);

-        match Url::parse(url_to_parse) {
+        match parse_url_with_raw_path(url_to_parse) {
            Ok(absolute) => {
                if absolute.domain() != original_url.domain()
                    || absolute.host() != original_url.host()
@@ -121,91 +165,140 @@ impl<'a> Extractor<'a> {

    /// given a set of links from a normal http body response, task the request handler to make
    /// the requests
-    pub async fn request_links(&mut self, links: HashSet<String>) -> Result<()> {
+    pub async fn request_links(
+        &mut self,
+        links: HashSet<String>,
+    ) -> Result<Option<tokio::task::JoinHandle<()>>> {
        log::trace!("enter: request_links({:?})", links);

        if links.is_empty() {
-            return Ok(());
+            return Ok(None);
        }

+        self.update_stats(links.len())?;
+
+        // create clones/remove use of self of/from everything the async move block will need to function
+        let cloned_scanned_urls = self.handles.ferox_scans()?;
+        let cloned_handles = self.handles.clone();
+        let cloned_url = self.url.clone();
+        let threads = self.handles.config.threads;
        let recursive = if self.handles.config.no_recursion {
            RecursionStatus::NotRecursive
        } else {
            RecursionStatus::Recursive
        };

-        let scanned_urls = self.handles.ferox_scans()?;
-        self.update_stats(links.len())?;
+        let link_request_task = tokio::spawn(async move {
+            let producers = futures::stream::iter(links.into_iter())
+                .map(|link| {
+                    // another clone to satisfy the async move block
+                    let inner_clone = cloned_handles.clone();

-        for link in links {
-            let mut resp = match self.request_link(&link).await {
-                Ok(resp) => resp,
-                Err(_) => continue,
-            };
+                    (
+                        tokio::spawn(async move { request_link(&link, inner_clone).await }),
+                        cloned_handles.clone(),
+                        cloned_scanned_urls.clone(),
+                        recursive,
+                        cloned_url.clone(),
+                    )
+                })
+                .for_each_concurrent(
+                    threads,
+                    |(join_handle, c_handles, c_scanned_urls, c_recursive, og_url)| async move {
+                        match join_handle.await {
+                            Ok(Ok(reqwest_response)) => {
+                                let mut resp = FeroxResponse::from(
+                                    reqwest_response,
+                                    &og_url,
+                                    DEFAULT_METHOD,
+                                    c_handles.config.output_level,
+                                )
+                                .await;

-            // filter if necessary
-            if self
-                .handles
-                .filters
-                .data
-                .should_filter_response(&resp, self.handles.stats.tx.clone())
-            {
-                continue;
-            }
+                                // filter if necessary
+                                if c_handles
+                                    .filters
+                                    .data
+                                    .should_filter_response(&resp, c_handles.stats.tx.clone())
+                                {
+                                    return;
+                                }

-            // request and report assumed file
-            if resp.is_file() || !resp.is_directory() {
-                log::debug!("Extracted File: {}", resp);
+                                // request and report assumed file
+                                if resp.is_file() || !resp.is_directory() {
+                                    log::debug!("Extracted File: {}", resp);

-                scanned_urls.add_file_scan(resp.url().as_str(), ScanOrder::Latest);
+                                    c_scanned_urls
+                                        .add_file_scan(resp.url().as_str(), ScanOrder::Latest);

-                if self.handles.config.collect_extensions {
-                    resp.parse_extension(self.handles.clone())?;
-                }
+                                    if c_handles.config.collect_extensions {
+                                        // no real reason this should fail
+                                        resp.parse_extension(c_handles.clone()).unwrap();
+                                    }

-                if let Err(e) = resp.send_report(self.handles.output.tx.clone()) {
-                    log::warn!("Could not send FeroxResponse to output handler: {}", e);
-                }
+                                    if let Err(e) = resp.send_report(c_handles.output.tx.clone()) {
+                                        log::warn!(
+                                            "Could not send FeroxResponse to output handler: {}",
+                                            e
+                                        );
+                                    }

-                continue;
-            }
+                                    return;
+                                }

-            if matches!(recursive, RecursionStatus::Recursive) {
-                log::debug!("Extracted Directory: {}", resp);
+                                if matches!(c_recursive, RecursionStatus::Recursive) {
+                                    log::debug!("Extracted Directory: {}", resp);

-                if !resp.url().as_str().ends_with('/')
-                    && (resp.status().is_success()
-                        || matches!(resp.status(), &StatusCode::FORBIDDEN))
-                {
-                    // if the url doesn't end with a /
-                    // and the response code is either a 2xx or 403
+                                    if !resp.url().as_str().ends_with('/')
+                                        && (resp.status().is_success()
+                                            || matches!(resp.status(), &StatusCode::FORBIDDEN))
+                                    {
+                                        // if the url doesn't end with a /
+                                        // and the response code is either a 2xx or 403

-                    // since all of these are 2xx or 403, recursion is only attempted if the
-                    // url ends in a /. I am actually ok with adding the slash and not
-                    // adding it, as both have merit.  Leaving it in for now to see how
-                    // things turn out (current as of: v1.1.0)
-                    resp.set_url(&format!("{}/", resp.url()));
-                }
+                                        // since all of these are 2xx or 403, recursion is only attempted if the
+                                        // url ends in a /. I am actually ok with adding the slash and not
+                                        // adding it, as both have merit.  Leaving it in for now to see how
+                                        // things turn out (current as of: v1.1.0)
+                                        resp.set_url(&format!("{}/", resp.url()));
+                                    }
+
+                                    if c_handles.config.filter_status.is_empty() {
+                                        // -C wasn't used, so -s is the only 'filter' left to account for
+                                        if c_handles
+                                            .config
+                                            .status_codes
+                                            .contains(&resp.status().as_u16())
+                                        {
+                                            send_try_recursion_command(c_handles.clone(), resp)
+                                                .await
+                                                .unwrap_or_default();
+                                        }
+                                    } else {
+                                        // -C was used, that means the filters above would have removed
+                                        // those responses, and anything else should be let through
+                                        send_try_recursion_command(c_handles.clone(), resp)
+                                            .await
+                                            .unwrap_or_default();
+                                    }
+                                }
+                            }
+                            Ok(Err(err)) => {
+                                log::warn!("Error during link extraction: {}", err);
+                            }
+                            Err(err) => {
+                                log::warn!("JoinError during link extraction: {}", err);
+                            }
+                        }
+                    },
+                );
+
+            // wait for the requests to finish
+            producers.await;
+        });

-                if self.handles.config.filter_status.is_empty() {
-                    // -C wasn't used, so -s is the only 'filter' left to account for
-                    if self
-                        .handles
-                        .config
-                        .status_codes
-                        .contains(&resp.status().as_u16())
-                    {
-                        send_try_recursion_command(self.handles.clone(), resp).await?;
-                    }
-                } else {
-                    // -C was used, that means the filters above would have removed
-                    // those responses, and anything else should be let through
-                    send_try_recursion_command(self.handles.clone(), resp).await?;
-                }
-            }
-        }
        log::trace!("exit: request_links");
-        Ok(())
+        Ok(Some(link_request_task))
    }

    /// wrapper around link extraction via html attributes
@@ -362,7 +455,7 @@ impl<'a> Extractor<'a> {
                // this isn't the last index of the parts array
                // ex: /buried/misc/stupidfile.php
                // this block skips the file but sees all parent folders
-                possible_path = format!("{}/", possible_path);
+                possible_path = format!("{possible_path}/");
            }

            paths.push(possible_path); // good sub-path found
@@ -385,7 +478,7 @@ impl<'a> Extractor<'a> {
            ExtractionTarget::ResponseBody | ExtractionTarget::DirectoryListing => {
                self.response.unwrap().url().clone()
            }
-            ExtractionTarget::RobotsTxt => match Url::parse(&self.url) {
+            ExtractionTarget::RobotsTxt => match parse_url_with_raw_path(&self.url) {
                Ok(u) => u,
                Err(e) => {
                    bail!("Could not parse {}: {}", self.url, e);
@@ -395,9 +488,9 @@ impl<'a> Extractor<'a> {

        let new_url = old_url
            .join(link)
-            .with_context(|| format!("Could not join {} with {}", old_url, link))?;
+            .with_context(|| format!("Could not join {old_url} with {link}"))?;

-        if old_url.domain() != new_url.domain() || old_url.host() != old_url.host() {
+        if old_url.domain() != new_url.domain() || old_url.host() != new_url.host() {
            // domains/ips are not the same, don't scan things that aren't part of the original
            // target url
            log::debug!(
@@ -415,56 +508,6 @@ impl<'a> Extractor<'a> {
        Ok(())
    }

-    /// Wrapper around link extraction logic
-    ///   - create a new Url object based on cli options/args
-    ///   - check if the new Url has already been seen/scanned -> None
-    ///   - make a request to the new Url ? -> Some(response) : None
-    pub(super) async fn request_link(&self, url: &str) -> Result<FeroxResponse> {
-        log::trace!("enter: request_link({})", url);
-
-        let ferox_url = FeroxUrl::from_string(url, self.handles.clone());
-
-        // create a url based on the given command line options
-        let new_url = ferox_url.format("", None)?;
-
-        let scanned_urls = self.handles.ferox_scans()?;
-
-        if scanned_urls.get_scan_by_url(new_url.as_ref()).is_some() {
-            //we've seen the url before and don't need to scan again
-            log::trace!("exit: request_link -> None");
-            bail!("previously seen url");
-        }
-
-        if (!self.handles.config.url_denylist.is_empty()
-            || !self.handles.config.regex_denylist.is_empty())
-            && should_deny_url(&new_url, self.handles.clone())?
-        {
-            // can't allow a denied url to be requested
-            bail!(
-                "prevented request to {} due to {:?} || {:?}",
-                url,
-                self.handles.config.url_denylist,
-                self.handles.config.regex_denylist,
-            );
-        }
-
-        // make the request and store the response
-        let new_response =
-            logged_request(&new_url, DEFAULT_METHOD, None, self.handles.clone()).await?;
-
-        let new_ferox_response = FeroxResponse::from(
-            new_response,
-            url,
-            DEFAULT_METHOD,
-            self.handles.config.output_level,
-        )
-        .await;
-
-        log::trace!("exit: request_link -> {:?}", new_ferox_response);
-
-        Ok(new_ferox_response)
-    }
-
    /// Entry point to perform link extraction from robots.txt
    ///
    /// `base_url` can have paths and subpaths, however robots.txt will be requested from the
@@ -484,7 +527,7 @@ impl<'a> Extractor<'a> {

        for capture in self.robots_regex.captures_iter(body) {
            if let Some(new_path) = capture.name("url_path") {
-                let mut new_url = Url::parse(&self.url)?;
+                let mut new_url = parse_url_with_raw_path(&self.url)?;

                new_url.set_path(new_path.as_str());

@@ -598,6 +641,20 @@ impl<'a> Extractor<'a> {
                Some(self.handles.config.proxy.as_str())
            };

+            let server_certs = &self.handles.config.server_certs;
+
+            let client_cert = if self.handles.config.client_cert.is_empty() {
+                None
+            } else {
+                Some(self.handles.config.client_cert.as_str())
+            };
+
+            let client_key = if self.handles.config.client_key.is_empty() {
+                None
+            } else {
+                Some(self.handles.config.client_key.as_str())
+            };
+
            client = client::initialize(
                self.handles.config.timeout,
                &self.handles.config.user_agent,
@@ -605,6 +662,9 @@ impl<'a> Extractor<'a> {
                self.handles.config.insecure,
                &self.handles.config.headers,
                proxy,
+                server_certs,
+                client_cert,
+                client_key,
            )?;
        }

@@ -614,7 +674,7 @@ impl<'a> Extractor<'a> {
            &client
        };

-        let mut url = Url::parse(&self.url)?;
+        let mut url = parse_url_with_raw_path(&self.url)?;
        url.set_path(location); // overwrite existing path

        // purposefully not using logged_request here due to using the special client
--- a/src/extractor/tests.rs
+++ b/src/extractor/tests.rs
@@ -1,4 +1,5 @@
 use super::builder::{LINKFINDER_REGEX, ROBOTS_TXT_REGEX, URL_CHARS_REGEX};
+use super::container::request_link;
 use super::*;
 use crate::config::{Configuration, OutputLevel};
 use crate::scan_manager::ScanOrder;
@@ -312,7 +313,7 @@ async fn request_robots_txt_without_proxy() -> Result<()> {
    let resp = extractor.make_extract_request("/robots.txt").await?;

    assert!(matches!(resp.status(), &StatusCode::OK));
-    println!("{}", resp);
+    println!("{resp}");
    assert_eq!(resp.content_length(), 14);
    assert_eq!(mock.hits(), 1);
    Ok(())
@@ -360,13 +361,13 @@ async fn request_link_happy_path() -> Result<()> {
        then.status(200).body("this is a test");
    });

-    let r_resp = ROBOTS_EXT.request_link(&srv.url("/login.php")).await?;
-    let b_resp = BODY_EXT.request_link(&srv.url("/login.php")).await?;
+    let r_resp = request_link(&srv.url("/login.php"), ROBOTS_EXT.handles.clone()).await?;
+    let b_resp = request_link(&srv.url("/login.php"), BODY_EXT.handles.clone()).await?;

-    assert!(matches!(r_resp.status(), &StatusCode::OK));
-    assert!(matches!(b_resp.status(), &StatusCode::OK));
-    assert_eq!(r_resp.content_length(), 14);
-    assert_eq!(b_resp.content_length(), 14);
+    assert!(matches!(r_resp.status(), StatusCode::OK));
+    assert!(matches!(b_resp.status(), StatusCode::OK));
+    assert_eq!(r_resp.content_length().unwrap(), 14);
+    assert_eq!(b_resp.content_length().unwrap(), 14);
    assert_eq!(mock.hits(), 2);
    Ok(())
 }
@@ -390,8 +391,8 @@ async fn request_link_bails_on_seen_url() -> Result<()> {
    let robots = setup_extractor(ExtractionTarget::RobotsTxt, scans.clone());
    let body = setup_extractor(ExtractionTarget::ResponseBody, scans);

-    let r_resp = robots.request_link(&served).await;
-    let b_resp = body.request_link(&served).await;
+    let r_resp = request_link(&served, robots.handles.clone()).await;
+    let b_resp = request_link(&served, body.handles.clone()).await;

    assert!(r_resp.is_err());
    assert!(b_resp.is_err());
--- a/src/filters/container.rs
+++ b/src/filters/container.rs
@@ -3,16 +3,16 @@ use std::sync::RwLock;
 use anyhow::Result;
 use serde::{ser::SerializeSeq, Serialize, Serializer};

-use crate::{
-    event_handlers::Command::AddToUsizeField, response::FeroxResponse,
-    statistics::StatField::WildcardsFiltered, CommandSender,
-};
+use crate::response::FeroxResponse;

 use super::{
    FeroxFilter, LinesFilter, RegexFilter, SimilarityFilter, SizeFilter, StatusCodeFilter,
    WildcardFilter, WordsFilter,
 };
-
+use crate::{
+    event_handlers::Command::AddToUsizeField, statistics::StatField::WildcardsFiltered,
+    CommandSender,
+};
 /// Container around a collection of `FeroxFilters`s
 #[derive(Debug, Default)]
 pub struct FeroxFilters {
@@ -76,6 +76,7 @@ impl FeroxFilters {
            for filter in filters.iter() {
                // wildcard.should_filter goes here
                if filter.should_filter_response(response) {
+                    log::debug!("filtering response due to: {:?}", filter);
                    if filter.as_any().downcast_ref::<WildcardFilter>().is_some() {
                        tx_stats
                            .send(AddToUsizeField(WildcardsFiltered, 1))
@@ -104,6 +105,10 @@ impl Serialize for FeroxFilters {
                    seq.serialize_element(word_filter).unwrap_or_default();
                } else if let Some(size_filter) = filter.as_any().downcast_ref::<SizeFilter>() {
                    seq.serialize_element(size_filter).unwrap_or_default();
+                } else if let Some(wildcard_filter) =
+                    filter.as_any().downcast_ref::<WildcardFilter>()
+                {
+                    seq.serialize_element(wildcard_filter).unwrap_or_default();
                } else if let Some(status_filter) =
                    filter.as_any().downcast_ref::<StatusCodeFilter>()
                {
@@ -114,10 +119,6 @@ impl Serialize for FeroxFilters {
                    filter.as_any().downcast_ref::<SimilarityFilter>()
                {
                    seq.serialize_element(similarity_filter).unwrap_or_default();
-                } else if let Some(wildcard_filter) =
-                    filter.as_any().downcast_ref::<WildcardFilter>()
-                {
-                    seq.serialize_element(wildcard_filter).unwrap_or_default();
                }
            }
            seq.end()
--- a/src/filters/mod.rs
+++ b/src/filters/mod.rs
@@ -4,21 +4,20 @@ use std::any::Any;
 use std::fmt::Debug;

 use crate::response::FeroxResponse;
-use crate::traits::{FeroxFilter, FeroxSerialize};
+use crate::traits::FeroxFilter;

 pub use self::container::FeroxFilters;
 pub(crate) use self::empty::EmptyFilter;
 pub use self::init::initialize;
 pub use self::lines::LinesFilter;
 pub use self::regex::RegexFilter;
-pub use self::similarity::SimilarityFilter;
+pub use self::similarity::{SimilarityFilter, SIM_HASHER};
 pub use self::size::SizeFilter;
 pub use self::status_code::StatusCodeFilter;
 pub(crate) use self::utils::{create_similarity_filter, filter_lookup};
 pub use self::wildcard::WildcardFilter;
 pub use self::words::WordsFilter;

-mod wildcard;
 mod status_code;
 mod words;
 mod lines;
@@ -30,4 +29,5 @@ mod container;
 mod tests;
 mod init;
 mod utils;
+mod wildcard;
 mod empty;
--- a/src/filters/similarity.rs
+++ b/src/filters/similarity.rs
@@ -1,15 +1,26 @@
 use super::*;
-use fuzzyhash::FuzzyHash;
+use crate::nlp::preprocess;
+use gaoya::simhash::{SimHash, SimHashBits, SimSipHasher64};
+use lazy_static::lazy_static;
+
+lazy_static! {
+    /// single instance of the sip hasher used in similarity filtering
+    pub static ref SIM_HASHER: SimHash<SimSipHasher64, u64, 64> =
+        SimHash::<SimSipHasher64, u64, 64>::new(SimSipHasher64::new(1, 2));
+}
+
+/// maximum hamming distance allowed between two signatures
+///
+/// ref: https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/33026.pdf
+/// section: 4.1 Choice of Parameters
+const MAX_HAMMING_DISTANCE: usize = 3;

 /// Simple implementor of FeroxFilter; used to filter out responses based on the similarity of a
 /// Response body with a known response; specified using --filter-similar-to
 #[derive(Default, Debug, PartialEq, Eq, Serialize, Deserialize)]
 pub struct SimilarityFilter {
    /// Hash of Response's body to be used during similarity comparison
-    pub hash: String,
-
-    /// Percentage of similarity at which a page is determined to be a near-duplicate of another
-    pub threshold: u32,
+    pub hash: u64,

    /// Url originally requested for the similarity filter
    pub original_url: String,
@@ -20,20 +31,15 @@ impl FeroxFilter for SimilarityFilter {
    /// Check `FeroxResponse::text` against what was requested from the site passed in via
    /// --filter-similar-to
    fn should_filter_response(&self, response: &FeroxResponse) -> bool {
-        let other = FuzzyHash::new(response.text());
-
-        if let Ok(result) = FuzzyHash::compare(&self.hash, &other.to_string()) {
-            return result >= self.threshold;
-        }
-
-        // couldn't hash the response, don't filter
-        log::warn!("Could not hash body from {}", response.as_str());
-        false
+        let other = SIM_HASHER.create_signature(preprocess(response.text()).iter());
+        self.hash.hamming_distance(&other) <= MAX_HAMMING_DISTANCE
    }

    /// Compare one SimilarityFilter to another
    fn box_eq(&self, other: &dyn Any) -> bool {
-        other.downcast_ref::<Self>().map_or(false, |a| self == a)
+        other
+            .downcast_ref::<Self>()
+            .map_or(false, |a| self.hash == a.hash)
    }

    /// Return self as Any for dynamic dispatch purposes
--- a/src/filters/tests.rs
+++ b/src/filters/tests.rs
@@ -1,26 +1,38 @@
 use super::*;
-use ::fuzzyhash::FuzzyHash;
+use crate::nlp::preprocess;
+use crate::DEFAULT_METHOD;
 use ::regex::Regex;

 #[test]
-/// simply test the default values for wildcardfilter, expect 0, 0
+/// simply test the default values for wildcardfilter
 fn wildcard_filter_default() {
    let wcf = WildcardFilter::default();
-    assert_eq!(wcf.size, u64::MAX);
-    assert_eq!(wcf.dynamic, u64::MAX);
+    assert_eq!(wcf.content_length, None);
+    assert_eq!(wcf.line_count, None);
+    assert_eq!(wcf.word_count, None);
+    assert_eq!(wcf.method, DEFAULT_METHOD.to_string());
+    assert_eq!(wcf.status_code, 0);
+    assert!(!wcf.dont_filter);
 }

 #[test]
 /// just a simple test to increase code coverage by hitting as_any and the inner value
 fn wildcard_filter_as_any() {
-    let filter = WildcardFilter::default();
+    let mut filter = WildcardFilter::default();
    let filter2 = WildcardFilter::default();

    assert!(filter.box_eq(filter2.as_any()));

    assert_eq!(
        *filter.as_any().downcast_ref::<WildcardFilter>().unwrap(),
-        filter
+        filter2
+    );
+
+    filter.content_length = Some(1);
+
+    assert_ne!(
+        *filter.as_any().downcast_ref::<WildcardFilter>().unwrap(),
+        filter2
    );
 }

@@ -111,18 +123,21 @@ fn regex_filter_as_any() {
 #[test]
 /// test should_filter on WilcardFilter where static logic matches
 fn wildcard_should_filter_when_static_wildcard_found() {
+    let body =
+        "pellentesque diam volutpat commodo sed egestas egestas fringilla phasellus faucibus";
+
    let mut resp = FeroxResponse::default();
    resp.set_wildcard(true);
    resp.set_url("http://localhost");
-    resp.set_text(
-        "pellentesque diam volutpat commodo sed egestas egestas fringilla phasellus faucibus",
-    );
+    resp.set_text(body);

    let filter = WildcardFilter {
-        size: 83,
-        dynamic: 0,
+        content_length: Some(body.len() as u64),
+        line_count: Some(1),
+        word_count: Some(10),
+        method: DEFAULT_METHOD.to_string(),
+        status_code: 200,
        dont_filter: false,
-        method: "GET".to_owned(),
    };

    assert!(filter.should_filter_response(&resp));
@@ -136,7 +151,14 @@ fn wildcard_should_filter_when_static_wildcard_len_is_zero() {
    resp.set_url("http://localhost");

    // default WildcardFilter is used in the code that executes when response.content_length() == 0
-    let filter = WildcardFilter::new(false);
+    let filter = WildcardFilter {
+        content_length: Some(0),
+        line_count: Some(0),
+        word_count: Some(0),
+        method: DEFAULT_METHOD.to_string(),
+        status_code: 200,
+        dont_filter: false,
+    };

    assert!(filter.should_filter_response(&resp));
 }
@@ -150,17 +172,16 @@ fn wildcard_should_filter_when_dynamic_wildcard_found() {
    resp.set_text("pellentesque diam volutpat commodo sed egestas egestas fringilla");

    let filter = WildcardFilter {
-        size: 0,
-        dynamic: 59, // content-length - 5 (len('stuff'))
+        content_length: None,
+        line_count: None,
+        word_count: Some(8),
+        method: DEFAULT_METHOD.to_string(),
+        status_code: 200,
        dont_filter: false,
-        method: "GET".to_owned(),
    };

-    println!("resp: {:?}: filter: {:?}", resp, filter);
-
    assert!(filter.should_filter_response(&resp));
 }
-
 #[test]
 /// test should_filter on RegexFilter where regex matches body
 fn regexfilter_should_filter_when_regex_matches_on_response_body() {
@@ -186,8 +207,7 @@ fn similarity_filter_is_accurate() {
    resp.set_text("sitting");

    let mut filter = SimilarityFilter {
-        hash: FuzzyHash::new("kitten").to_string(),
-        threshold: 95,
+        hash: SIM_HASHER.create_signature(["kitten"].iter()),
        original_url: "".to_string(),
    };

@@ -195,15 +215,15 @@ fn similarity_filter_is_accurate() {
    assert!(!filter.should_filter_response(&resp));

    resp.set_text("");
-    filter.hash = String::new();
-    filter.threshold = 100;
+    filter.hash = SIM_HASHER.create_signature([""].iter());

-    // two empty strings are the same, however ssdeep doesn't accept empty strings, expect false
+    // two empty strings are the same
    assert!(!filter.should_filter_response(&resp));

-    resp.set_text("some data to hash for the purposes of running a test");
-    filter.hash = FuzzyHash::new("some data to hash for the purposes of running a te").to_string();
-    filter.threshold = 17;
+    resp.set_text("some data hash purposes running test");
+    filter.hash = SIM_HASHER.create_signature(
+        preprocess("some data to hash for the purposes of running a test").iter(),
+    );

    assert!(filter.should_filter_response(&resp));
 }
@@ -212,20 +232,17 @@ fn similarity_filter_is_accurate() {
 /// just a simple test to increase code coverage by hitting as_any and the inner value
 fn similarity_filter_as_any() {
    let filter = SimilarityFilter {
-        hash: String::from("stuff"),
-        threshold: 95,
+        hash: 1,
        original_url: "".to_string(),
    };

    let filter2 = SimilarityFilter {
-        hash: String::from("stuff"),
-        threshold: 95,
+        hash: 1,
        original_url: "".to_string(),
    };

    assert!(filter.box_eq(filter2.as_any()));

-    assert_eq!(filter.hash, "stuff");
    assert_eq!(
        *filter.as_any().downcast_ref::<SimilarityFilter>().unwrap(),
        filter
--- a/src/filters/utils.rs
+++ b/src/filters/utils.rs
@@ -1,13 +1,13 @@
 use super::FeroxFilter;
 use super::SimilarityFilter;
 use crate::event_handlers::Handles;
+use crate::filters::similarity::SIM_HASHER;
+use crate::nlp::preprocess;
 use crate::response::FeroxResponse;
-use crate::utils::logged_request;
-use crate::{DEFAULT_METHOD, SIMILARITY_THRESHOLD};
+use crate::utils::{logged_request, parse_url_with_raw_path};
+use crate::DEFAULT_METHOD;
 use anyhow::Result;
-use fuzzyhash::FuzzyHash;
 use regex::Regex;
-use reqwest::Url;
 use std::sync::Arc;

 /// wrapper around logic necessary to create a SimilarityFilter
@@ -22,7 +22,7 @@ pub(crate) async fn create_similarity_filter(
    handles: Arc<Handles>,
 ) -> Result<SimilarityFilter> {
    // url as-is based on input, ignores user-specified url manipulation options (add-slash etc)
-    let url = Url::parse(similarity_filter)?;
+    let url = parse_url_with_raw_path(similarity_filter)?;

    // attempt to request the given url
    let resp = logged_request(&url, DEFAULT_METHOD, None, handles.clone()).await?;
@@ -40,12 +40,10 @@ pub(crate) async fn create_similarity_filter(
        fr.parse_extension(handles.clone())?;
    }

-    // hash the response body and store the resulting hash in the filter object
-    let hash = FuzzyHash::new(fr.text()).to_string();
+    let hash = SIM_HASHER.create_signature(preprocess(fr.text()).iter());

    Ok(SimilarityFilter {
        hash,
-        threshold: SIMILARITY_THRESHOLD,
        original_url: similarity_filter.to_string(),
    })
 }
@@ -95,8 +93,7 @@ pub(crate) fn filter_lookup(filter_type: &str, filter_value: &str) -> Option<Box
        }
        "similarity" => {
            return Some(Box::new(SimilarityFilter {
-                hash: String::new(),
-                threshold: SIMILARITY_THRESHOLD,
+                hash: 0,
                original_url: filter_value.to_string(),
            }));
        }
@@ -157,8 +154,7 @@ mod tests {
        assert_eq!(
            filter.as_any().downcast_ref::<SimilarityFilter>().unwrap(),
            &SimilarityFilter {
-                hash: String::new(),
-                threshold: SIMILARITY_THRESHOLD,
+                hash: 0,
                original_url: "http://localhost".to_string()
            }
        );
@@ -195,8 +191,7 @@ mod tests {
        assert_eq!(
            filter,
            SimilarityFilter {
-                hash: "3:YKEpn:Yfp".to_string(),
-                threshold: SIMILARITY_THRESHOLD,
+                hash: 14897447612059286329,
                original_url: srv.url("/")
            }
        );
--- a/src/filters/wildcard.rs
+++ b/src/filters/wildcard.rs
@@ -1,28 +1,29 @@
-use super::*;
-use crate::{url::FeroxUrl, DEFAULT_METHOD};
+use console::style;

-/// Data holder for two pieces of data needed when auto-filtering out wildcard responses
-///
-/// `dynamic` is the size of the response that will later be combined with the length
-/// of the path of the url requested and used to determine interesting pages from custom
-/// 404s where the requested url is reflected back in the response
-///
-/// `size` is size of the response that should be included with filters passed via runtime
-/// configuration and any static wildcard lengths.
+use super::*;
+use crate::utils::create_report_string;
+use crate::{config::OutputLevel, DEFAULT_METHOD};
+
+/// Data holder for all relevant data needed when auto-filtering out wildcard responses
 #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
 pub struct WildcardFilter {
-    /// size of the response that will later be combined with the length of the path of the url
-    /// requested
-    pub dynamic: u64,
+    /// The content-length of this response, if known
+    pub content_length: Option<u64>,

-    /// size of the response that should be included with filters passed via runtime configuration
-    pub size: u64,
+    /// The number of lines contained in the body of this response, if known
+    pub line_count: Option<usize>,
+
+    /// The number of words contained in the body of this response, if known
+    pub word_count: Option<usize>,

    /// method used in request that should be included with filters passed via runtime configuration
    pub method: String,

+    /// the status code returned in the response
+    pub status_code: u16,
+
    /// whether or not the user passed -D on the command line
-    pub(super) dont_filter: bool,
+    pub dont_filter: bool,
 }

 /// implementation of WildcardFilter
@@ -36,22 +37,23 @@ impl WildcardFilter {
    }
 }

-/// implement default that populates both values with u64::MAX
+/// implement default that populates `method` with its default value
 impl Default for WildcardFilter {
-    /// populate both values with u64::MAX
    fn default() -> Self {
        Self {
+            content_length: None,
+            line_count: None,
+            word_count: None,
+            method: DEFAULT_METHOD.to_string(),
+            status_code: 0,
            dont_filter: false,
-            size: u64::MAX,
-            method: DEFAULT_METHOD.to_owned(),
-            dynamic: u64::MAX,
        }
    }
 }

 /// implementation of FeroxFilter for WildcardFilter
 impl FeroxFilter for WildcardFilter {
-    /// Examine size, dynamic, and content_len to determine whether or not the response received
+    /// Examine size/words/lines and method to determine whether or not the response received
    /// is a wildcard response and therefore should be filtered out
    fn should_filter_response(&self, response: &FeroxResponse) -> bool {
        log::trace!("enter: should_filter_response({:?} {})", self, response);
@@ -64,44 +66,78 @@ impl FeroxFilter for WildcardFilter {
            return false;
        }

-        if self.size != u64::MAX
-            && self.size == response.content_length()
-            && self.method == response.method().as_str()
-        {
-            // static wildcard size found during testing
-            // size isn't default, size equals response length, and auto-filter is on
-            log::debug!("static wildcard: filtered out {}", response.url());
-            log::trace!("exit: should_filter_response -> true");
-            return true;
+        if self.method != response.method().as_str() {
+            // method's don't match, so this response should not be filtered out
+            log::trace!("exit: should_filter_response -> false");
+            return false;
        }

-        if self.size == u64::MAX
-            && response.content_length() == 0
-            && self.method == response.method().as_str()
-        {
-            // static wildcard size found during testing
-            // but response length was zero; pointed out by @Tib3rius
-            log::debug!("static wildcard: filtered out {}", response.url());
-            log::trace!("exit: should_filter_response -> true");
-            return true;
+        if self.status_code != response.status().as_u16() {
+            // status codes don't match, so this response should not be filtered out
+            log::trace!("exit: should_filter_response -> false");
+            return false;
        }

-        if self.dynamic != u64::MAX {
-            // dynamic wildcard offset found during testing
+        // methods and status codes match at this point, just need to check the other fields

-            // I'm about to manually split this url path instead of using reqwest::Url's
-            // builtin parsing. The reason is that they call .split() on the url path
-            // except that I don't want an empty string taking up the last index in the
-            // event that the url ends with a forward slash.  It's ugly enough to be split
-            // into its own function for readability.
-            let url_len = FeroxUrl::path_length_of_url(response.url());
-
-            if url_len + self.dynamic == response.content_length() {
-                log::debug!("dynamic wildcard: filtered out {}", response.url());
-                log::trace!("exit: should_filter_response -> true");
-                return true;
+        match (self.content_length, self.word_count, self.line_count) {
+            (Some(cl), Some(wc), Some(lc)) => {
+                if cl == response.content_length()
+                    && wc == response.word_count()
+                    && lc == response.line_count()
+                {
+                    log::debug!("filtered out {}", response.url());
+                    log::trace!("exit: should_filter_response -> true");
+                    return true;
+                }
+            }
+            (Some(cl), Some(wc), None) => {
+                if cl == response.content_length() && wc == response.word_count() {
+                    log::debug!("filtered out {}", response.url());
+                    log::trace!("exit: should_filter_response -> true");
+                    return true;
+                }
+            }
+            (Some(cl), None, Some(lc)) => {
+                if cl == response.content_length() && lc == response.line_count() {
+                    log::debug!("filtered out {}", response.url());
+                    log::trace!("exit: should_filter_response -> true");
+                    return true;
+                }
+            }
+            (None, Some(wc), Some(lc)) => {
+                if wc == response.word_count() && lc == response.line_count() {
+                    log::debug!("filtered out {}", response.url());
+                    log::trace!("exit: should_filter_response -> true");
+                    return true;
+                }
+            }
+            (Some(cl), None, None) => {
+                if cl == response.content_length() {
+                    log::debug!("filtered out {}", response.url());
+                    log::trace!("exit: should_filter_response -> true");
+                    return true;
+                }
+            }
+            (None, Some(wc), None) => {
+                if wc == response.word_count() {
+                    log::debug!("filtered out {}", response.url());
+                    log::trace!("exit: should_filter_response -> true");
+                    return true;
+                }
+            }
+            (None, None, Some(lc)) => {
+                if lc == response.line_count() {
+                    log::debug!("filtered out {}", response.url());
+                    log::trace!("exit: should_filter_response -> true");
+                    return true;
+                }
+            }
+            (None, None, None) => {
+                unreachable!("wildcard filter without any filters set");
            }
        }
+
        log::trace!("exit: should_filter_response -> false");
        false
    }
@@ -116,3 +152,29 @@ impl FeroxFilter for WildcardFilter {
        self
    }
 }
+
+impl std::fmt::Display for WildcardFilter {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        let msg = create_report_string(
+            self.status_code.to_string().as_str(),
+            self.method.as_str(),
+            &self
+                .line_count
+                .map_or_else(|| "-".to_string(), |x| x.to_string()),
+            &self
+                .word_count
+                .map_or_else(|| "-".to_string(), |x| x.to_string()),
+            &self
+                .content_length
+                .map_or_else(|| "-".to_string(), |x| x.to_string()),
+            &format!(
+                "{} found {}-like response and created new filter; toggle off with {}",
+                style("Auto-filtering").bright().green(),
+                style("404").red(),
+                style("--dont-filter").yellow()
+            ),
+            OutputLevel::Default,
+        );
+        write!(f, "{}", msg)
+    }
+}
--- a/src/heuristics.rs
+++ b/src/heuristics.rs
@@ -1,43 +1,26 @@
+use std::collections::HashMap;
 use std::sync::Arc;

 use anyhow::{bail, Result};
-use console::style;
+use futures::future;
 use scraper::{Html, Selector};
 use uuid::Uuid;

+use crate::filters::{SimilarityFilter, WildcardFilter, SIM_HASHER};
 use crate::message::FeroxMessage;
+use crate::nlp::preprocess;
+use crate::scanner::RESPONSES;
 use crate::{
    config::OutputLevel,
    event_handlers::{Command, Handles},
-    filters::WildcardFilter,
    progress::PROGRESS_PRINTER,
    response::FeroxResponse,
    skip_fail,
    url::FeroxUrl,
-    utils::{ferox_print, fmt_err, logged_request, status_colorizer},
+    utils::{ferox_print, fmt_err, logged_request},
    DEFAULT_METHOD,
 };

-/// length of a standard UUID, used when determining wildcard responses
-const UUID_LENGTH: u64 = 32;
-
-/// wrapper around ugly string formatting
-macro_rules! format_template {
-    ($template:expr, $method:expr, $length:expr) => {
-        format!(
-            $template,
-            status_colorizer("WLD"),
-            $method,
-            "-",
-            "-",
-            "-",
-            style("auto-filtering").yellow(),
-            style($length).cyan(),
-            style("--dont-filter").yellow()
-        )
-    };
-}
-
 /// enum representing the different servers that `parse_html` can detect when directory listing is
 /// enabled
 #[derive(Copy, Debug, Clone)]
@@ -68,6 +51,16 @@ pub struct DirListingResult {
    pub response: FeroxResponse,
 }

+/// wrapper around the results of running a wildcard detection against a target web page
+#[derive(Copy, Debug, Clone)]
+pub enum WildcardResult {
+    /// variant that represents a wildcard directory
+    WildcardDirectory(usize),
+
+    /// variant that represents the presence of a 404-like response
+    FourOhFourLike(usize),
+}
+
 /// container for heuristics related info
 pub struct HeuristicTests {
    /// Handles object for event handler interaction
@@ -100,171 +93,6 @@ impl HeuristicTests {
        unique_id
    }

-    /// wrapper for sending a filter to the filters event handler
-    fn send_filter(&self, filter: WildcardFilter) -> Result<()> {
-        self.handles
-            .filters
-            .send(Command::AddFilter(Box::new(filter)))
-    }
-
-    /// Tests the given url to see if it issues a wildcard response
-    ///
-    /// In the event that url returns a wildcard response, a
-    /// [WildcardFilter](struct.WildcardFilter.html) is created and sent to the filters event
-    /// handler.
-    ///
-    /// Returns the number of times to increment the caller's progress bar
-    pub async fn wildcard(&self, target_url: &str) -> Result<u64> {
-        log::trace!("enter: wildcard_test({:?})", target_url);
-
-        if self.handles.config.dont_filter {
-            // early return, dont_filter scans don't need tested
-            log::trace!("exit: wildcard_test -> 0");
-            return Ok(0);
-        }
-
-        let data = match self.handles.config.data.is_empty() {
-            true => None,
-            false => Some(self.handles.config.data.as_slice()),
-        };
-
-        let ferox_url = FeroxUrl::from_string(target_url, self.handles.clone());
-
-        for method in self.handles.config.methods.iter() {
-            let ferox_response = self
-                .make_wildcard_request(&ferox_url, method.as_str(), data, 1)
-                .await?;
-
-            // found a wildcard response
-            let mut wildcard = WildcardFilter::new(self.handles.config.dont_filter);
-
-            let wc_length = ferox_response.content_length();
-
-            if wc_length == 0 {
-                log::trace!("exit: wildcard_test -> 1");
-                self.send_filter(wildcard)?;
-                return Ok(1);
-            }
-
-            // content length of wildcard is non-zero, perform additional tests:
-            //   make a second request, with a known-sized (64) longer request
-            let resp_two = self
-                .make_wildcard_request(&ferox_url, method.as_str(), data, 3)
-                .await?;
-
-            let wc2_length = resp_two.content_length();
-
-            wildcard.method = resp_two.method().as_str().to_owned();
-
-            if wc2_length == wc_length + (UUID_LENGTH * 2) {
-                // second length is what we'd expect to see if the requested url is
-                // reflected in the response along with some static content; aka custom 404
-                let url_len = ferox_url.path_length()?;
-
-                wildcard.dynamic = wc_length - url_len;
-
-                if matches!(
-                    self.handles.config.output_level,
-                    OutputLevel::Default | OutputLevel::Quiet
-                ) {
-                    let msg = format_template!("{} {:>8} {:>9} {:>9} {:>9} Wildcard response is dynamic; {} ({} + url length) responses; toggle this behavior by using {}\n", method, wildcard.dynamic);
-                    ferox_print(&msg, &PROGRESS_PRINTER);
-                }
-            } else if wc_length == wc2_length {
-                wildcard.size = wc_length;
-
-                if matches!(
-                    self.handles.config.output_level,
-                    OutputLevel::Default | OutputLevel::Quiet
-                ) {
-                    let msg = format_template!("{} {:>8} {:>9} {:>9} {:>9} Wildcard response is static; {} {} responses; toggle this behavior by using {}\n", method, wildcard.size);
-                    ferox_print(&msg, &PROGRESS_PRINTER);
-                }
-            }
-
-            self.send_filter(wildcard)?;
-        }
-
-        log::trace!("exit: wildcard_test");
-        Ok(2)
-    }
-
-    /// Generates a uuid and appends it to the given target url. The reasoning is that the randomly
-    /// generated unique string should not exist on and be served by the target web server.
-    ///
-    /// Once the unique url is created, the request is sent to the server. If the server responds
-    /// back with a valid status code, the response is considered to be a wildcard response. If that
-    /// wildcard response has a 3xx status code, that redirection location is displayed to the user.
-    async fn make_wildcard_request(
-        &self,
-        target: &FeroxUrl,
-        method: &str,
-        data: Option<&[u8]>,
-        length: usize,
-    ) -> Result<FeroxResponse> {
-        log::trace!("enter: make_wildcard_request({}, {})", target, length);
-
-        let unique_str = self.unique_string(length);
-
-        // To take care of slash when needed
-        let slash = if self.handles.config.add_slash {
-            Some("/")
-        } else {
-            None
-        };
-
-        let nonexistent_url = target.format(&unique_str, slash)?;
-
-        let response = logged_request(
-            &nonexistent_url.to_owned(),
-            method,
-            data,
-            self.handles.clone(),
-        )
-        .await?;
-
-        if self
-            .handles
-            .config
-            .status_codes
-            .contains(&response.status().as_u16())
-        {
-            // found a wildcard response
-
-            let mut ferox_response = FeroxResponse::from(
-                response,
-                &target.target,
-                method,
-                self.handles.config.output_level,
-            )
-            .await;
-            ferox_response.set_wildcard(true);
-
-            if self
-                .handles
-                .filters
-                .data
-                .should_filter_response(&ferox_response, self.handles.stats.tx.clone())
-            {
-                bail!("filtered response")
-            }
-
-            if matches!(
-                self.handles.config.output_level,
-                OutputLevel::Default | OutputLevel::Quiet
-            ) {
-                let boxed = Box::new(ferox_response.clone());
-                self.handles.output.send(Command::Report(boxed))?;
-            }
-
-            log::trace!("exit: make_wildcard_request -> {}", ferox_response);
-            return Ok(ferox_response);
-        }
-
-        log::trace!("exit: make_wildcard_request -> Err");
-        bail!("uninteresting status code")
-    }
-
    /// Simply tries to connect to all given sites before starting to scan
    ///
    /// In the event that no sites can be reached, the program will exit.
@@ -292,12 +120,15 @@ impl HeuristicTests {
                    ) {
                        if e.to_string().contains(":SSL") {
                            ferox_print(
-                                &format!("Could not connect to {} due to SSL errors (run with -k to ignore), skipping...", target_url),
+                                &format!("Could not connect to {target_url} due to SSL errors (run with -k to ignore), skipping...\n  => {}\n", e.root_cause()),
                                &PROGRESS_PRINTER,
                            );
                        } else {
                            ferox_print(
-                                &format!("Could not connect to {}, skipping...", target_url),
+                                &format!(
+                                    "Could not connect to {target_url}, skipping...\n  => {}\n",
+                                    e.root_cause()
+                                ),
                                &PROGRESS_PRINTER,
                            );
                        }
@@ -325,7 +156,7 @@ impl HeuristicTests {
            // so, instead of `directory_listing("http://localhost") -> None` we get
            // `directory_listing("http://localhost/") -> Some(DirListingResult)` if there is
            // directory listing beyond the redirect
-            format!("{}/", target_url)
+            format!("{target_url}/")
        } else {
            target_url.to_string()
        };
@@ -419,6 +250,359 @@ impl HeuristicTests {
        log::trace!("exit: detect_directory_listing -> None");
        None
    }
+
+    /// given a target's base url, attempt to automatically detect its 404 response
+    /// pattern(s), and then set filters that will exclude those patterns from future
+    /// responses
+    pub async fn detect_404_like_responses(
+        &self,
+        target_url: &str,
+    ) -> Result<Option<WildcardResult>> {
+        log::trace!("enter: detect_404_like_responses({:?})", target_url);
+
+        if self.handles.config.dont_filter {
+            // early return, dont_filter scans don't need tested
+            log::trace!("exit: detect_404_like_responses -> dont_filter is true");
+            return Ok(None);
+        }
+
+        let mut req_counter = 0;
+
+        let data = if self.handles.config.data.is_empty() {
+            None
+        } else {
+            Some(self.handles.config.data.as_slice())
+        };
+
+        // To take care of slash when needed
+        let slash = if self.handles.config.add_slash {
+            Some("/")
+        } else {
+            None
+        };
+
+        // no matter what, we want an empty extension for the base case
+        let mut extensions = vec!["".to_string()];
+
+        // and then we want to add any extensions that was specified
+        // or has since been added to the running config
+        for ext in &self.handles.config.extensions {
+            extensions.push(format!(".{}", ext));
+        }
+
+        // for every method, attempt to id its 404 response
+        //
+        // a good example of one where the GET/POST differ is on hackthebox:
+        // - http://prd.m.rendering-api.interface.htb/api
+        //
+        // a good example of one where the heuristics return a 403 and a 404 (apache)
+        // as well as return two different types of 404s based on the file extension
+        // - http://10.10.11.198 (Encoding box in normal labs)
+        //
+        // both methods and extensions can elicit different responses from a given
+        // server, so both are considered when building auto-filter rules
+        for method in self.handles.config.methods.iter() {
+            for extension in extensions.iter() {
+                // build out the 6 paths we'll use
+                let paths = [
+                    ("", 1),
+                    ("", 3),
+                    (".htaccess", 1),
+                    (".htaccess", 3),
+                    ("admin", 1),
+                    ("admin", 3),
+                ]
+                .map(|(prefix, length)| {
+                    format!("{prefix}{}{extension}", self.unique_string(length))
+                });
+
+                // allow all 6 requests to fly asynchronously
+                let responses = future::join_all(paths.into_iter().map(|path| async move {
+                    let ferox_url = FeroxUrl::from_string(target_url, self.handles.clone());
+
+                    let Ok(nonexistent_url) = ferox_url.format(&path, slash) else {
+                        return None;
+                    };
+
+                    // example requests:
+                    // - http://localhost/2fc1077836ad43ab98b7a31c2ca28fea
+                    // - http://localhost/92969beae6bf4beb855d1622406d87e395c87387a9ad432e8a11245002b709b03cf609d471004154b83bcc1c6ec49f6f
+                    // - http://localhost/.htaccessa005a2131e68449aa26e99029c914c09
+                    // - http://localhost/.htaccess92969beae6bf4beb855d1622406d87e395c87387a9ad432e8a11245002b709b03cf609d471004154b83bcc1c6ec49f6f
+                    // - http://localhost/adminf1d2541e73c44dcb9d1fb7d93334b280
+                    // - http://localhost/admin92969beae6bf4beb855d1622406d87e395c87387a9ad432e8a11245002b709b03cf609d471004154b83bcc1c6ec49f6f
+                    let Ok(response) =
+                        logged_request(&nonexistent_url, method, data, self.handles.clone()).await
+                    else {
+                        return None;
+                    };
+
+                    if !self
+                        .handles
+                        .config
+                        .status_codes
+                        .contains(&response.status().as_u16())
+                    {
+                        // if the response code isn't one that's accepted via -s values, then skip to the next
+                        //
+                        // the default value for -s is all status codes, so unless the user says otherwise
+                        // this won't fire
+                        return None;
+                    }
+
+                    Some(
+                        FeroxResponse::from(
+                            response,
+                            &ferox_url.target,
+                            method,
+                            self.handles.config.output_level,
+                        )
+                        .await,
+                    )
+                }))
+                .await // await gives vector of options containing feroxresponses
+                .into_iter()
+                .flatten() // strip out the none values
+                .collect::<Vec<_>>();
+
+                if responses.len() < 2 {
+                    // don't have enough responses to make a determination, continue to next method
+                    log::debug!("not enough responses to make a determination");
+                    continue;
+                }
+
+                // check the responses for similarities on which we can filter, multiple may be returned
+                let Some((wildcard_filters, wildcard_responses)) =
+                    self.examine_404_like_responses(&responses)
+                else {
+                    // no match was found during analysis of responses
+                    log::warn!("no match found for 404 responses");
+                    continue;
+                };
+
+                // report to the user, if appropriate
+                if matches!(
+                    self.handles.config.output_level,
+                    OutputLevel::Default | OutputLevel::Quiet
+                ) {
+                    // sentry value to control whether or not to print the filter
+                    // used because we only want to print the same filter once
+                    let mut print_sentry;
+
+                    if let Ok(filters) = self.handles.filters.data.filters.read() {
+                        for new_wildcard in &wildcard_filters {
+                            // reset the sentry for every new wildcard produced by examine_404_like_responses
+                            print_sentry = true;
+
+                            for other in filters.iter() {
+                                if let Some(other_wildcard) =
+                                    other.as_any().downcast_ref::<WildcardFilter>()
+                                {
+                                    // check the new wildcard against all existing wildcards, if it was added
+                                    // on the cli or by a previous directory, don't print it
+                                    if new_wildcard.as_ref() == other_wildcard {
+                                        print_sentry = false;
+                                        break;
+                                    }
+                                }
+                            }
+
+                            // if we're here, we've found a new wildcard that we didn't previously display, print it
+                            if print_sentry {
+                                ferox_print(&format!("{}", new_wildcard), &PROGRESS_PRINTER);
+                            }
+                        }
+                    }
+                }
+
+                // create the new filter
+                for wildcard in wildcard_filters {
+                    self.handles.filters.send(Command::AddFilter(wildcard))?;
+                }
+
+                // if we're here, we've detected a 404-like response pattern, and we're already filtering for size/word/line
+                //
+                // in addition, we'll create a similarity filter as a fallback
+                for resp in wildcard_responses {
+                    let hash = SIM_HASHER.create_signature(preprocess(resp.text()).iter());
+
+                    let sim_filter = SimilarityFilter {
+                        hash,
+                        original_url: resp.url().to_string(),
+                    };
+
+                    self.handles
+                        .filters
+                        .send(Command::AddFilter(Box::new(sim_filter)))?;
+
+                    if resp.is_directory() {
+                        // response is either a 3XX with a Location header that matches url + '/'
+                        // or it's a 2XX that ends with a '/'
+                        // or it's a 403 that ends with a '/'
+
+                        // set the wildcard flag to true, so we can check it when preventing
+                        // recursion in event_handlers/scans.rs
+
+                        // we'd need to clone the response to give ownership to the global list anyway
+                        // so we'll also use that clone to set the wildcard flag
+                        let mut cloned_resp = resp.clone();
+
+                        cloned_resp.set_wildcard(true);
+
+                        // add the response to the global list of responses
+                        RESPONSES.insert(cloned_resp);
+
+                        // function-internal magic number, indicates that we've detected a wildcard directory
+                        req_counter += 100;
+                    }
+                }
+            }
+        }
+
+        log::trace!("exit: detect_404_like_responses");
+
+        let retval = if req_counter >= 100 {
+            WildcardResult::WildcardDirectory(req_counter)
+        } else {
+            WildcardResult::FourOhFourLike(req_counter)
+        };
+
+        Ok(Some(retval))
+    }
+
+    /// for all responses, group them by status code, then examine chars/words/lines.
+    /// if all responses' respective lengths within a status code grouping match
+    /// each other, we can assume that will remain true for subsequent non-existent urls
+    ///
+    /// within a status code grouping, values are examined from most to
+    /// least specific (content length, word count, line count)
+    #[allow(clippy::vec_box)] // the box is needed in the caller and i dont feel like changing it
+    fn examine_404_like_responses<'a>(
+        &self,
+        responses: &'a [FeroxResponse],
+    ) -> Option<(Vec<Box<WildcardFilter>>, Vec<&'a FeroxResponse>)> {
+        // aside from word/line/byte counts, additional discriminators are status code
+        // extension, and request method. The request method and extension are handled by
+        // the caller, since they're part of the request and make up the nested for loops
+        // in detect_404_like_responses.
+        //
+        // The status code is handled here, since it's part of the response to catch cases
+        // where we have something like a 403 and a 404
+
+        let mut size_sentry = true;
+        let mut word_sentry = true;
+        let mut line_sentry = true;
+
+        // returned vec of boxed wildcard filters
+        let mut wildcards = Vec::new();
+
+        // returned vec of ferox responses that are needed for additional
+        // analysis
+        let mut wild_responses = Vec::new();
+
+        // mapping of grouped responses to status code
+        let mut grouped_responses = HashMap::new();
+
+        // iterate over all responses and add each response to its
+        // corresponding status code group
+        for response in responses {
+            grouped_responses
+                .entry(response.status())
+                .or_insert_with(Vec::new)
+                .push(response);
+        }
+
+        // iterate over each grouped response and determine the most specific
+        // filter that can be applied to all responses in the group, i.e.
+        // start from byte count and work 'out' to line count
+        for response_group in grouped_responses.values() {
+            if response_group.len() < 2 {
+                // not enough responses to make a determination
+                continue;
+            }
+
+            let method = response_group[0].method();
+            let status_code = response_group[0].status();
+            let content_length = response_group[0].content_length();
+            let word_count = response_group[0].word_count();
+            let line_count = response_group[0].line_count();
+
+            for response in &response_group[1..] {
+                // if any of the responses differ in length, that particular
+                // response length type is no longer a candidate for filtering
+                if response.content_length() != content_length {
+                    size_sentry = false;
+                }
+
+                if response.word_count() != word_count {
+                    word_sentry = false;
+                }
+
+                if response.line_count() != line_count {
+                    line_sentry = false;
+                }
+            }
+
+            if !size_sentry && !word_sentry && !line_sentry {
+                // none of the response lengths match, so we can't filter on any of them
+                continue;
+            }
+
+            let mut wildcard = WildcardFilter {
+                content_length: None,
+                line_count: None,
+                word_count: None,
+                method: method.to_string(),
+                status_code: status_code.as_u16(),
+                dont_filter: self.handles.config.dont_filter,
+            };
+
+            match (size_sentry, word_sentry, line_sentry) {
+                (true, true, true) => {
+                    // all three types of length match, so we can't filter on any of them
+                    wildcard.content_length = Some(content_length);
+                    wildcard.word_count = Some(word_count);
+                    wildcard.line_count = Some(line_count);
+                }
+                (true, true, false) => {
+                    // content length and word count match, so we can filter on either
+                    wildcard.content_length = Some(content_length);
+                    wildcard.word_count = Some(word_count);
+                }
+                (true, false, true) => {
+                    // content length and line count match, so we can filter on either
+                    wildcard.content_length = Some(content_length);
+                    wildcard.line_count = Some(line_count);
+                }
+                (false, true, true) => {
+                    // word count and line count match, so we can filter on either
+                    wildcard.word_count = Some(word_count);
+                    wildcard.line_count = Some(line_count);
+                }
+                (true, false, false) => {
+                    // content length matches, so we can filter on that
+                    wildcard.content_length = Some(content_length);
+                }
+                (false, true, false) => {
+                    // word count matches, so we can filter on that
+                    wildcard.word_count = Some(word_count);
+                }
+                (false, false, true) => {
+                    // line count matches, so we can filter on that
+                    wildcard.line_count = Some(line_count);
+                }
+                (false, false, false) => {
+                    // none of the length types match, so we can't filter on any of them
+                    unreachable!("no wildcard size matches; handled by the if statement above");
+                }
+            };
+
+            wild_responses.push(response_group[0]);
+            wildcards.push(Box::new(wildcard));
+        }
+
+        Some((wildcards, wild_responses))
+    }
 }

 #[cfg(test)]
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -52,9 +52,6 @@ pub(crate) const VERSION: &str = env!("CARGO_PKG_VERSION");
 /// Maximum number of file descriptors that can be opened during a scan
 pub const DEFAULT_OPEN_FILE_LIMIT: u64 = 8192;

-/// Default value used to determine near-duplicate web pages (equivalent to 95%)
-pub const SIMILARITY_THRESHOLD: u32 = 95;
-
 /// Default set of extensions to Ignore when auto-collecting extensions during scans
 pub(crate) const DEFAULT_IGNORED_EXTENSIONS: [&str; 38] = [
    "tif", "tiff", "ico", "cur", "bmp", "webp", "svg", "png", "jpg", "jpeg", "jfif", "gif", "avif",
@@ -62,6 +59,9 @@ pub(crate) const DEFAULT_IGNORED_EXTENSIONS: [&str; 38] = [
    "webm", "ogv", "oga", "flac", "aac", "3gp", "css", "zip", "xls", "xml", "gz", "tgz",
 ];

+/// Default set of extensions to search for when auto-collecting backups during scans
+pub(crate) const DEFAULT_BACKUP_EXTENSIONS: [&str; 5] = ["~", ".bak", ".bak2", ".old", ".1"];
+
 /// Default wordlist to use when `-w|--wordlist` isn't specified and not `wordlist` isn't set
 /// in a [ferox-config.toml](constant.DEFAULT_CONFIG_NAME.html) config file.
 ///
@@ -85,29 +85,73 @@ pub(crate) const SLEEP_DURATION: u64 = 500;
 /// The percentage of requests as errors it takes to be deemed too high
 pub const HIGH_ERROR_RATIO: f64 = 0.90;

-/// Default list of status codes to report
-///
-/// * 200 Ok
-/// * 204 No Content
-/// * 301 Moved Permanently
-/// * 302 Found
-/// * 307 Temporary Redirect
-/// * 308 Permanent Redirect
-/// * 401 Unauthorized
-/// * 403 Forbidden
-/// * 405 Method Not Allowed
-/// * 500 Internal Server Error
-pub const DEFAULT_STATUS_CODES: [StatusCode; 10] = [
+/// Default list of status codes to report (all of them)
+pub const DEFAULT_STATUS_CODES: [StatusCode; 60] = [
+    // all 1XX response codes
+    StatusCode::CONTINUE,
+    StatusCode::SWITCHING_PROTOCOLS,
+    StatusCode::PROCESSING,
+    // all 2XX response codes
    StatusCode::OK,
+    StatusCode::CREATED,
+    StatusCode::ACCEPTED,
+    StatusCode::NON_AUTHORITATIVE_INFORMATION,
    StatusCode::NO_CONTENT,
+    StatusCode::RESET_CONTENT,
+    StatusCode::PARTIAL_CONTENT,
+    StatusCode::MULTI_STATUS,
+    StatusCode::ALREADY_REPORTED,
+    StatusCode::IM_USED,
+    // all 3XX response codes
+    StatusCode::MULTIPLE_CHOICES,
    StatusCode::MOVED_PERMANENTLY,
    StatusCode::FOUND,
+    StatusCode::SEE_OTHER,
+    StatusCode::NOT_MODIFIED,
+    StatusCode::USE_PROXY,
    StatusCode::TEMPORARY_REDIRECT,
    StatusCode::PERMANENT_REDIRECT,
+    // all 4XX response codes
+    StatusCode::BAD_REQUEST,
    StatusCode::UNAUTHORIZED,
+    StatusCode::PAYMENT_REQUIRED,
    StatusCode::FORBIDDEN,
+    StatusCode::NOT_FOUND,
    StatusCode::METHOD_NOT_ALLOWED,
+    StatusCode::NOT_ACCEPTABLE,
+    StatusCode::PROXY_AUTHENTICATION_REQUIRED,
+    StatusCode::REQUEST_TIMEOUT,
+    StatusCode::CONFLICT,
+    StatusCode::GONE,
+    StatusCode::LENGTH_REQUIRED,
+    StatusCode::PRECONDITION_FAILED,
+    StatusCode::PAYLOAD_TOO_LARGE,
+    StatusCode::URI_TOO_LONG,
+    StatusCode::UNSUPPORTED_MEDIA_TYPE,
+    StatusCode::RANGE_NOT_SATISFIABLE,
+    StatusCode::EXPECTATION_FAILED,
+    StatusCode::IM_A_TEAPOT,
+    StatusCode::MISDIRECTED_REQUEST,
+    StatusCode::UNPROCESSABLE_ENTITY,
+    StatusCode::LOCKED,
+    StatusCode::FAILED_DEPENDENCY,
+    StatusCode::UPGRADE_REQUIRED,
+    StatusCode::PRECONDITION_REQUIRED,
+    StatusCode::TOO_MANY_REQUESTS,
+    StatusCode::REQUEST_HEADER_FIELDS_TOO_LARGE,
+    StatusCode::UNAVAILABLE_FOR_LEGAL_REASONS,
+    // all 5XX response codes
    StatusCode::INTERNAL_SERVER_ERROR,
+    StatusCode::NOT_IMPLEMENTED,
+    StatusCode::BAD_GATEWAY,
+    StatusCode::SERVICE_UNAVAILABLE,
+    StatusCode::GATEWAY_TIMEOUT,
+    StatusCode::HTTP_VERSION_NOT_SUPPORTED,
+    StatusCode::VARIANT_ALSO_NEGOTIATES,
+    StatusCode::INSUFFICIENT_STORAGE,
+    StatusCode::LOOP_DETECTED,
+    StatusCode::NOT_EXTENDED,
+    StatusCode::NETWORK_AUTHENTICATION_REQUIRED,
 ];

 /// Default method for requests
--- a/src/logger.rs
+++ b/src/logger.rs
@@ -65,7 +65,7 @@ pub fn initialize(config: Arc<Configuration>) -> Result<()> {
                kind: "log".to_string(),
            };

-            PROGRESS_PRINTER.println(&log_entry.as_str());
+            PROGRESS_PRINTER.println(log_entry.as_str());

            if let Some(buffered_file) = file.clone() {
                if let Ok(mut unlocked) = buffered_file.write() {
--- a/src/main.rs
+++ b/src/main.rs
@@ -1,11 +1,14 @@
 use std::io::stdin;
 use std::{
-    env::args,
+    env::{
+        args,
+        consts::{ARCH, OS},
+    },
    fs::{create_dir, remove_file, File},
    io::{stderr, BufRead, BufReader},
    ops::Index,
    path::Path,
-    process::Command,
+    process::{exit, Command},
    sync::{atomic::Ordering, Arc},
 };

@@ -28,7 +31,7 @@ use feroxbuster::{
        TermOutHandler, SCAN_COMPLETE,
    },
    filters, heuristics, logger,
-    progress::{PROGRESS_BAR, PROGRESS_PRINTER},
+    progress::PROGRESS_PRINTER,
    scan_manager::{self, ScanType},
    scanner,
    utils::{fmt_err, slugify_filename},
@@ -38,17 +41,19 @@ use feroxbuster::{
 use feroxbuster::{utils::set_open_file_limit, DEFAULT_OPEN_FILE_LIMIT};
 use lazy_static::lazy_static;
 use regex::Regex;
+use self_update::cargo_crate_version;

 lazy_static! {
    /// Limits the number of parallel scans active at any given time when using --parallel
    static ref PARALLEL_LIMITER: Semaphore = Semaphore::new(0);
 }

-/// Create a HashSet of Strings from the given wordlist then stores it inside an Arc
+/// Create a Vec of Strings from the given wordlist then stores it inside an Arc
 fn get_unique_words_from_wordlist(path: &str) -> Result<Arc<Vec<String>>> {
    log::trace!("enter: get_unique_words_from_wordlist({})", path);
+    let mut trimmed_word = false;

-    let file = File::open(path).with_context(|| format!("Could not open {}", path))?;
+    let file = File::open(path).with_context(|| format!("Could not open {path}"))?;

    let reader = BufReader::new(file);

@@ -61,12 +66,21 @@ fn get_unique_words_from_wordlist(path: &str) -> Result<Arc<Vec<String>>> {
    for line in reader.lines() {
        line.map(|result| {
            if !result.starts_with('#') && !result.is_empty() {
-                words.push(result);
+                if result.starts_with('/') {
+                    words.push(result.trim_start_matches('/').to_string());
+                    trimmed_word = true;
+                } else {
+                    words.push(result);
+                }
            }
        })
        .ok();
    }

+    if trimmed_word {
+        log::warn!("Some words in the wordlist started with a leading forward-slash; those words were trimmed (i.e. /word -> word)");
+    }
+
    log::trace!(
        "exit: get_unique_words_from_wordlist -> Arc<wordlist[{} words...]>",
        words.len()
@@ -92,8 +106,20 @@ async fn scan(targets: Vec<String>, handles: Arc<Handles>) -> Result<()> {
    //   having been set, makes it so the progress bar doesn't flash as full before anything has
    //   even happened
    if matches!(handles.config.output_level, OutputLevel::Default) {
+        let mut total_offset = 0;
+
+        if let Ok(guard) = handles.scans.read() {
+            if let Some(handle) = &*guard {
+                if let Ok(scans) = handle.data.scans.read() {
+                    for scan in scans.iter() {
+                        total_offset += scan.requests_made_so_far();
+                    }
+                }
+            }
+        }
+
        // only create the bar if no --silent|--quiet
-        handles.stats.send(CreateBar)?;
+        handles.stats.send(CreateBar(total_offset))?;

        // blocks until the bar is created / avoids race condition in first two bars
        handles.stats.sync().await?;
@@ -172,7 +198,7 @@ async fn get_targets(handles: Arc<Handles>) -> Result<Vec<String>> {

        if !target.starts_with("http") && !target.starts_with("https") {
            // --url hackerone.com
-            *target = format!("https://{}", target);
+            *target = format!("https://{target}");
        }
    }

@@ -194,22 +220,75 @@ async fn wrapped_main(config: Arc<Configuration>) -> Result<()> {
        // PROGRESS_PRINTER and PROGRESS_BAR have been used at least once.  This call satisfies
        // that constraint
        PROGRESS_PRINTER.println("");
-        PROGRESS_BAR.join().unwrap();
    });

-    // cloning an Arc is cheap (it's basically a pointer into the heap)
-    // so that will allow for cheap/safe sharing of a single wordlist across multi-target scans
-    // as well as additional directories found as part of recursion
-    let words = match get_unique_words_from_wordlist(&config.wordlist) {
-        Ok(w) => w,
-        Err(err) => {
-            let secondary = Path::new(SECONDARY_WORDLIST);
+    // check if update_app is true
+    if config.update_app {
+        match update_app().await {
+            Err(e) => eprintln!("\n[ERROR] {}", e),
+            Ok(self_update::Status::UpToDate(version)) => {
+                eprintln!("\nFeroxbuster {} is up to date", version)
+            }
+            Ok(self_update::Status::Updated(version)) => {
+                eprintln!("\nFeroxbuster updated to {} version", version)
+            }
+        }
+        exit(0);
+    }

-            if secondary.exists() {
-                eprintln!("Found wordlist in secondary location");
-                get_unique_words_from_wordlist(SECONDARY_WORDLIST)?
-            } else {
-                return Err(err);
+    let words = if config.wordlist.starts_with("http") {
+        // found a url scheme, attempt to download the wordlist
+        let response = config
+            .client
+            .get(&config.wordlist)
+            .send()
+            .await
+            .context(format!(
+                "Unable to download wordlist from remote url: {}",
+                config.wordlist
+            ))?;
+
+        if !response.status().is_success() {
+            // status code isn't a 200, bail
+            bail!(
+                "[{}] Unable to download wordlist from url: {}",
+                response.status().as_str(),
+                config.wordlist
+            );
+        }
+
+        // attempt to get the filename from the url's path
+        let Some(path_segments) = response.url().path_segments() else {
+            bail!("Unable to parse path from url: {}", response.url());
+        };
+
+        let Some(filename) = path_segments.last() else {
+            bail!(
+                "Unable to parse filename from url's path: {}",
+                response.url().path()
+            );
+        };
+
+        let filename = filename.to_string();
+
+        // read the body and write it to disk, then use existing code to read the wordlist
+        let body = response.text().await?;
+
+        std::fs::write(&filename, body)?;
+
+        get_unique_words_from_wordlist(&filename)?
+    } else {
+        match get_unique_words_from_wordlist(&config.wordlist) {
+            Ok(w) => w,
+            Err(err) => {
+                let secondary = Path::new(SECONDARY_WORDLIST);
+
+                if secondary.exists() {
+                    eprintln!("Found wordlist in secondary location");
+                    get_unique_words_from_wordlist(SECONDARY_WORDLIST)?
+                } else {
+                    return Err(err);
+                }
            }
        }
    };
@@ -328,7 +407,7 @@ async fn wrapped_main(config: Arc<Configuration>) -> Result<()> {

            let new_folder = slugify_filename(&base_name.to_string_lossy(), "", "logs");

-            let final_path = output_path.with_file_name(&new_folder);
+            let final_path = output_path.with_file_name(new_folder);

            // create the directory or fail silently, assuming the reason for failure is that
            // the path exists already
@@ -459,7 +538,7 @@ async fn wrapped_main(config: Arc<Configuration>) -> Result<()> {
        Ok(_) => {}
        Err(e) => {
            clean_up(handles, tasks).await?;
-            bail!(fmt_err(&format!("Failed while scanning: {}", e)));
+            bail!(fmt_err(&format!("Failed while scanning: {e}")));
        }
    }

@@ -504,6 +583,24 @@ async fn clean_up(handles: Arc<Handles>, tasks: Tasks) -> Result<()> {
    Ok(())
 }

+async fn update_app() -> Result<self_update::Status, Box<dyn ::std::error::Error>> {
+    let target_os = format!("{}-{}", ARCH, OS);
+    let status = tokio::task::spawn_blocking(move || {
+        self_update::backends::github::Update::configure()
+            .repo_owner("epi052")
+            .repo_name("feroxbuster")
+            .bin_name("feroxbuster")
+            .target(target_os.as_str())
+            .show_download_progress(true)
+            .current_version(cargo_crate_version!())
+            .build()?
+            .update()
+    })
+    .await??;
+
+    Ok(status)
+}
+
 fn main() -> Result<()> {
    let config = Arc::new(Configuration::new().with_context(|| "Could not create Configuration")?);

@@ -526,7 +623,7 @@ fn main() -> Result<()> {
    {
        let future = wrapped_main(config.clone());
        if let Err(e) = runtime.block_on(future) {
-            eprintln!("{}", e);
+            eprintln!("{e}");

            // the code below is to facilitate testing tests/test_banner entries. Since it's an
            // integration test, normal test detection (cfg!(test), etc...) won't work. So, in
--- a/src/nlp/document.rs
+++ b/src/nlp/document.rs
@@ -35,20 +35,21 @@ impl Document {
    fn add_term(&mut self, word: &str) {
        let term = Term::new(word);

-        let metadata = self.terms.entry(term).or_insert_with(TermMetaData::new);
+        let metadata = self.terms.entry(term).or_default();
        *metadata.count_mut() += 1;
    }

    /// create a new `Document` from the given HTML string
-    pub(crate) fn from_html(raw_html: &str) -> Self {
+    pub(crate) fn from_html(raw_html: &str) -> Option<Self> {
        let selector = Selector::parse("body").unwrap();

        let html = Html::parse_document(raw_html);

-        let text = html
-            .select(&selector)
-            .next()
-            .unwrap()
+        let Some(element) = html.select(&selector).next() else {
+            return None;
+        };
+
+        let text = element
            .descendants()
            .filter_map(|node| {
                if !node.value().is_text() && !node.value().is_comment() {
@@ -85,7 +86,7 @@ impl Document {

                    // at this point, we have a non-empty Text element with a non-script|style parent;
                    // now we can return the trimmed up string
-                    return Some(format!("{} ", trimmed));
+                    return Some(format!("{trimmed} "));
                }

                // not an Element node
@@ -95,7 +96,7 @@ impl Document {

        // call `new` to push the parsed html through the pre-processing pipeline and process all
        // the words
-        Self::new(&text)
+        Some(Self::new(&text))
    }

    /// Log normalized weighting scheme for term frequency
@@ -146,19 +147,20 @@ mod tests {
    #[test]
    /// `Document::new` should preprocess html and generate a hashmap of `Term, TermMetadata`
    fn nlp_document_creation_from_html() {
-        let empty = Document::from_html("<html></html>");
+        let empty = Document::from_html("<html></html>").unwrap();
        assert_eq!(empty.number_of_terms, 0);

-        let other_empty = Document::from_html("<html><body><p></p></body></html>");
+        let other_empty = Document::from_html("<html><body><p></p></body></html>").unwrap();
        assert_eq!(other_empty.number_of_terms, 0);

-        let third_empty = Document::from_html("<!DOCTYPE html><html><!DOCTYPE html><p></p></html>");
+        let third_empty =
+            Document::from_html("<!DOCTYPE html><html><!DOCTYPE html><p></p></html>").unwrap();
        assert_eq!(third_empty.number_of_terms, 0);

        // p tag for is_text check and comment for is_comment
        let doc = Document::from_html(
            "<html><body><p>The air quality in Singapore.</p><!--got worse on Wednesday--></body></html>",
-        );
+        ).unwrap();

        let expected_terms = ["air", "quality", "singapore", "worse", "wednesday"];

@@ -209,7 +211,7 @@ mod tests {
    /// ensure words in script/style tags aren't processed
    fn document_creation_skips_script_and_style_tags() {
        let html = "<body><script>The air quality</script><style>in Singapore</style><p>got worse on Wednesday.</p></body>";
-        let doc = Document::from_html(html);
+        let doc = Document::from_html(html).unwrap();
        let keys = doc.terms().keys().map(|key| key.raw()).collect::<Vec<_>>();

        let expected = ["worse", "wednesday"];
--- a/src/nlp/mod.rs
+++ b/src/nlp/mod.rs
@@ -8,3 +8,4 @@ mod utils;

 pub(crate) use self::document::Document;
 pub(crate) use self::model::TfIdf;
+pub(crate) use self::utils::preprocess;
--- a/src/nlp/term.rs
+++ b/src/nlp/term.rs
@@ -35,11 +35,6 @@ pub(super) struct TermMetaData {
 }

 impl TermMetaData {
-    /// create a new metadata container
-    pub(super) fn new() -> Self {
-        Self::default()
-    }
-
    /// number of times a `Term` has appeared in any `Document` within the corpus
    pub(super) fn document_frequency(&self) -> usize {
        self.term_frequencies().len()
@@ -90,7 +85,7 @@ mod tests {
    #[test]
    /// test accessors for correctness
    fn nlp_term_metadata_accessor_test() {
-        let mut metadata = TermMetaData::new();
+        let mut metadata = TermMetaData::default();

        *metadata.count_mut() += 1;
        assert_eq!(metadata.count(), 1);
--- a/src/nlp/utils.rs
+++ b/src/nlp/utils.rs
@@ -4,7 +4,7 @@ use std::borrow::Cow;

 /// pre-processing pipeline wrapper that removes punctuation, normalizes word case (utf-8 included)
 /// to lowercase, and remove stop words
-pub(super) fn preprocess(text: &str) -> Vec<String> {
+pub(crate) fn preprocess(text: &str) -> Vec<String> {
    let text = remove_punctuation(text);
    let text = normalize_case(text);
    let text = remove_stop_words(&text);
--- a/src/parser.rs
+++ b/src/parser.rs
@@ -40,7 +40,7 @@ pub fn initialize() -> Command {
            Arg::new("url")
                .short('u')
                .long("url")
-                .required_unless_present_any(["stdin", "resume_from"])
+                .required_unless_present_any(["stdin", "resume_from", "update_app"])
                .help_heading("Target selection")
                .value_name("URL")
                .use_value_delimiter(true)
@@ -91,12 +91,15 @@ pub fn initialize() -> Command {
                .long("smart")
                .num_args(0)
                .help_heading("Composite settings")
-                .help("Set --extract-links, --auto-tune, --collect-words, and --collect-backups to true"),
-        ).arg(
+                .conflicts_with_all(["rate_limit", "auto_bail"])
+                .help("Set --auto-tune, --collect-words, and --collect-backups to true"),
+        )
+        .arg(
            Arg::new("thorough")
                .long("thorough")
                .num_args(0)
                .help_heading("Composite settings")
+                .conflicts_with_all(["rate_limit", "auto_bail"])
                .help("Use the same settings as --smart and set --collect-extensions to true"),
        );

@@ -174,7 +177,7 @@ pub fn initialize() -> Command {
                .use_value_delimiter(true)
                .help_heading("Request settings")
                .help(
-                    "File extension(s) to search for (ex: -x php -x pdf js)",
+                    "File extension(s) to search for (ex: -x php -x pdf js); reads values (newline-separated) from file if input starts with an @ (ex: @ext.txt)",
                ),
        )
        .arg(
@@ -355,7 +358,7 @@ pub fn initialize() -> Command {
                .use_value_delimiter(true)
                .help_heading("Response filters")
                .help(
-                    "Status Codes to include (allow list) (default: 200 204 301 302 307 308 401 403 405)",
+                    "Status Codes to include (allow list) (default: All Status Codes)",
                ),
        );

@@ -387,6 +390,35 @@ pub fn initialize() -> Command {
                .num_args(0)
                .help_heading("Client settings")
                .help("Disables TLS certificate validation in the client"),
+        )
+        .arg(
+            Arg::new("server_certs")
+                .long("server-certs")
+                .value_name("PEM|DER")
+                .value_hint(ValueHint::FilePath)
+                .num_args(1..)
+                .help_heading("Client settings")
+                .help("Add custom root certificate(s) for servers with unknown certificates"),
+        )
+        .arg(
+            Arg::new("client_cert")
+                .long("client-cert")
+                .value_name("PEM")
+                .value_hint(ValueHint::FilePath)
+                .num_args(1)
+                .requires("client_key")
+                .help_heading("Client settings")
+                .help("Add a PEM encoded certificate for mutual authentication (mTLS)"),
+        )
+        .arg(
+            Arg::new("client_key")
+                .long("client-key")
+                .value_name("PEM")
+                .value_hint(ValueHint::FilePath)
+                .num_args(1)
+                .requires("client_cert")
+                .help_heading("Client settings")
+                .help("Add a PEM encoded private key for mutual authentication (mTLS)"),
        );

    /////////////////////////////////////////////////////////////////////
@@ -431,7 +463,15 @@ pub fn initialize() -> Command {
                .long("extract-links")
                .num_args(0)
                .help_heading("Scan settings")
-                .help("Extract links from response body (html, javascript, etc...); make new requests based on findings")
+                .hide(true)
+                .help("Extract links from response body (html, javascript, etc...); make new requests based on findings (default: true)")
+        )
+        .arg(
+            Arg::new("dont_extract_links")
+                .long("dont-extract-links")
+                .num_args(0)
+                .help_heading("Scan settings")
+                .help("Don't extract links from response body (html, javascript, etc...)")
        )
        .arg(
            Arg::new("scan_limit")
@@ -475,7 +515,7 @@ pub fn initialize() -> Command {
                .long("wordlist")
                .value_hint(ValueHint::FilePath)
                .value_name("FILE")
-                .help("Path to the wordlist")
+                .help("Path or URL of the wordlist")
                .help_heading("Scan settings")
                .num_args(1),
        ).arg(
@@ -510,10 +550,11 @@ pub fn initialize() -> Command {
            Arg::new("collect_backups")
                .short('B')
                .long("collect-backups")
-                .num_args(0)
+                .num_args(0..)
                .help_heading("Dynamic collection settings")
-                .help("Automatically request likely backup extensions for \"found\" urls")
-        ).arg(
+                .help("Automatically request likely backup extensions for \"found\" urls (default: ~, .bak, .bak2, .old, .1)")
+        )
+        .arg(
            Arg::new("collect_words")
                .short('g')
                .long("collect-words")
@@ -553,7 +594,7 @@ pub fn initialize() -> Command {
                .num_args(0)
                .conflicts_with("quiet")
                .help_heading("Output settings")
-                .help("Only print URLs + turn off logging (good for piping a list of urls to other commands)")
+                .help("Only print URLs (or JSON w/ --json) + turn off logging (good for piping a list of urls to other commands)")
        )
        .arg(
            Arg::new("quiet")
@@ -604,9 +645,18 @@ pub fn initialize() -> Command {
    let mut app = app
        .group(
            ArgGroup::new("output_files")
-                .args(["debug_log", "output"])
+                .args(["debug_log", "output", "silent"])
                .multiple(true),
        )
+        .arg(
+            Arg::new("update_app")
+                .short('U')
+                .long("update")
+                .exclusive(true)
+                .num_args(0)
+                .help_heading("Update settings")
+                .help("Update feroxbuster to the latest version"),
+        )
        .after_long_help(EPILOGUE);

    /////////////////////////////////////////////////////////////////////
@@ -637,8 +687,7 @@ fn valid_time_spec(time_spec: &str) -> Result<String, String> {
        true => Ok(time_spec.to_string()),
        false => {
            let msg = format!(
-                "Expected a non-negative, whole number followed by s, m, h, or d (case insensitive); received {}",
-                time_spec
+                "Expected a non-negative, whole number followed by s, m, h, or d (case insensitive); received {time_spec}"
            );
            Err(msg)
        }
@@ -674,9 +723,6 @@ EXAMPLES:
    Pass auth token via query parameter
        ./feroxbuster -u http://127.1 --query token=0123456789ABCDEF

-    Find links in javascript/html and make additional requests based on results
-        ./feroxbuster -u http://127.1 --extract-links
-
    Ludicrous speed... go!
        ./feroxbuster -u http://127.1 --threads 200
        
--- a/src/progress.rs
+++ b/src/progress.rs
@@ -1,4 +1,6 @@
-use indicatif::{MultiProgress, ProgressBar, ProgressDrawTarget, ProgressStyle};
+use std::time::Duration;
+
+use indicatif::{HumanDuration, MultiProgress, ProgressBar, ProgressDrawTarget, ProgressStyle};
 use lazy_static::lazy_static;

 lazy_static! {
@@ -31,30 +33,68 @@ pub enum BarType {
 /// Add an [indicatif::ProgressBar](https://docs.rs/indicatif/latest/indicatif/struct.ProgressBar.html)
 /// to the global [PROGRESS_BAR](../config/struct.PROGRESS_BAR.html)
 pub fn add_bar(prefix: &str, length: u64, bar_type: BarType) -> ProgressBar {
-    let mut style = ProgressStyle::default_bar().progress_chars("#>-");
+    let mut style = ProgressStyle::default_bar()
+        .progress_chars("#>-")
+        .with_key(
+            "smoothed_per_sec",
+            |state: &indicatif::ProgressState, w: &mut dyn std::fmt::Write| match (
+                state.pos(),
+                state.elapsed().as_millis(),
+            ) {
+                // https://github.com/console-rs/indicatif/issues/394#issuecomment-1309971049
+                //
+                // indicatif released a change to how they reported eta/per_sec
+                // and the results looked really weird based on how we use the progress
+                // bars. this fixes that
+                (pos, elapsed_ms) if elapsed_ms > 0 => {
+                    write!(w, "{:.0}/s", pos as f64 * 1000_f64 / elapsed_ms as f64).unwrap()
+                }
+                _ => write!(w, "-").unwrap(),
+            },
+        )
+        .with_key(
+            "smoothed_eta",
+            |state: &indicatif::ProgressState, w: &mut dyn std::fmt::Write| match (
+                state.pos(),
+                state.len(),
+            ) {
+                (pos, Some(len)) => write!(
+                    w,
+                    "{:#}",
+                    HumanDuration(Duration::from_millis(
+                        (state.elapsed().as_millis()
+                            * ((len as u128).checked_sub(pos as u128).unwrap_or(1))
+                                .checked_div(pos as u128)
+                                .unwrap_or(1)) as u64
+                    ))
+                )
+                .unwrap(),
+                _ => write!(w, "-").unwrap(),
+            },
+        );

    style = match bar_type {
-        BarType::Hidden => style.template(""),
-        BarType::Default => style.template(
-            "[{bar:.cyan/blue}] - {elapsed:<4} {pos:>7}/{len:7} {per_sec:7} {prefix} {msg}",
-        ),
-        BarType::Message => style.template(&format!(
+        BarType::Hidden => style.template("").unwrap(),
+        BarType::Default => style
+            .template("[{bar:.cyan/blue}] - {elapsed:<4} {pos:>7}/{len:7} {smoothed_per_sec:7} {prefix} {msg}")
+            .unwrap(),
+        BarType::Message => style
+            .template(&format!(
            "[{{bar:.cyan/blue}}] - {{elapsed:<4}} {{pos:>7}}/{{len:7}} {:7} {{prefix}} {{msg}}",
            "-"
-        )),
-        BarType::Total => {
-            style.template("[{bar:.yellow/blue}] - {elapsed:<4} {pos:>7}/{len:7} {eta:7} {msg}")
-        }
-        BarType::Quiet => style.template("Scanning: {prefix}"),
+        ))
+            .unwrap(),
+        BarType::Total => style
+            .template("[{bar:.yellow/blue}] - {elapsed:<4} {pos:>7}/{len:7} {smoothed_eta:7} {msg}")
+            .unwrap(),
+        BarType::Quiet => style.template("Scanning: {prefix}").unwrap(),
    };

-    let progress_bar = PROGRESS_BAR.add(ProgressBar::new(length));
-
-    progress_bar.set_style(style);
-
-    progress_bar.set_prefix(prefix);
-
-    progress_bar
+    PROGRESS_BAR.add(
+        ProgressBar::new(length)
+            .with_style(style)
+            .with_prefix(prefix.to_string()),
+    )
 }

 #[cfg(test)]
--- a/src/response.rs
+++ b/src/response.rs
@@ -21,7 +21,7 @@ use crate::{
    event_handlers::{Command, Handles},
    traits::FeroxSerialize,
    url::FeroxUrl,
-    utils::{self, fmt_err, status_colorizer},
+    utils::{self, fmt_err, parse_url_with_raw_path, status_colorizer},
    CommandSender,
 };

@@ -140,7 +140,7 @@ impl FeroxResponse {

    /// Set `FeroxResponse`'s `url` attribute, has no affect if an error occurs
    pub fn set_url(&mut self, url: &str) {
-        match Url::parse(url) {
+        match parse_url_with_raw_path(url) {
            Ok(url) => {
                self.url = url;
            }
@@ -170,7 +170,8 @@ impl FeroxResponse {

    /// free the `text` data, reducing memory usage
    pub fn drop_text(&mut self) {
-        self.text = String::new();
+        self.text.clear(); // length is set to 0
+        self.text.shrink_to_fit(); // allocated capacity shrinks to reflect the new size
    }

    /// Make a reasonable guess at whether the response is a file or not
@@ -223,6 +224,14 @@ impl FeroxResponse {
            .with_context(|| "Could not parse body from response")
            .unwrap_or_default();

+        // in the event that the content_length was 0, we can try to get the length
+        // of the body we just parsed. At worst, it's still 0; at best we've accounted
+        // for sites that reply without a content-length header and yet still have
+        // contents in the body.
+        //
+        // thanks to twitter use @f3rn0s for pointing out the possibility
+        let content_length = content_length.max(text.len() as u64);
+
        let line_count = text.lines().count();
        let word_count = text.lines().map(|s| s.split_whitespace().count()).sum();

@@ -386,7 +395,14 @@ impl FeroxResponse {
    pub fn send_report(self, report_sender: CommandSender) -> Result<()> {
        log::trace!("enter: send_report({:?}", report_sender);

-        report_sender.send(Command::Report(Box::new(self)))?;
+        // there's no reason to send the response body across the mpsc
+        //
+        // the only possible reason is for filtering on the body, but both `send_report`
+        // calls are gated behind checks for `should_filter_response`
+        let mut me = self;
+        me.drop_text();
+
+        report_sender.send(Command::Report(Box::new(me)))?;

        log::trace!("exit: send_report");
        Ok(())
@@ -415,7 +431,18 @@ impl FeroxSerialize for FeroxResponse {
                    .get("Location")
                    .unwrap() // known Some() already
                    .to_str()
-                    .unwrap_or("Unknown");
+                    .unwrap_or("Unknown")
+                    .to_string();
+
+                let loc = if loc.starts_with('/') {
+                    if let Ok(joined) = self.url().join(&loc) {
+                        joined.to_string()
+                    } else {
+                        loc
+                    }
+                } else {
+                    loc
+                };

                // prettify the redirect target
                let loc = style(loc).yellow();
@@ -434,7 +461,7 @@ impl FeroxSerialize for FeroxResponse {

            // create the base message
            let mut message = format!(
-                "{} {:>8} {:>8}l {:>8}w {:>8}c Got {} for {} (url length: {})\n",
+                "{} {:>8} {:>8}l {:>8}w {:>8}c Got {} for {}\n",
                wild_status,
                method,
                lines,
@@ -442,7 +469,6 @@ impl FeroxSerialize for FeroxResponse {
                chars,
                status_colorizer(status),
                self.url(),
-                FeroxUrl::path_length_of_url(&self.url)
            );

            if self.status().is_redirection() {
@@ -459,15 +485,19 @@ impl FeroxSerialize for FeroxResponse {
            message
        } else {
            // not a wildcard, just create a normal entry
-            utils::create_report_string(
-                self.status.as_str(),
-                method,
-                &lines,
-                &words,
-                &chars,
-                &url_with_redirect,
-                self.output_level,
-            )
+            if matches!(self.output_level, OutputLevel::SilentJSON) {
+                self.as_json().unwrap_or_default()
+            } else {
+                utils::create_report_string(
+                    self.status.as_str(),
+                    method,
+                    &lines,
+                    &words,
+                    &chars,
+                    &url_with_redirect,
+                    self.output_level,
+                )
+            }
        }
    }

@@ -573,7 +603,7 @@ impl<'de> Deserialize<'de> for FeroxResponse {
            match key.as_str() {
                "url" => {
                    if let Some(url) = value.as_str() {
-                        if let Ok(parsed) = Url::parse(url) {
+                        if let Ok(parsed) = parse_url_with_raw_path(url) {
                            response.url = parsed;
                        }
                    }
--- a/src/scan_manager/menu.rs
+++ b/src/scan_manager/menu.rs
@@ -116,8 +116,8 @@ impl Menu {

        let padded_name = pad_str(&name, longest, Alignment::Center, None);

-        let header = format!("{}\n{}\n{}", border, padded_name, border);
-        let footer = format!("{}\n{}", commands, border);
+        let header = format!("{border}\n{padded_name}\n{border}");
+        let footer = format!("{commands}\n{border}");

        Self {
            header,
@@ -174,7 +174,7 @@ impl Menu {
            .to_string()
            .parse::<usize>()
            .unwrap_or_else(|e| {
-                self.println(&format!("Found non-numeric input: {}: {:?}", e, value));
+                self.println(&format!("Found non-numeric input: {e}: {value:?}"));
                0
            })
    }
@@ -198,7 +198,7 @@ impl Menu {

                if range.len() != 2 {
                    // expecting [1, 4] or similar, if a 0 was used, we'd be left with a vec of size 1
-                    self.println(&format!("Found invalid range of scans: {}", value));
+                    self.println(&format!("Found invalid range of scans: {value}"));
                    continue;
                }

@@ -210,10 +210,14 @@ impl Menu {
                    }
                });
            } else {
+                if value.is_empty() {
+                    continue;
+                }
+
                let value = self.str_to_usize(value);

-                if value != 0 && !nums.contains(&value) {
-                    // the zeroth scan is always skipped, skip already known values
+                if !nums.contains(&value) {
+                    // skip already known values
                    nums.push(value);
                }
            }
@@ -290,8 +294,7 @@ impl Menu {
    /// Given a url, confirm with user that we should cancel
    pub(super) fn confirm_cancellation(&self, url: &str) -> char {
        self.println(&format!(
-            "You sure you wanna cancel this scan: {}? [Y/n]",
-            url
+            "You sure you wanna cancel this scan: {url}? [Y/n]"
        ));

        self.term.read_char().unwrap_or('n')
--- a/src/scan_manager/mod.rs
+++ b/src/scan_manager/mod.rs
@@ -8,7 +8,7 @@ mod state;
 #[cfg(test)]
 mod tests;

-pub(self) use menu::Menu;
+use menu::Menu;
 pub use menu::{MenuCmd, MenuCmdResult};
 pub use order::ScanOrder;
 pub use response_container::FeroxResponses;
--- a/src/scan_manager/scan.rs
+++ b/src/scan_manager/scan.rs
@@ -39,11 +39,18 @@ pub struct FeroxScan {
    pub scan_type: ScanType,

    /// The order in which the scan was received
+    #[allow(dead_code)] // not entirely sure this isn't used somewhere
    pub(crate) scan_order: ScanOrder,

    /// Number of requests to populate the progress bar with
    pub(super) num_requests: u64,

+    /// Number of requests made so far, only used during deserialization
+    ///
+    /// serialization: saves self.requests() to this field
+    /// deserialization: sets self.requests_made_so_far to this field
+    pub(super) requests_made_so_far: u64,
+
    /// Status of this scan
    pub status: Mutex<ScanStatus>,

@@ -80,6 +87,7 @@ impl Default for FeroxScan {
            task: sync::Mutex::new(None), // tokio mutex
            status: Mutex::new(ScanStatus::default()),
            num_requests: 0,
+            requests_made_so_far: 0,
            scan_order: ScanOrder::Latest,
            url: String::new(),
            normalized_url: String::new(),
@@ -102,7 +110,7 @@ impl FeroxScan {

        match self.task.try_lock() {
            Ok(mut guard) => {
-                if let Some(task) = std::mem::replace(&mut *guard, None) {
+                if let Some(task) = guard.take() {
                    log::trace!("aborting {:?}", self);
                    task.abort();
                    self.set_status(ScanStatus::Cancelled)?;
@@ -122,6 +130,11 @@ impl FeroxScan {
        &self.url
    }

+    /// getter for number of requests made during previously saved scans (i.e. --resume-from used)
+    pub fn requests_made_so_far(&self) -> u64 {
+        self.requests_made_so_far
+    }
+
    /// small wrapper to set the JoinHandle
    pub async fn set_task(&self, task: JoinHandle<()>) -> Result<()> {
        let mut guard = self.task.lock().await;
@@ -141,7 +154,13 @@ impl FeroxScan {
    pub(super) fn stop_progress_bar(&self) {
        if let Ok(guard) = self.progress_bar.lock() {
            if guard.is_some() {
-                (*guard).as_ref().unwrap().finish_at_current_pos()
+                let pb = (*guard).as_ref().unwrap();
+
+                if pb.position() > self.num_requests {
+                    pb.finish()
+                } else {
+                    pb.abandon()
+                }
            }
        }
    }
@@ -156,12 +175,14 @@ impl FeroxScan {
                    let bar_type = match self.output_level {
                        OutputLevel::Default => BarType::Default,
                        OutputLevel::Quiet => BarType::Quiet,
-                        OutputLevel::Silent => BarType::Hidden,
+                        OutputLevel::Silent | OutputLevel::SilentJSON => BarType::Hidden,
                    };

                    let pb = add_bar(&self.url, self.num_requests, bar_type);
                    pb.reset_elapsed();

+                    pb.set_position(self.requests_made_so_far);
+
                    let _ = std::mem::replace(&mut *guard, Some(pb.clone()));

                    pb
@@ -173,7 +194,7 @@ impl FeroxScan {
                let bar_type = match self.output_level {
                    OutputLevel::Default => BarType::Default,
                    OutputLevel::Quiet => BarType::Quiet,
-                    OutputLevel::Silent => BarType::Hidden,
+                    OutputLevel::Silent | OutputLevel::SilentJSON => BarType::Hidden,
                };

                let pb = add_bar(&self.url, self.num_requests, bar_type);
@@ -233,13 +254,21 @@ impl FeroxScan {
        false
    }

+    /// small wrapper to inspect ScanStatus and see if it's Cancelled
+    pub fn is_cancelled(&self) -> bool {
+        if let Ok(guard) = self.status.lock() {
+            return matches!(*guard, ScanStatus::Cancelled);
+        }
+        false
+    }
+
    /// await a task's completion, similar to a thread's join; perform necessary bookkeeping
    pub async fn join(&self) {
        log::trace!("enter join({:?})", self);
        let mut guard = self.task.lock().await;

        if guard.is_some() {
-            if let Some(task) = std::mem::replace(&mut *guard, None) {
+            if let Some(task) = guard.take() {
                task.await.unwrap();
                self.set_status(ScanStatus::Complete)
                    .unwrap_or_else(|e| log::warn!("Could not mark scan complete: {}", e))
@@ -269,6 +298,7 @@ impl FeroxScan {
            PolicyTrigger::Status403 => self.status_403s(),
            PolicyTrigger::Status429 => self.status_429s(),
            PolicyTrigger::Errors => self.errors(),
+            PolicyTrigger::TryAdjustUp => 0,
        }
    }

@@ -345,6 +375,7 @@ impl Serialize for FeroxScan {
        state.serialize_field("scan_type", &self.scan_type)?;
        state.serialize_field("status", &self.status)?;
        state.serialize_field("num_requests", &self.num_requests)?;
+        state.serialize_field("requests_made_so_far", &self.requests())?;

        state.end()
    }
@@ -403,6 +434,11 @@ impl<'de> Deserialize<'de> for FeroxScan {
                        scan.num_requests = num_requests;
                    }
                }
+                "requests_made_so_far" => {
+                    if let Some(requests_made_so_far) = value.as_u64() {
+                        scan.requests_made_so_far = requests_made_so_far;
+                    }
+                }
                _ => {}
            }
        }
@@ -495,6 +531,7 @@ mod tests {
            scan_type: ScanType::Directory,
            scan_order: ScanOrder::Initial,
            num_requests: 0,
+            requests_made_so_far: 0,
            status: Mutex::new(ScanStatus::Running),
            task: Default::default(),
            progress_bar: Mutex::new(None),
--- a/src/scan_manager/scan_container.rs
+++ b/src/scan_manager/scan_container.rs
@@ -8,6 +8,7 @@ use crate::filters::{
 use crate::traits::FeroxFilter;
 use crate::Command::AddFilter;
 use crate::{
+    banner::Banner,
    config::OutputLevel,
    progress::PROGRESS_PRINTER,
    progress::{add_bar, BarType},
@@ -138,6 +139,15 @@ impl FeroxScans {
                    let mut deser_scan: FeroxScan =
                        serde_json::from_value(scan.clone()).unwrap_or_default();

+                    if deser_scan.is_cancelled() {
+                        // if the scan was cancelled by the user, mark it as complete. This will
+                        // prevent the scan from being resumed as well as prevent the wordlist
+                        // from requesting it again
+                        if let Ok(mut guard) = deser_scan.status.lock() {
+                            *guard = ScanStatus::Complete;
+                        }
+                    }
+
                    // FeroxScans gets -q value from config as usual; the FeroxScans themselves
                    // rely on that value being passed in. If the user starts a scan without -q
                    // and resumes the scan but adds -q, FeroxScan will not have the proper value
@@ -262,7 +272,7 @@ impl FeroxScans {
            for (idx, _) in &matches {
                for scan in guard.iter() {
                    let slice = url.index(0..*idx);
-                    if slice == scan.url || format!("{}/", slice).as_str() == scan.url {
+                    if slice == scan.url || format!("{slice}/").as_str() == scan.url {
                        log::trace!("enter: get_base_scan_by_url -> {}", scan);
                        return Some(scan.clone());
                    }
@@ -315,19 +325,21 @@ impl FeroxScans {
        let mut printed = 0;

        for (i, scan) in scans.iter().enumerate() {
-            if matches!(scan.scan_order, ScanOrder::Initial) || scan.task.try_lock().is_err() {
-                // original target passed in via either -u or --stdin
-                continue;
-            }
-
            if matches!(scan.scan_type, ScanType::Directory) {
                if printed == 0 {
                    self.menu
                        .println(&format!("{}:", style("Scans").bright().blue()));
                }
+
+                if let Ok(guard) = scan.status.lock() {
+                    if matches!(*guard, ScanStatus::Cancelled) {
+                        continue;
+                    }
+                }
+
                // we're only interested in displaying directory scans, as those are
                // the only ones that make sense to be stopped
-                let scan_msg = format!("{:3}: {}", i, scan);
+                let scan_msg = format!("{i:3}: {scan}");
                self.menu.println(&scan_msg);
                printed += 1;
            }
@@ -351,11 +363,18 @@ impl FeroxScans {
                    if num >= u_scans.len() {
                        // usize can't be negative, just need to handle exceeding bounds
                        self.menu
-                            .println(&format!("The number {} is not a valid choice.", num));
+                            .println(&format!("The number {num} is not a valid choice."));
                        sleep(menu_pause_duration);
                        continue;
                    }
-                    u_scans.index(num).clone()
+
+                    let selected = u_scans.index(num);
+
+                    if matches!(selected.scan_type, ScanType::File) {
+                        continue;
+                    }
+
+                    selected.clone()
                }
                Err(..) => continue,
            };
@@ -368,14 +387,13 @@ impl FeroxScans {

            if input == 'y' || input == '\n' {
                self.menu.println(&format!("Stopping {}...", selected.url));
-
                selected
                    .abort()
                    .await
                    .unwrap_or_else(|e| log::warn!("Could not cancel task: {}", e));

                let pb = selected.progress_bar();
-                num_cancelled += pb.length() as usize - pb.position() as usize
+                num_cancelled += pb.length().unwrap_or(0) as usize - pb.position() as usize;
            } else {
                self.menu.println("Ok, doing nothing...");
            }
@@ -441,8 +459,40 @@ impl FeroxScans {
        };

        self.menu.clear_screen();
+
+        let banner = Banner::new(&[handles.config.target_url.clone()], &handles.config);
+        banner
+            .print_to(&self.menu.term, handles.config.clone())
+            .unwrap_or_default();
+
        self.menu.show_progress_bars();

+        let has_active_scans = if let Ok(guard) = self.scans.read() {
+            guard.iter().any(|s| s.is_active())
+        } else {
+            // if we can't tell for sure, we'll let it ride
+            //
+            // i'm not sure which is the better option here:
+            // either return true and let it potentially hang, or
+            // return false and exit, so just going with not
+            // abruptly exiting for maybe no reason
+            true
+        };
+
+        if !has_active_scans {
+            // the last active scan was cancelled, so we can exit
+            self.menu.println(&format!(
+                " 😱 no more active scans... {}",
+                style("exiting").red()
+            ));
+
+            let (tx, rx) = tokio::sync::oneshot::channel::<bool>();
+            handles
+                .send_scan_command(Command::JoinTasks(tx))
+                .unwrap_or_default();
+            rx.await.unwrap_or_default();
+        }
+
        result
    }

@@ -466,7 +516,7 @@ impl FeroxScans {
        let bar_type = match self.output_level {
            OutputLevel::Default => BarType::Message,
            OutputLevel::Quiet => BarType::Quiet,
-            OutputLevel::Silent => return Ok(()), // fast exit when --silent was used
+            OutputLevel::Silent | OutputLevel::SilentJSON => return Ok(()), // fast exit when --silent was used
        };

        if let Ok(scans) = self.scans.read() {
@@ -559,7 +609,7 @@ impl FeroxScans {
                let bar_type = match self.output_level {
                    OutputLevel::Default => BarType::Default,
                    OutputLevel::Quiet => BarType::Quiet,
-                    OutputLevel::Silent => BarType::Hidden,
+                    OutputLevel::Silent | OutputLevel::SilentJSON => BarType::Hidden,
                };

                let progress_bar = add_bar(url, bar_length, bar_type);
--- a/src/scan_manager/state.rs
+++ b/src/scan_manager/state.rs
@@ -58,7 +58,7 @@ impl FeroxState {
 impl FeroxSerialize for FeroxState {
    /// Simply return debug format of FeroxState to satisfy as_str
    fn as_str(&self) -> String {
-        format!("{:?}", self)
+        format!("{self:?}")
    }

    /// Simple call to produce a JSON string using the given FeroxState
--- a/src/scan_manager/tests.rs
+++ b/src/scan_manager/tests.rs
@@ -10,7 +10,7 @@ use crate::{
    scanner::RESPONSES,
    statistics::Stats,
    traits::FeroxSerialize,
-    SIMILARITY_THRESHOLD, SLEEP_DURATION, VERSION,
+    SLEEP_DURATION, VERSION,
 };
 use indicatif::ProgressBar;
 use predicates::prelude::*;
@@ -72,7 +72,7 @@ fn add_url_to_list_of_scanned_urls_with_known_url() {
        url,
        ScanType::Directory,
        ScanOrder::Latest,
-        pb.length(),
+        pb.length().unwrap(),
        OutputLevel::Default,
        Some(pb),
    );
@@ -94,7 +94,7 @@ fn stop_progress_bar_stops_bar() {
        url,
        ScanType::Directory,
        ScanOrder::Latest,
-        pb.length(),
+        pb.length().unwrap(),
        OutputLevel::Default,
        Some(pb),
    );
@@ -152,7 +152,7 @@ async fn call_display_scans() {
        url,
        ScanType::Directory,
        ScanOrder::Latest,
-        pb.length(),
+        pb.length().unwrap(),
        OutputLevel::Default,
        Some(pb),
    );
@@ -160,7 +160,7 @@ async fn call_display_scans() {
        url_two,
        ScanType::Directory,
        ScanOrder::Latest,
-        pb_two.length(),
+        pb_two.length().unwrap(),
        OutputLevel::Default,
        Some(pb_two),
    );
@@ -202,6 +202,7 @@ fn partial_eq_compares_the_id_field() {

    assert!(!scan.eq(&scan_two));

+    #[allow(clippy::redundant_clone)]
    let scan_two = scan.clone();

    assert!(scan.eq(&scan_two));
@@ -224,7 +225,7 @@ fn ferox_scan_get_progress_bar_when_none_is_set() {
 /// given a JSON entry representing a FeroxScan, test that it deserializes into the proper type
 /// with the right attributes
 fn ferox_scan_deserialize() {
-    let fs_json = r#"{"id":"057016a14769414aac9a7a62707598cb","url":"https://spiritanimal.com","scan_type":"Directory","status":"Complete"}"#;
+    let fs_json = r#"{"id":"057016a14769414aac9a7a62707598cb","url":"https://spiritanimal.com","scan_type":"Directory","status":"Complete","requests_made_so_far":500}"#;
    let fs_json_two = r#"{"id":"057016a14769414aac9a7a62707598cb","url":"https://spiritanimal.com","scan_type":"Not Correct","status":"Cancelled"}"#;
    let fs_json_three = r#"{"id":"057016a14769414aac9a7a62707598cb","url":"https://spiritanimal.com","scan_type":"Not Correct","status":"","num_requests":42}"#;

@@ -246,9 +247,13 @@ fn ferox_scan_deserialize() {
        ScanType::File => {}
    }

-    match *fs.progress_bar.lock().unwrap() {
-        None => {}
-        Some(_) => {
+    match fs.progress_bar.lock() {
+        Ok(guard) => {
+            if guard.is_some() {
+                panic!();
+            }
+        }
+        Err(_) => {
            panic!();
        }
    }
@@ -277,7 +282,7 @@ fn ferox_scan_serialize() {
        None,
    );
    let fs_json = format!(
-        r#"{{"id":"{}","url":"https://spiritanimal.com","normalized_url":"https://spiritanimal.com/","scan_type":"Directory","status":"NotStarted","num_requests":0}}"#,
+        r#"{{"id":"{}","url":"https://spiritanimal.com","normalized_url":"https://spiritanimal.com/","scan_type":"Directory","status":"NotStarted","num_requests":0,"requests_made_so_far":0}}"#,
        fs.id
    );
    assert_eq!(fs_json, serde_json::to_string(&*fs).unwrap());
@@ -296,7 +301,7 @@ fn ferox_scans_serialize() {
    );
    let ferox_scans = FeroxScans::default();
    let ferox_scans_json = format!(
-        r#"[{{"id":"{}","url":"https://spiritanimal.com","normalized_url":"https://spiritanimal.com/","scan_type":"Directory","status":"NotStarted","num_requests":0}}]"#,
+        r#"[{{"id":"{}","url":"https://spiritanimal.com","normalized_url":"https://spiritanimal.com/","scan_type":"Directory","status":"NotStarted","num_requests":0,"requests_made_so_far":0}}]"#,
        ferox_scan.id
    );
    ferox_scans.scans.write().unwrap().push(ferox_scan);
@@ -317,7 +322,7 @@ fn ferox_responses_serialize() {
    // responses has a response now

    // serialized should be a list of responses
-    let expected = format!("[{}]", json_response);
+    let expected = format!("[{json_response}]");

    let serialized = serde_json::to_string(&responses).unwrap();
    assert_eq!(expected, serialized);
@@ -399,8 +404,7 @@ fn feroxstates_feroxserialize_implementation() {
        .unwrap();
    filters
        .push(Box::new(SimilarityFilter {
-            hash: "3:YKEpn:Yfp".to_string(),
-            threshold: SIMILARITY_THRESHOLD,
+            hash: 1,
            original_url: "http://localhost:12345/".to_string(),
        }))
        .unwrap();
@@ -426,11 +430,11 @@ fn feroxstates_feroxserialize_implementation() {

    let json_state = ferox_state.as_json().unwrap();

-    println!("echo '{}'|jq", json_state); // for debugging, if the test fails, can see what's going on
+    println!("echo '{json_state}'|jq"); // for debugging, if the test fails, can see what's going on

    for expected in [
        r#""scans""#,
-        &format!(r#""id":"{}""#, saved_id),
+        &format!(r#""id":"{saved_id}""#),
        r#""url":"https://spiritanimal.com""#,
        r#""scan_type":"Directory""#,
        r#""status":"NotStarted""#,
@@ -442,8 +446,8 @@ fn feroxstates_feroxserialize_implementation() {
        r#""proxy":"""#,
        r#""replay_proxy":"""#,
        r#""target_url":"""#,
-        r#""status_codes":[200,204,301,302,307,308,401,403,405,500]"#,
-        r#""replay_codes":[200,204,301,302,307,308,401,403,405,500]"#,
+        r#""status_codes":[100,101,102,200,201,202,203,204,205,206,207,208,226,300,301,302,303,304,305,307,308,400,401,402,403,404,405,406,407,408,409,410,411,412,413,414,415,416,417,418,421,422,423,424,426,428,429,431,451,500,501,502,503,504,505,506,507,508,510,511,103,425]"#,
+        r#""replay_codes":[100,101,102,200,201,202,203,204,205,206,207,208,226,300,301,302,303,304,305,307,308,400,401,402,403,404,405,406,407,408,409,410,411,412,413,414,415,416,417,418,421,422,423,424,426,428,429,431,451,500,501,502,503,504,505,506,507,508,510,511,103,425]"#,
        r#""filter_status":[]"#,
        r#""threads":50"#,
        r#""timeout":7"#,
@@ -456,7 +460,7 @@ fn feroxstates_feroxserialize_implementation() {
        r#""json":false"#,
        r#""output":"""#,
        r#""debug_log":"""#,
-        &format!(r#""user_agent":"feroxbuster/{}""#, VERSION),
+        &format!(r#""user_agent":"feroxbuster/{VERSION}""#),
        r#""random_agent":false"#,
        r#""redirects":false"#,
        r#""insecure":false"#,
@@ -466,7 +470,7 @@ fn feroxstates_feroxserialize_implementation() {
        r#""headers""#,
        r#""queries":[]"#,
        r#""no_recursion":false"#,
-        r#""extract_links":false"#,
+        r#""extract_links":true"#,
        r#""add_slash":false"#,
        r#""stdin":false"#,
        r#""depth":4"#,
@@ -486,6 +490,9 @@ fn feroxstates_feroxserialize_implementation() {
        r#""url_denylist":[]"#,
        r#""responses""#,
        r#""type":"response""#,
+        r#""client_cert":"""#,
+        r#""client_key":"""#,
+        r#""server_certs":[]"#,
        r#""url":"https://nerdcore.com/css""#,
        r#""path":"/css""#,
        r#""wildcard":true"#,
@@ -499,7 +506,7 @@ fn feroxstates_feroxserialize_implementation() {
        r#""collect_extensions":true"#,
        r#""collect_backups":false"#,
        r#""collect_words":false"#,
-        r#""filters":[{"filter_code":100},{"word_count":200},{"content_length":300},{"line_count":400},{"compiled":".*","raw_string":".*"},{"hash":"3:YKEpn:Yfp","threshold":95,"original_url":"http://localhost:12345/"}]"#,
+        r#""filters":[{"filter_code":100},{"word_count":200},{"content_length":300},{"line_count":400},{"compiled":".*","raw_string":".*"},{"hash":1,"original_url":"http://localhost:12345/"}]"#,
        r#""collected_extensions":["php"]"#,
        r#""dont_collect":["tif","tiff","ico","cur","bmp","webp","svg","png","jpg","jpeg","jfif","gif","avif","apng","pjpeg","pjp","mov","wav","mpg","mpeg","mp3","mp4","m4a","m4p","m4v","ogg","webm","ogv","oga","flac","aac","3gp","css","zip","xls","xml","gz","tgz"]"#,
    ]
@@ -560,6 +567,7 @@ fn feroxscan_display() {
        scan_order: ScanOrder::Latest,
        scan_type: Default::default(),
        num_requests: 0,
+        requests_made_so_far: 0,
        start_time: Instant::now(),
        output_level: OutputLevel::Default,
        status_403s: Default::default(),
@@ -570,26 +578,26 @@ fn feroxscan_display() {
        errors: Default::default(),
    };

-    let not_started = format!("{}", scan);
+    let not_started = format!("{scan}");

    assert!(predicate::str::contains("not started")
        .and(predicate::str::contains("localhost"))
        .eval(&not_started));

    scan.set_status(ScanStatus::Complete).unwrap();
-    let complete = format!("{}", scan);
+    let complete = format!("{scan}");
    assert!(predicate::str::contains("complete")
        .and(predicate::str::contains("localhost"))
        .eval(&complete));

    scan.set_status(ScanStatus::Cancelled).unwrap();
-    let cancelled = format!("{}", scan);
+    let cancelled = format!("{scan}");
    assert!(predicate::str::contains("cancelled")
        .and(predicate::str::contains("localhost"))
        .eval(&cancelled));

    scan.set_status(ScanStatus::Running).unwrap();
-    let running = format!("{}", scan);
+    let running = format!("{scan}");
    assert!(predicate::str::contains("running")
        .and(predicate::str::contains("localhost"))
        .eval(&running));
@@ -605,6 +613,7 @@ async fn ferox_scan_abort() {
        scan_order: ScanOrder::Latest,
        scan_type: Default::default(),
        num_requests: 0,
+        requests_made_so_far: 0,
        start_time: Instant::now(),
        output_level: OutputLevel::Default,
        status_403s: Default::default(),
@@ -636,10 +645,7 @@ fn menu_print_header_and_footer() {
    let menu_cmd_2 = MenuCmd::Cancel(vec![0], false);
    let menu_cmd_res_1 = MenuCmdResult::Url(String::from("http://localhost"));
    let menu_cmd_res_2 = MenuCmdResult::NumCancelled(2);
-    println!(
-        "{:?}{:?}{:?}{:?}",
-        menu_cmd_1, menu_cmd_2, menu_cmd_res_1, menu_cmd_res_2
-    );
+    println!("{menu_cmd_1:?}{menu_cmd_2:?}{menu_cmd_res_1:?}{menu_cmd_res_2:?}");
    menu.clear_screen();
    menu.print_header();
    menu.print_footer();
@@ -656,9 +662,9 @@ fn menu_get_command_input_from_user_returns_cancel() {
        let force = idx % 2 == 0;

        let full_cmd = if force {
-            format!("{} -f {}\n", cmd, idx)
+            format!("{cmd} -f {idx}\n")
        } else {
-            format!("{} {}\n", cmd, idx)
+            format!("{cmd} {idx}\n")
        };

        let result = menu.get_command_input_from_user(&full_cmd).unwrap();
@@ -666,11 +672,7 @@ fn menu_get_command_input_from_user_returns_cancel() {
        assert!(matches!(result, MenuCmd::Cancel(_, _)));

        if let MenuCmd::Cancel(canx_list, ret_force) = result {
-            if idx == 0 {
-                assert!(canx_list.is_empty());
-            } else {
-                assert_eq!(canx_list, vec![idx]);
-            }
+            assert_eq!(canx_list, vec![idx]);
            assert_eq!(force, ret_force);
        }
    }
@@ -683,7 +685,7 @@ fn menu_get_command_input_from_user_returns_add() {

    for cmd in ["add", "Addd", "a", "A", "None"] {
        let test_url = "http://happyfuntimes.commmm";
-        let full_cmd = format!("{} {}\n", cmd, test_url);
+        let full_cmd = format!("{cmd} {test_url}\n");

        if cmd != "None" {
            let result = menu.get_command_input_from_user(&full_cmd).unwrap();
--- a/src/scan_manager/utils.rs
+++ b/src/scan_manager/utils.rs
@@ -41,7 +41,7 @@ pub async fn start_max_time_thread(handles: Arc<Handles>) {
        log::trace!("exit: start_max_time_thread");

        #[cfg(test)]
-        panic!("{:?}", handles);
+        panic!("{handles:?}");
        #[cfg(not(test))]
        let _ = TermInputHandler::sigint_handler(handles.clone());
    }
--- a/src/scanner/ferox_scanner.rs
+++ b/src/scanner/ferox_scanner.rs
@@ -10,6 +10,7 @@ use lazy_static::lazy_static;
 use tokio::sync::Semaphore;

 use crate::filters::{create_similarity_filter, EmptyFilter, SimilarityFilter};
+use crate::heuristics::WildcardResult;
 use crate::Command::AddFilter;
 use crate::{
    event_handlers::{
@@ -182,6 +183,7 @@ impl FeroxScanner {
                    Err(e) => {
                        log::warn!("error awaiting a response: {}", e);
                        self.handles.stats.send(AddError(Other)).unwrap_or_default();
+                        std::process::exit(1);
                    }
                }
            });
@@ -201,6 +203,9 @@ impl FeroxScanner {
        log::info!("Starting scan against: {}", self.target_url);

        let mut scan_timer = Instant::now();
+        // every time we extract links we'll need to await the task to make sure
+        // it completes before the scan ends
+        let mut extraction_tasks = Vec::new();

        if self.handles.config.extract_links && matches!(self.order, ScanOrder::Initial) {
            // check for robots.txt (cannot be in sub-directories, so limited to Initial)
@@ -211,7 +216,7 @@ impl FeroxScanner {
                .build()?;

            let result = extractor.extract().await?;
-            extractor.request_links(result).await?;
+            extraction_tasks.push(extractor.request_links(result).await?)
        }

        let scanned_urls = self.handles.ferox_scans()?;
@@ -243,59 +248,87 @@ impl FeroxScanner {
        }

        {
-            // heuristics test block
+            // heuristics test block:
            let test = heuristics::HeuristicTests::new(self.handles.clone());

-            if let Ok(num_reqs) = test.wildcard(&self.target_url).await {
-                progress_bar.inc(num_reqs);
-            }
+            if let Ok(Some(dirlist_result)) = test.directory_listing(&self.target_url).await {
+                // at this point, we have a DirListingType, and it's not the None variant
+                // which means we found directory listing based on the heuristic; now we need
+                // to process the links that are available if --extract-links was used

-            if let Ok(dirlist_result) = test.directory_listing(&self.target_url).await {
-                if dirlist_result.is_some() {
-                    let dirlist_result = dirlist_result.unwrap();
-                    // at this point, we have a DirListingType, and it's not the None variant
-                    // which means we found directory listing based on the heuristic; now we need
-                    // to process the links that are available if --extract-links was used
+                if self.handles.config.extract_links {
+                    let mut extractor = ExtractorBuilder::default()
+                        .response(&dirlist_result.response)
+                        .target(ExtractionTarget::DirectoryListing)
+                        .url(&self.target_url)
+                        .handles(self.handles.clone())
+                        .build()?;

-                    if self.handles.config.extract_links {
-                        let mut extractor = ExtractorBuilder::default()
-                            .response(&dirlist_result.response)
-                            .target(ExtractionTarget::DirectoryListing)
-                            .url(&self.target_url)
-                            .handles(self.handles.clone())
-                            .build()?;
+                    let result = extractor.extract_from_dir_listing().await?;

-                        let result = extractor.extract_from_dir_listing().await?;
+                    extraction_tasks.push(extractor.request_links(result).await?);

-                        extractor.request_links(result).await?;
+                    log::trace!("exit: scan_url -> Directory listing heuristic");

-                        log::trace!("exit: scan_url -> Directory listing heuristic");
+                    self.handles.stats.send(AddToF64Field(
+                        DirScanTimes,
+                        scan_timer.elapsed().as_secs_f64(),
+                    ))?;

-                        self.handles.stats.send(AddToF64Field(
-                            DirScanTimes,
-                            scan_timer.elapsed().as_secs_f64(),
-                        ))?;
+                    self.handles.stats.send(SubtractFromUsizeField(
+                        TotalExpected,
+                        progress_bar.length().unwrap_or(0) as usize,
+                    ))?;
+                }

-                        self.handles.stats.send(SubtractFromUsizeField(
-                            TotalExpected,
-                            progress_bar.length() as usize,
-                        ))?;
-                    }
+                let mut message = format!("=> {}", style("Directory listing").blue().bright());

-                    let mut message = format!("=> {}", style("Directory listing").blue().bright());
+                if !self.handles.config.extract_links {
+                    write!(
+                        message,
+                        " (remove {} to scan)",
+                        style("--dont-extract-links").bright().yellow()
+                    )?;
+                }

-                    if !self.handles.config.extract_links {
-                        write!(message, " (add {} to scan)", style("-e").bright().yellow())?;
+                if !self.handles.config.force_recursion {
+                    for handle in extraction_tasks.into_iter().flatten() {
+                        _ = handle.await;
                    }

                    progress_bar.reset_eta();
-                    progress_bar.finish_with_message(&message);
+                    progress_bar.finish_with_message(message);

                    ferox_scan.finish()?;

-                    return Ok(());
+                    return Ok(()); // nothing left to do if we found a dir listing
                }
            }
+
+            // now that we haven't found a directory listing, we'll attempt to derive whatever
+            // the server is using to respond to resources that don't exist (could be a
+            // traditional 404, or a custom response)
+            //
+            // `detect_404_like_responses` will make the requests that the wildcard test used to
+            // perform pre-2.8 in addition to new detection techniques, superseding the old
+            // wildcard test
+            let num_reqs_made = test.detect_404_like_responses(&self.target_url).await?;
+
+            match num_reqs_made {
+                Some(WildcardResult::WildcardDirectory(num_reqs)) => {
+                    let message = format!(
+                        "=> {} dir! {} recursion",
+                        style("Wildcard").blue().bright(),
+                        style("stopped").red()
+                    );
+                    progress_bar.set_message(message);
+                    progress_bar.inc(num_reqs as u64);
+                }
+                Some(WildcardResult::FourOhFourLike(num_reqs)) => {
+                    progress_bar.inc(num_reqs as u64);
+                }
+                _ => {}
+            }
        }

        // Arc clones to be passed around to the various scans
@@ -315,7 +348,7 @@ impl FeroxScanner {
            let new_words = TF_IDF.read().unwrap().all_words();
            let new_words_len = new_words.len();

-            let cur_length = progress_bar.length();
+            let cur_length = progress_bar.length().unwrap_or(0);
            let new_length = cur_length + new_words_len as u64;

            progress_bar.set_length(new_length);
@@ -328,7 +361,7 @@ impl FeroxScanner {
            log::info!(
                "requesting {} collected words: {:?}...",
                new_words_len,
-                &new_words[..new_words_len.min(3) as usize]
+                &new_words[..new_words_len.min(3)]
            );

            self.stream_requests(
@@ -345,6 +378,10 @@ impl FeroxScanner {
            scan_timer.elapsed().as_secs_f64(),
        ))?;

+        for handle in extraction_tasks.into_iter().flatten() {
+            _ = handle.await;
+        }
+
        ferox_scan.finish()?;

        log::trace!("exit: scan_url");
--- a/src/scanner/limit_heap.rs
+++ b/src/scanner/limit_heap.rs
@@ -41,7 +41,7 @@ impl Debug for LimitHeap {
            "LimitHeap {{ original: {}, current: {}, inner: [{}...] }}",
            self.original, self.current, self.inner[0]
        );
-        write!(f, "{}", msg)
+        write!(f, "{msg}")
    }
 }

--- a/src/scanner/policy_data.rs
+++ b/src/scanner/policy_data.rs
@@ -84,10 +84,6 @@ impl PolicyData {
                    if heap.has_parent() && heap.parent_value() > current {
                        // all nodes except 0th node (root)
                        heap.move_up();
-                    } else if !heap.has_parent() {
-                        // been here enough that we can try resuming the scan to its original
-                        // speed (no limiting at all)
-                        atomic_store!(self.remove_limit, true);
                    }
                }
            } else if heap.has_children() {
@@ -103,6 +99,12 @@ impl PolicyData {
                    heap.move_up();
                }
            }
+
+            if !heap.has_parent() {
+                // been here enough that we can try resuming the scan to its original
+                // speed (no limiting at all)
+                atomic_store!(self.remove_limit, true);
+            }
            self.set_limit(heap.value() as usize);
        }
    }
--- a/src/scanner/requester.rs
+++ b/src/scanner/requester.rs
@@ -1,10 +1,15 @@
 use std::{
    cmp::max,
    collections::HashSet,
-    sync::{self, atomic::Ordering, Arc, Mutex},
+    sync::{
+        self,
+        atomic::{AtomicBool, Ordering},
+        Arc, Mutex,
+    },
 };

 use anyhow::Result;
+use console::style;
 use lazy_static::lazy_static;
 use leaky_bucket::RateLimiter;
 use tokio::{
@@ -64,6 +69,8 @@ pub(super) struct Requester {
    /// seen; this will satisfy the non-mut self constraint (due to us being behind an Arc, and
    /// the need for a counter)
    tuning_lock: Mutex<usize>,
+
+    policy_triggered: AtomicBool,
 }

 /// Requester implementation
@@ -91,6 +98,7 @@ impl Requester {
            handles: scanner.handles.clone(),
            target_url: scanner.target_url.to_owned(),
            tuning_lock: Mutex::new(0),
+            policy_triggered: AtomicBool::new(false),
        })
    }

@@ -118,6 +126,7 @@ impl Requester {
        atomic_store!(self.policy_data.cooling_down, true, Ordering::SeqCst);

        sleep(Duration::from_millis(self.policy_data.wait_time)).await;
+        self.ferox_scan.progress_bar().set_message("");

        atomic_store!(self.policy_data.cooling_down, false, Ordering::SeqCst);
    }
@@ -203,18 +212,34 @@ impl Requester {
                *guard = 0; // reset streak counter to 0
                if atomic_load!(self.policy_data.errors) != 0 {
                    self.policy_data.adjust_down();
+
+                    let styled_direction = style("reduced").red();
+
+                    self.ferox_scan
+                        .progress_bar()
+                        .set_message(format!("=> 🚦 {styled_direction} scan speed",));
                }
                self.policy_data.set_errors(scan_errors);
            } else {
                // errors can only be incremented, so an else is sufficient
                *guard += 1;
+
                self.policy_data.adjust_up(&guard);
+
+                let styled_direction = style("increased").green();
+
+                self.ferox_scan
+                    .progress_bar()
+                    .set_message(format!("=> 🚦 {styled_direction} scan speed",));
            }
        }

        if atomic_load!(self.policy_data.remove_limit) {
            self.set_rate_limiter(None).await?;
            atomic_store!(self.policy_data.remove_limit, false);
+            self.ferox_scan
+                .progress_bar()
+                .set_message("=> 🚦 removed rate limiter 🚀");
        } else if create_limiter {
            // create_limiter is really just used for unit testing situations, it's true anytime
            // during actual execution
@@ -253,8 +278,15 @@ impl Requester {
            let reqs_sec = self.ferox_scan.requests_per_second() as usize;
            self.policy_data.set_reqs_sec(reqs_sec);

+            // set the flag to indicate that we have triggered the rate limiter
+            // at least once
+            atomic_store!(self.policy_triggered, true);
+
            let new_limit = self.policy_data.get_limit();
            self.set_rate_limiter(Some(new_limit)).await?;
+            self.ferox_scan
+                .progress_bar()
+                .set_message(format!("=> 🚦 set rate limit ({new_limit}/s)"));
        }

        self.adjust_limit(trigger, true).await?;
@@ -289,7 +321,15 @@ impl Requester {

            // figure out how many requests are skipped as a result
            let pb = self.ferox_scan.progress_bar();
-            let num_skipped = pb.length().saturating_sub(pb.position()) as usize;
+            let num_skipped = pb.length().unwrap_or(0).saturating_sub(pb.position()) as usize;
+
+            let styled_trigger = style(format!("{trigger:?}")).red();
+
+            pb.set_message(format!(
+                "=> 💀 too many {} ({}) 💀 bailing",
+                styled_trigger,
+                self.ferox_scan.num_errors(trigger),
+            ));

            // update the overall scan bar by subtracting the number of skipped requests from
            // the total
@@ -357,6 +397,9 @@ impl Requester {
                        RequesterPolicy::AutoTune => {
                            if let Some(trigger) = self.should_enforce_policy() {
                                self.tune(trigger).await?;
+                            } else if atomic_load!(self.policy_triggered) {
+                                self.adjust_limit(PolicyTrigger::TryAdjustUp, true).await?;
+                                self.cool_down().await;
                            }
                        }
                        RequesterPolicy::AutoBail => {
@@ -432,12 +475,13 @@ impl Requester {

                if self.handles.config.collect_words {
                    if let Ok(mut guard) = TF_IDF.write() {
-                        let doc = Document::from_html(ferox_response.text());
-                        guard.add_document(doc);
-                        if guard.num_documents() % 12 == 0
-                            || (guard.num_documents() < 5 && guard.num_documents() % 2 == 0)
-                        {
-                            guard.calculate_tf_idf_scores();
+                        if let Some(doc) = Document::from_html(ferox_response.text()) {
+                            guard.add_document(doc);
+                            if guard.num_documents() % 12 == 0
+                                || (guard.num_documents() < 5 && guard.num_documents() % 2 == 0)
+                            {
+                                guard.calculate_tf_idf_scores();
+                            }
                        }
                    }
                }
@@ -447,6 +491,7 @@ impl Requester {
                        .target(ExtractionTarget::ResponseBody)
                        .response(&ferox_response)
                        .handles(self.handles.clone())
+                        .url(self.ferox_scan.url())
                        .build()?;

                    let new_links: HashSet<_>;
@@ -470,7 +515,11 @@ impl Requester {
                    }

                    if !new_links.is_empty() {
-                        extractor.request_links(new_links).await?;
+                        let extraction_task = extractor.request_links(new_links).await?;
+
+                        if let Some(task) = extraction_task {
+                            _ = task.await;
+                        }
                    }
                }

@@ -548,7 +597,7 @@ mod tests {
        let scans = handles.ferox_scans().unwrap();

        for _ in 0..num_errors {
-            scans.increment_error(format!("{}/", url).as_str());
+            scans.increment_error(format!("{url}/").as_str());
        }
    }

@@ -561,7 +610,7 @@ mod tests {
    ) {
        let scans = handles.ferox_scans().unwrap();
        for _ in 0..num_errors {
-            scans.increment_status_code(format!("{}/", url).as_str(), code);
+            scans.increment_status_code(format!("{url}/").as_str(), code);
        }
    }

@@ -627,6 +676,7 @@ mod tests {
            PolicyTrigger::Errors => {
                increment_scan_errors(handles.clone(), url, num_errors).await;
            }
+            _ => {}
        }

        assert_eq!(scan.num_errors(trigger), num_errors);
@@ -647,6 +697,7 @@ mod tests {
            ferox_scan: Arc::new(FeroxScan::default()),
            rate_limiter: RwLock::new(None),
            policy_data: Default::default(),
+            policy_triggered: AtomicBool::new(false),
        };

        let ferox_scan = Arc::new(FeroxScan::default());
@@ -675,6 +726,7 @@ mod tests {
            target_url: "http://localhost".to_string(),
            rate_limiter: RwLock::new(None),
            policy_data: Default::default(),
+            policy_triggered: AtomicBool::new(false),
        };

        increment_errors(requester.handles.clone(), ferox_scan.clone(), 25).await;
@@ -700,6 +752,7 @@ mod tests {
            target_url: "http://localhost".to_string(),
            rate_limiter: RwLock::new(None),
            policy_data: Default::default(),
+            policy_triggered: AtomicBool::new(false),
        };

        increment_status_codes(
@@ -740,6 +793,7 @@ mod tests {
            target_url: "http://localhost".to_string(),
            rate_limiter: RwLock::new(None),
            policy_data: Default::default(),
+            policy_triggered: AtomicBool::new(false),
        };

        increment_status_codes(
@@ -795,6 +849,7 @@ mod tests {
            target_url: "http://one/one/stuff.php".to_string(),
            rate_limiter: RwLock::new(None),
            policy_data: Default::default(),
+            policy_triggered: AtomicBool::new(false),
        };

        requester.bail(PolicyTrigger::Errors).await.unwrap();
@@ -829,6 +884,7 @@ mod tests {
            target_url: "http://one/one/stuff.php".to_string(),
            rate_limiter: RwLock::new(None),
            policy_data: Default::default(),
+            policy_triggered: AtomicBool::new(false),
        };

        let result = requester.bail(PolicyTrigger::Status403).await;
@@ -851,6 +907,7 @@ mod tests {
            target_url: "http://localhost".to_string(),
            rate_limiter: RwLock::new(None),
            policy_data: Default::default(),
+            policy_triggered: AtomicBool::new(false),
        };

        requester
@@ -874,6 +931,7 @@ mod tests {
            target_url: "http://localhost".to_string(),
            rate_limiter: RwLock::new(None),
            policy_data: PolicyData::new(RequesterPolicy::AutoBail, 7),
+            policy_triggered: AtomicBool::new(false),
        });

        let start = Instant::now();
@@ -904,6 +962,7 @@ mod tests {
            target_url: "http://localhost".to_string(),
            rate_limiter: RwLock::new(None),
            policy_data: PolicyData::new(RequesterPolicy::AutoBail, 7),
+            policy_triggered: AtomicBool::new(false),
        };

        requester.policy_data.set_reqs_sec(400);
@@ -942,6 +1001,7 @@ mod tests {
            target_url: "http://localhost".to_string(),
            rate_limiter: RwLock::new(Some(limiter)),
            policy_data: PolicyData::new(RequesterPolicy::AutoBail, 7),
+            policy_triggered: AtomicBool::new(false),
        };

        requester.policy_data.set_reqs_sec(400);
@@ -979,6 +1039,7 @@ mod tests {
            target_url: "http://localhost".to_string(),
            rate_limiter: RwLock::new(None),
            policy_data: PolicyData::new(RequesterPolicy::AutoBail, 7),
+            policy_triggered: AtomicBool::new(false),
        };

        requester.policy_data.set_reqs_sec(400);
@@ -1007,6 +1068,7 @@ mod tests {
            target_url: "http://localhost".to_string(),
            rate_limiter: RwLock::new(None),
            policy_data: PolicyData::new(RequesterPolicy::AutoBail, 7),
+            policy_triggered: AtomicBool::new(false),
        };

        assert!(!requester.too_many_status_errors(PolicyTrigger::Errors));
@@ -1050,6 +1112,7 @@ mod tests {
            target_url: "http://localhost".to_string(),
            rate_limiter: RwLock::new(Some(limiter)),
            policy_data: PolicyData::new(RequesterPolicy::AutoBail, 7),
+            policy_triggered: AtomicBool::new(false),
        };

        requester.set_rate_limiter(Some(200)).await.unwrap();
@@ -1093,6 +1156,7 @@ mod tests {
            target_url: "http://localhost".to_string(),
            rate_limiter: RwLock::new(Some(limiter)),
            policy_data: PolicyData::new(RequesterPolicy::AutoTune, 4),
+            policy_triggered: AtomicBool::new(false),
        };

        let start = Instant::now();
--- a/src/scanner/utils.rs
+++ b/src/scanner/utils.rs
@@ -9,4 +9,7 @@ pub enum PolicyTrigger {

    /// excessive general errors
    Errors,
+
+    /// dummy error for upward rate adjustment
+    TryAdjustUp,
 }
--- a/src/statistics/container.rs
+++ b/src/statistics/container.rs
@@ -667,8 +667,8 @@ impl Stats {
    ///
    /// This is only ever called when resuming a scan from disk
    pub fn merge_from(&self, filename: &str) -> Result<()> {
-        let file = File::open(filename)
-            .with_context(|| fmt_err(&format!("Could not open {}", filename)))?;
+        let file =
+            File::open(filename).with_context(|| fmt_err(&format!("Could not open {filename}")))?;
        let reader = BufReader::new(file);
        let state: serde_json::Value = serde_json::from_reader(reader)?;

--- a/src/statistics/tests.rs
+++ b/src/statistics/tests.rs
@@ -55,7 +55,7 @@ fn save_writes_stats_object_to_disk() {
    stats.add_status_code(StatusCode::OK);
    stats.add_status_code(StatusCode::OK);
    let outfile = NamedTempFile::new().unwrap();
-    if stats.save(174.33, outfile.path().to_str().unwrap()).is_ok() {}
+    assert!(stats.save(174.33, outfile.path().to_str().unwrap()).is_ok());

    assert!(stats.as_json().unwrap().contains("statistics"));
    assert!(stats.as_json().unwrap().contains("11")); // requests made
--- a/src/traits.rs
+++ b/src/traits.rs
@@ -4,6 +4,7 @@ use crate::filters::{
    WordsFilter,
 };
 use crate::response::FeroxResponse;
+use crate::utils::status_colorizer;
 use anyhow::Result;
 use crossterm::style::{style, Stylize};
 use serde::Serialize;
@@ -38,11 +39,43 @@ impl Display for dyn FeroxFilter {
        } else if let Some(filter) = self.as_any().downcast_ref::<RegexFilter>() {
            write!(f, "Regex: {}", style(&filter.raw_string).cyan())
        } else if let Some(filter) = self.as_any().downcast_ref::<WildcardFilter>() {
-            if filter.dynamic != u64::MAX {
-                write!(f, "Dynamic wildcard: {}", style(filter.dynamic).cyan())
-            } else {
-                write!(f, "Static wildcard: {}", style(filter.size).cyan())
+            let mut msg = format!(
+                "{} requests with {} responses ",
+                style(&filter.method).cyan(),
+                status_colorizer(&filter.status_code.to_string())
+            );
+
+            match (filter.content_length, filter.word_count, filter.line_count) {
+                (None, None, None) => {
+                    unreachable!("wildcard filter without any filters set");
+                }
+                (None, None, Some(lc)) => {
+                    msg.push_str(&format!("containing {} lines", lc));
+                }
+                (None, Some(wc), None) => {
+                    msg.push_str(&format!("containing {} words", wc));
+                }
+                (None, Some(wc), Some(lc)) => {
+                    msg.push_str(&format!("containing {} words and {} lines", wc, lc));
+                }
+                (Some(cl), None, None) => {
+                    msg.push_str(&format!("containing {} bytes", cl));
+                }
+                (Some(cl), None, Some(lc)) => {
+                    msg.push_str(&format!("containing {} bytes and {} lines", cl, lc));
+                }
+                (Some(cl), Some(wc), None) => {
+                    msg.push_str(&format!("containing {} bytes and {} words", cl, wc));
+                }
+                (Some(cl), Some(wc), Some(lc)) => {
+                    msg.push_str(&format!(
+                        "containing {} bytes, {} words, and {} lines",
+                        cl, wc, lc
+                    ));
+                }
            }
+
+            write!(f, "{}", msg)
        } else if let Some(filter) = self.as_any().downcast_ref::<StatusCodeFilter>() {
            write!(f, "Status code: {}", style(filter.filter_code).cyan())
        } else if let Some(filter) = self.as_any().downcast_ref::<SimilarityFilter>() {
@@ -52,7 +85,7 @@ impl Display for dyn FeroxFilter {
                style(&filter.original_url).cyan()
            )
        } else {
-            write!(f, "Filter: {:?}", self)
+            write!(f, "Filter: {self:?}")
        }
    }
 }
--- a/src/url.rs
+++ b/src/url.rs
@@ -1,8 +1,9 @@
+use crate::utils::parse_url_with_raw_path;
 use crate::{event_handlers::Handles, statistics::StatError::UrlFormat, Command::AddError};
 use anyhow::{anyhow, bail, Result};
 use reqwest::Url;
 use std::collections::HashSet;
-use std::{convert::TryInto, fmt, sync::Arc};
+use std::{fmt, sync::Arc};

 /// abstraction around target urls; collects all Url related shenanigans in one place
 #[derive(Debug)]
@@ -90,7 +91,7 @@ impl FeroxUrl {
            //
            // in order to resolve the issue, we check if the word from the wordlist is a parsable URL
            // and if so, don't do any further processing
-            let message = format!("word ({}) from wordlist is a URL, skipping...", word);
+            let message = format!("word ({word}) from wordlist is a URL, skipping...");
            log::warn!("{}", message);
            log::trace!("exit: format -> Err({})", message);
            bail!(message);
@@ -122,9 +123,9 @@ impl FeroxUrl {
            // We handle the special case of forward slash
            // That allow us to treat it as an extension with a particular format
            if ext == "/" {
-                format!("{}/", word)
+                format!("{word}/")
            } else {
-                format!("{}.{}", word, ext)
+                format!("{word}.{ext}")
            }
        } else {
            String::from(word)
@@ -142,60 +143,19 @@ impl FeroxUrl {
            word = word.trim_start_matches('/').to_string();
        };

-        let base_url = Url::parse(&url)?;
-        let joined = base_url.join(&word)?;
+        let base_url = parse_url_with_raw_path(&url)?;
+        let mut joined = base_url.join(&word)?;

-        if self.handles.config.queries.is_empty() {
-            // no query params to process
-            log::trace!("exit: format -> {}", joined);
-            Ok(joined)
-        } else {
-            let with_params =
-                Url::parse_with_params(joined.as_str(), &self.handles.config.queries)?;
-            log::trace!("exit: format_url -> {}", with_params);
-            Ok(with_params) // request with params attached
-        }
-    }
-
-    /// Gets the length of a url's path
-    pub fn path_length(&self) -> Result<u64> {
-        let parsed = Url::parse(&self.target)?;
-        Ok(FeroxUrl::path_length_of_url(&parsed))
-    }
-
-    /// Gets the length of a url's path
-    ///
-    /// example: http://localhost/stuff -> 5
-    pub fn path_length_of_url(url: &Url) -> u64 {
-        log::trace!("enter: get_path_length({})", url);
-
-        let path = url.path();
-
-        let segments = if let Some(split) = path.strip_prefix('/') {
-            split.split_terminator('/')
-        } else {
-            log::trace!("exit: get_path_length -> 0");
-            return 0;
-        };
-
-        if let Some(last) = segments.last() {
-            // failure on conversion should be very unlikely. While a usize can absolutely overflow a
-            // u64, the generally accepted maximum for the length of a url is ~2000.  so the value we're
-            // putting into the u64 should never realistically be anywhere close to producing an
-            // overflow.
-            // usize max: 18,446,744,073,709,551,615
-            // u64 max:   9,223,372,036,854,775,807
-            let url_len: u64 = last
-                .len()
-                .try_into()
-                .expect("Failed usize -> u64 conversion");
-
-            log::trace!("exit: get_path_length -> {}", url_len);
-            return url_len;
+        if !self.handles.config.queries.is_empty() {
+            // if called, this adds a '?' to the url, whether or not there are queries to be added
+            // so we need to check if there are queries to be added before blindly adding the '?'
+            joined
+                .query_pairs_mut()
+                .extend_pairs(self.handles.config.queries.iter());
        }

-        log::trace!("exit: get_path_length -> 0");
-        0
+        log::trace!("exit: format_url -> {}", joined);
+        Ok(joined)
    }

    /// Simple helper to abstract away adding a forward-slash to a url if not present
@@ -230,7 +190,7 @@ impl FeroxUrl {

        let target = self.normalize();

-        let parsed = Url::parse(&target)?;
+        let parsed = parse_url_with_raw_path(&target)?;
        let parts = parsed
            .path_segments()
            .ok_or_else(|| anyhow!("No path segments found"))?;
@@ -483,7 +443,7 @@ mod tests {
        let handles = Arc::new(Handles::for_testing(None, None).0);
        let url = FeroxUrl::from_string("http://localhost", handles);
        for ext in ["rocks", "fun"] {
-            let to_check = format!("http://localhost/upload/ferox.{}", ext);
+            let to_check = format!("http://localhost/upload/ferox.{ext}");
            assert_eq!(
                url.format("//upload/ferox", Some(ext)).unwrap(),
                reqwest::Url::parse(&to_check[..]).unwrap()
--- a/src/utils.rs
+++ b/src/utils.rs
@@ -41,7 +41,7 @@ pub fn open_file(filename: &str) -> Result<BufWriter<fs::File>> {
        .create(true)
        .append(true)
        .open(filename)
-        .with_context(|| fmt_err(&format!("Could not open {}", filename)))?;
+        .with_context(|| fmt_err(&format!("Could not open {filename}")))?;

    let writer = BufWriter::new(file); // std io

@@ -75,7 +75,12 @@ pub(crate) async fn send_try_recursion_command(
    handles: Arc<Handles>,
    response: FeroxResponse,
 ) -> Result<()> {
-    handles.send_scan_command(Command::TryRecursion(Box::new(response.clone())))?;
+    // make the response mutable so we can drop the body before
+    // sending it over the mpsc
+    let mut response = response;
+    response.drop_text();
+
+    handles.send_scan_command(Command::TryRecursion(Box::new(response)))?;
    let (tx, rx) = oneshot::channel::<bool>();
    handles.send_scan_command(Command::Sync(tx))?;
    rx.await?;
@@ -104,7 +109,7 @@ pub fn ferox_print(msg: &str, bar: &ProgressBar) {
        bar.println(msg);
    } else {
        let stripped = strip_ansi_codes(msg);
-        println!("{}", stripped);
+        println!("{stripped}");
    }
 }

@@ -265,19 +270,17 @@ pub fn create_report_string(
 ) -> String {
    if matches!(output_level, OutputLevel::Silent) {
        // --silent used, just need the url
-        format!("{}\n", url)
+        format!("{url}\n")
    } else {
        // normal printing with status and sizes
        let color_status = status_colorizer(status);
        if status.contains("MSG") {
            format!(
-                "{} {:>8} {:>9} {:>9} {:>9} {}\n",
-                color_status, method, line_count, word_count, content_length, url
+                "{color_status} {method:>8} {line_count:>9} {word_count:>9} {content_length:>9} {url}\n"
            )
        } else {
            format!(
-                "{} {:>8} {:>8}l {:>8}w {:>8}c {}\n",
-                color_status, method, line_count, word_count, content_length, url
+                "{color_status} {method:>8} {line_count:>8}l {word_count:>8}w {content_length:>8}c {url}\n"
            )
        }
    }
@@ -422,8 +425,13 @@ fn should_deny_absolute(url_to_test: &Url, denier: &Url, handles: Arc<Handles>)
        // current deny-url, now we just need to check to see if this deny-url is a parent
        // to a scanned url that is also a parent of the given url
        for ferox_scan in handles.ferox_scans()?.get_active_scans() {
-            let scanner = Url::parse(ferox_scan.url().trim_end_matches('/'))
-                .with_context(|| format!("Could not parse {} as a url", ferox_scan))?;
+            let scanner = parse_url_with_raw_path(ferox_scan.url().trim_end_matches('/'))
+                .with_context(|| format!("Could not parse {ferox_scan} as a url"))?;
+
+            // by calling the new parse_url_with_raw_path, and reaching this point without an
+            // error, we know we have an authority and therefore a host. leaving the code
+            // below, but we should never hit the else condition. leaving it in so if we find
+            // a case where i'm mistaken, we'll know about it and can address it

            if let Some(scan_host) = scanner.host() {
                // same domain/ip check we perform on the denier above
@@ -433,7 +441,7 @@ fn should_deny_absolute(url_to_test: &Url, denier: &Url, handles: Arc<Handles>)
                }
            } else {
                // couldn't process .host from scanner
-                continue;
+                unreachable!("should_deny_absolute: scanner.host() returned None, which shouldn't be possible");
            };

            let scan_path = scanner.path();
@@ -484,7 +492,7 @@ pub fn should_deny_url(url: &Url, handles: Arc<Handles>) -> Result<bool> {

    // normalization for comparison is to remove the trailing / if one exists, this is done for
    // the given url and any url to which it's compared
-    let normed_url = Url::parse(url.to_string().trim_end_matches('/'))?;
+    let normed_url = parse_url_with_raw_path(url.to_string().trim_end_matches('/'))?;

    for denier in &handles.config.url_denylist {
        // note to self: it may seem as though we can use regex only for --dont-scan, however, in
@@ -521,19 +529,207 @@ pub fn slugify_filename(url: &str, prefix: &str, suffix: &str) -> String {
        .as_secs();

    let altered_prefix = if !prefix.is_empty() {
-        format!("{}-", prefix)
+        format!("{prefix}-")
    } else {
        String::new()
    };

    let slug = url.replace("://", "_").replace(['/', '.'], "_");

-    let filename = format!("{}{}-{}.{}", altered_prefix, slug, ts, suffix);
+    let filename = format!("{altered_prefix}{slug}-{ts}.{suffix}");

    log::trace!("exit: slugify -> {}", filename);
    filename
 }

+/// This function takes a url string and returns a `url::Url`
+///
+/// It is primarily used to detect url paths that `url::Url::parse` will
+/// silently transform, such as /path/../file.html -> /file.html
+///
+/// # Warning
+///
+/// In the instance of a url with encoded path traversal strings, such as
+/// /path/%2e%2e/file.html, the underlying `url::Url::parse` will
+/// further encode the %-signs and return /path/%252e%252e/file.html
+pub fn parse_url_with_raw_path(url: &str) -> Result<Url> {
+    log::trace!("enter: parse_url_with_raw_path({})", url);
+
+    let parsed = Url::parse(url)?;
+
+    if !parsed.has_authority() {
+        // parsed correctly, but no authority, meaning mailto: or tel: or
+        // some other url that we don't care about
+        bail!("url to parse has no authority and is therefore invalid");
+    }
+
+    // thanks to @devx00: the possibility exists for Url to return true for
+    // has_authority, but not have a host/port, so we'll check for that
+    // and bail if it's the case
+    if parsed.host().is_none() {
+        bail!("url to parse doesn't have a host");
+    }
+
+    // we have a valid url, the next step is to check the path and see if it's
+    // something that url::Url::parse would silently transform
+    //
+    // i.e. if the path is /path/../file.html, url::Url::parse will transform it
+    // to /file.html, which is not what we want
+
+    let farthest_right_authority_part;
+
+    // we want to find the farthest right authority component, which is the
+    // component that is the furthest right in the url that is part of the
+    // authority
+    //
+    // per RFC 3986, the authority is defined as:
+    // - authority = [ userinfo "@" ] host [ ":" port ]
+    //
+    // so the farthest right authority component is either the port or the host
+    //
+    // i.e. in http://example.com:80/path/file.html, the farthest right authority
+    // component is :80
+    //
+    // in http://example.com/path/file.html, the farthest right authority component
+    // is example.com
+    //
+    // the farthest right authority component is used to split the url into two
+    // parts: the part before the authority and the part after the authority
+    if let Some(port) = parsed.port() {
+        // if the url has a port, then the farthest right authority component is
+        // the port
+        farthest_right_authority_part = format!(":{}", port);
+    } else if parsed.has_host() {
+        // if the url has a host, then the farthest right authority component is
+        // the host
+        farthest_right_authority_part = parsed.host_str().unwrap().to_owned();
+    } else {
+        // if the url has neither a port nor a host, then the url is invalid
+        // and we can't do anything with it, but i don't think this is possible
+        unreachable!("url has an authority, but has neither a port nor a host");
+    }
+
+    // split the original url string into two parts: the part before the authority and the part
+    // after the authority (i.e. the path + query + fragment)
+
+    let Some((_, after_authority)) = url.split_once(&farthest_right_authority_part) else {
+        // if we can't split the url string into two parts, then the url doesn't conform to our
+        // expectations, and we can't continue processing it, so we'll return the parsed url
+        return Ok(parsed);
+    };
+
+    // when there is a port, but it matches the default port for the scheme,
+    // url::Url::parse will mark the port as None, giving us a
+    // `after_authority` that looks something like this:
+    // - :80/path/file.html
+    let after_authority = after_authority
+        .replacen(":80", "", 1)
+        .replacen(":443", "", 1);
+
+    // snippets from rfc-3986:
+    //
+    //          foo://example.com:8042/over/there?name=ferret#nose
+    //          \_/   \______________/\_________/ \_________/ \__/
+    //           |           |            |            |        |
+    //        scheme     authority       path        query   fragment
+    //
+    // The path component is terminated
+    //    by the first question mark ("?") or number sign ("#") character, or
+    //    by the end of the URI.
+    //
+    // The query component is indicated by the first question
+    //    mark ("?") character and terminated by a number sign ("#") character
+    //    or by the end of the URI.
+    let (path, _discarded) = after_authority
+        .split_once('?')
+        // if there isn't a '?', try to remove a fragment
+        .unwrap_or_else(|| {
+            // if there isn't a '#', return (original, empty)
+            after_authority
+                .split_once('#')
+                .unwrap_or((&after_authority, ""))
+        });
+
+    // at this point, we have the path, all by itself
+
+    // each of the following is a string that we can expect url::Url::parse to
+    // transform. The variety is to ensure we cover most common path traversal
+    // encodings
+    let transformation_detectors = [
+        // ascii
+        "..",
+        // single url encoded
+        "%2e%2e",
+        // double url encoded
+        "%25%32%65%25%32%65",
+        // utf-8 encoded
+        "%c0%ae%c0%ae",
+        "%e0%40%ae%e0%40%ae",
+        "%c0ae%c0ae",
+        // 16 bit shenanigans
+        "%uff0e%uff0e",
+        "%u002e%u002e",
+    ];
+
+    let parsing_will_transform_path = transformation_detectors
+        .iter()
+        .any(|detector| path.to_lowercase().contains(detector));
+
+    if !parsing_will_transform_path {
+        // there's no string in the path of the url that will trigger a transformation
+        // so, we can return it as-is
+        return Ok(parsed);
+    }
+
+    // if we reach this point, the path contains a string that will trigger a transformation
+    // so we need to manually create a Url that doesn't have the transformation
+    // and return that
+    //
+    // special thanks to github user @lavafroth for this workaround
+
+    let mut hacked_url = if path.ends_with('/') {
+        // from_file_path silently strips trailing slashes, and
+        // from_directory_path adds them, so we'll choose the appropriate
+        // constructor based on the presence of a path's trailing slash
+
+        // according to from_file_path docs:
+        //   from_file_path returns `Err` if the given path is not absolute or,
+        //   on Windows, if the prefix is not a disk prefix (e.g. `C:`) or a UNC prefix (`\\`).
+        //
+        // since we parsed out a valid url path, we know it is absolute, so on non-windows
+        // platforms, we can safely unwrap. On windows, we need to fix up the path
+        #[cfg(target_os = "windows")]
+        {
+            let path = format!("\\/IGNOREME{path}");
+            Url::from_directory_path(path).unwrap()
+        }
+        #[cfg(not(target_os = "windows"))]
+        Url::from_directory_path(path).unwrap()
+    } else {
+        #[cfg(target_os = "windows")]
+        {
+            let path = format!("\\/IGNOREME{path}");
+            Url::from_file_path(path).unwrap()
+        }
+        #[cfg(not(target_os = "windows"))]
+        Url::from_file_path(path).unwrap()
+    };
+
+    // host must be set first, otherwise multiple components may return Err
+    hacked_url.set_host(parsed.host_str())?;
+    // scheme/port/username/password can fail, but in this instance, we know they won't
+    hacked_url.set_scheme(parsed.scheme()).unwrap();
+    hacked_url.set_port(parsed.port()).unwrap();
+    hacked_url.set_username(parsed.username()).unwrap();
+    hacked_url.set_password(parsed.password()).unwrap();
+    // query/fragment can't fail
+    hacked_url.set_query(parsed.query());
+    hacked_url.set_fragment(parsed.fragment());
+
+    log::trace!("exit: parse_url_with_raw_path -> {}", hacked_url);
+    Ok(hacked_url)
+}
+
 #[cfg(test)]
 mod tests {
    use super::*;
@@ -541,31 +737,171 @@ mod tests {
    use crate::scan_manager::{FeroxScans, ScanOrder};

    #[test]
-    /// set_open_file_limit with a low requested limit succeeds
-    fn utils_set_open_file_limit_with_low_requested_limit() {
-        let (_, hard) = getrlimit(Resource::NOFILE).unwrap();
-        let lower_limit = hard - 1;
-        assert!(set_open_file_limit(lower_limit));
+    /// parse_url_with_raw_path with javascript:// should not throw an unimplemented! error
+    fn utils_parse_url_with_raw_path_javascript() {
+        let url = "javascript://";
+        let parsed = parse_url_with_raw_path(url);
+        assert!(parsed.is_err());
+        assert!(parsed
+            .unwrap_err()
+            .to_string()
+            .contains("url to parse doesn't have a host"));
    }

    #[test]
-    /// set_open_file_limit with a high requested limit succeeds
-    fn utils_set_open_file_limit_with_high_requested_limit() {
-        let (_, hard) = getrlimit(Resource::NOFILE).unwrap();
-        let higher_limit = hard + 1;
-        // calculate a new soft to ensure soft != hard and hit that logic branch
-        let new_soft = hard - 1;
-        setrlimit(Resource::NOFILE, new_soft, hard).unwrap();
-        assert!(set_open_file_limit(higher_limit));
+    /// multiple tests for parse_url_with_raw_path
+    fn utils_parse_url_with_raw_path() {
+        // ../.. is preserved
+        let url = "https://www.google.com/../../stuff";
+        let parsed = parse_url_with_raw_path(url).unwrap();
+        assert_eq!(parsed.as_str(), url);
+
+        // ../.. is preserved as well as the trailing slash
+        let url = "https://www.google.com/../../stuff/";
+        let parsed = parse_url_with_raw_path(url).unwrap();
+        assert_eq!(parsed.as_str(), url);
+
+        // no trailing slash is preserved
+        let url = "https://www.google.com/stuff";
+        let parsed = parse_url_with_raw_path(url).unwrap();
+        assert_eq!(parsed.as_str(), url);
+
+        // trailing slash is preserved
+        let url = "https://www.google.com/stuff/";
+        let parsed: Url = parse_url_with_raw_path(url).unwrap();
+        assert_eq!(parsed.as_str(), url);
+
+        // mailto is an error
+        let url = "mailto:user@example.com";
+        let parsed = parse_url_with_raw_path(url);
+        assert!(parsed.is_err());
+
+        // relative url is an error
+        let url = "../../stuff";
+        let parsed = parse_url_with_raw_path(url);
+        assert!(parsed.is_err());
+
+        // absolute without host is an error
+        let url = "/../../stuff";
+        let parsed = parse_url_with_raw_path(url);
+        assert!(parsed.is_err());
+
+        // default ports are parsed correctly
+        for url in [
+            "http://example.com:80/path/file.html",
+            "https://example.com:443/path/file.html",
+        ] {
+            let parsed = parse_url_with_raw_path(url).unwrap();
+            assert!(parsed.port().is_none());
+            assert_eq!(parsed.host().unwrap().to_string().as_str(), "example.com");
+        }
+
+        // non-default ports are parsed correctly
+        for url in [
+            "http://example.com:8080/path/file.html",
+            "https://example.com:4433/path/file.html",
+        ] {
+            let parsed = parse_url_with_raw_path(url).unwrap();
+            assert!(parsed.port().is_some());
+            assert_eq!(parsed.as_str(), url);
+        }
+
+        // different encodings are respected if found in doubles
+        //
+        // note that the % sign is encoded as %25...
+        let url = "http://user:pass@example.com/%2e%2e/stuff.php";
+        let parsed = parse_url_with_raw_path(url).unwrap();
+        assert_eq!(
+            parsed.as_str(),
+            "http://user:pass@example.com/%252e%252e/stuff.php"
+        );
+
+        let url = "http://user:pass@example.com/%25%32%65%25%32%65/stuff.php";
+        let parsed = parse_url_with_raw_path(url).unwrap();
+        assert_eq!(parsed.username(), "user");
+        assert_eq!(parsed.password().unwrap(), "pass");
+        assert_eq!(
+            parsed.as_str(),
+            "http://user:pass@example.com/%2525%2532%2565%2525%2532%2565/stuff.php"
+        );
+
+        let url = "http://user:pass@example.com/%c0%ae%c0%ae/stuff.php";
+        let parsed = parse_url_with_raw_path(url).unwrap();
+        assert_eq!(parsed.username(), "user");
+        assert_eq!(parsed.password().unwrap(), "pass");
+        assert_eq!(
+            parsed.as_str(),
+            "http://user:pass@example.com/%25c0%25ae%25c0%25ae/stuff.php"
+        );
+
+        let url = "http://user:pass@example.com/%e0%40%ae%e0%40%ae/stuff.php";
+        let parsed = parse_url_with_raw_path(url).unwrap();
+        assert_eq!(parsed.username(), "user");
+        assert_eq!(parsed.password().unwrap(), "pass");
+        assert_eq!(
+            parsed.as_str(),
+            "http://user:pass@example.com/%25e0%2540%25ae%25e0%2540%25ae/stuff.php"
+        );
+
+        let url = "http://user:pass@example.com/%c0ae%c0ae/stuff.php";
+        let parsed = parse_url_with_raw_path(url).unwrap();
+        assert_eq!(parsed.username(), "user");
+        assert_eq!(parsed.password().unwrap(), "pass");
+        assert_eq!(
+            parsed.as_str(),
+            "http://user:pass@example.com/%25c0ae%25c0ae/stuff.php"
+        );
+
+        let url = "http://user:pass@example.com/%uff0e%uff0e/stuff.php";
+        let parsed = parse_url_with_raw_path(url).unwrap();
+        assert_eq!(parsed.username(), "user");
+        assert_eq!(parsed.password().unwrap(), "pass");
+        assert_eq!(
+            parsed.as_str(),
+            "http://user:pass@example.com/%25uff0e%25uff0e/stuff.php"
+        );
+
+        let url = "http://user:pass@example.com/%u002e%u002e/stuff.php";
+        let parsed = parse_url_with_raw_path(url).unwrap();
+        assert_eq!(parsed.username(), "user");
+        assert_eq!(parsed.password().unwrap(), "pass");
+        assert_eq!(
+            parsed.as_str(),
+            "http://user:pass@example.com/%25u002e%25u002e/stuff.php"
+        );
    }

-    #[test]
-    /// set_open_file_limit should fail when hard == soft
-    fn utils_set_open_file_limit_with_fails_when_both_limits_are_equal() {
-        let (_, hard) = getrlimit(Resource::NOFILE).unwrap();
-        // calculate a new soft to ensure soft == hard and hit the failure logic branch
-        setrlimit(Resource::NOFILE, hard, hard).unwrap();
-        assert!(!set_open_file_limit(hard)); // returns false
+    #[cfg(not(target_os = "windows"))]
+    mod nix_only_tests {
+        use super::*;
+
+        #[test]
+        /// set_open_file_limit with a low requested limit succeeds
+        fn utils_set_open_file_limit_with_low_requested_limit() {
+            let (_, hard) = getrlimit(Resource::NOFILE).unwrap();
+            let lower_limit = hard - 1;
+            assert!(set_open_file_limit(lower_limit));
+        }
+
+        #[test]
+        /// set_open_file_limit with a high requested limit succeeds
+        fn utils_set_open_file_limit_with_high_requested_limit() {
+            let (_, hard) = getrlimit(Resource::NOFILE).unwrap();
+            let higher_limit = hard + 1;
+            // calculate a new soft to ensure soft != hard and hit that logic branch
+            let new_soft = hard - 1;
+            setrlimit(Resource::NOFILE, new_soft, hard).unwrap();
+            assert!(set_open_file_limit(higher_limit));
+        }
+
+        #[test]
+        /// set_open_file_limit should fail when hard == soft
+        fn utils_set_open_file_limit_with_fails_when_both_limits_are_equal() {
+            let (_, hard) = getrlimit(Resource::NOFILE).unwrap();
+            // calculate a new soft to ensure soft == hard and hit the failure logic branch
+            setrlimit(Resource::NOFILE, hard, hard).unwrap();
+            assert!(!set_open_file_limit(hard)); // returns false
+        }
    }

    #[test]
@@ -699,6 +1035,13 @@ mod tests {
    /// provide a denier from which we can't check a host, which results in no comparison, expect false
    /// because the denier is a parent to the tested, even tho the scanned doesn't compare, it
    /// still returns true
+    ///
+    /// note: adding parse_url_with_raw_path changed the behavior of this test, it used to return
+    /// true, now it returns false. see my note in should_deny_absolute and the unreachable!
+    /// call block to see why
+    ///
+    /// leaving this test here to document the behavior change and to catch regressions in the
+    /// new expected behavior
    fn should_deny_url_doesnt_compare_non_domains_in_scanned() {
        let deny_url = "https://testdomain.com/";
        let scan_url = "unix:/run/foo.socket";
@@ -712,8 +1055,7 @@ mod tests {
        let config = Arc::new(config);

        let handles = Arc::new(Handles::for_testing(Some(scans), Some(config)).0);
-
-        assert!(should_deny_url(&tested_url, handles).unwrap());
+        assert!(!should_deny_url(&tested_url, handles).unwrap());
    }

    #[test]
--- a/tests/mutual-auth/Caddyfile
+++ b/tests/mutual-auth/Caddyfile
@@ -0,0 +1,17 @@
+(mTLS) {
+	tls {
+		client_auth {
+			mode require_and_verify
+			trusted_ca_cert_file certs/server/ca.crt
+		}
+	}
+}
+
+https://localhost:8001 {
+	import mTLS
+	log
+
+	handle / {
+		file_server browse
+	}
+}
--- a/tests/mutual-auth/README.md
+++ b/tests/mutual-auth/README.md
@@ -0,0 +1,6 @@
+# Testing mTLS
+
+- run `gen-certs.sh`
+- run `sudo /path/to/caddy run`
+- expect listener on port 8001
+- run `feroxbuster -u https://localhost:8001 --client-key certs/client/client.key --client-cert certs/client/client.crt`
--- a/tests/mutual-auth/certs/client/client.crt
+++ b/tests/mutual-auth/certs/client/client.crt
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICqzCCAZMCFE22XDzrLwkJIkb3EdP333d4HoXQMA0GCSqGSIb3DQEBCwUAMBMx
+ETAPBgNVBAMMCFNlcnZlckNBMB4XDTIzMDUwNjExMDYyM1oXDTI0MDUwNTExMDYy
+M1owETEPMA0GA1UEAwwGQ2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAz3EPWMsh+dfPdbHtpNhizZZs+r0djzdHHgkbnNQ1PodWDnv0Rf1YgNEa
+umQuUvIgjMtorRqbz9HLG4+H2aR5KHgPwBNHyKS4PEiQvWDV88aJxdMbgL/IfzAt
+di85UcBUkyqUe1r6vIS0smJo1wVwxLEmD6kdt1BEI3LaK1j99JeG8TAS8f+/xf4s
+ouE4lA+y3bJQP18wUGuyudntFQBKgjY2Tx+RWbBcx0zW68M7IMQ5bDz0oK9MYw8G
+q2vwcRyMLuoyNpbDT5mI2wsQu/r2O0CCNbtkg5JxasdYR7Llw9YTl74st3dshM9e
+4V5uuVotcWXW6U518nWHOQy9qiBSOQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQB4
+xOVvWrRZ4SBqzaen32COXpjddX28Q7YmNB/UKl3ZT7R1dIjUMfJz2le0mj2UpSAr
+rDT7PCsXnDP0KswGiJC3IVTa/hnkUk798jwUvp221jvebyy8/NMWfWPoIKfhELdb
+3uJfrGyQuB8Zf9Q1hc9jYDX27EbGaDSpOrpE9Ej2riVnbgBKZsS5jcfY8JDrkv+F
+4cP2pTu6mVRuU1Bzx3SB0Vg2uGi1QTJuuA905Y3zpoRfTtybKlRRkMQk+46xrdyV
+x64wq9zcL6Kq4D/UE3EjLnjbRw6H6g8jbnBjT5KRfP2tmbF9RTZs44Dl0hYvXber
+HrvWtxHG8OJ8BLQg1rQd
+-----END CERTIFICATE-----
--- a/tests/mutual-auth/certs/client/client.key
+++ b/tests/mutual-auth/certs/client/client.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDPcQ9YyyH51891
+se2k2GLNlmz6vR2PN0ceCRuc1DU+h1YOe/RF/ViA0Rq6ZC5S8iCMy2itGpvP0csb
+j4fZpHkoeA/AE0fIpLg8SJC9YNXzxonF0xuAv8h/MC12LzlRwFSTKpR7Wvq8hLSy
+YmjXBXDEsSYPqR23UEQjctorWP30l4bxMBLx/7/F/iyi4TiUD7LdslA/XzBQa7K5
+2e0VAEqCNjZPH5FZsFzHTNbrwzsgxDlsPPSgr0xjDwara/BxHIwu6jI2lsNPmYjb
+CxC7+vY7QII1u2SDknFqx1hHsuXD1hOXviy3d2yEz17hXm65Wi1xZdbpTnXydYc5
+DL2qIFI5AgMBAAECggEAC8XVeoM1w4uITDxLucMnkVYgC3dj5/K5zCY1bVg8SNcO
+rt4BSh8TkKT9ZLZmjCHOb9sj7s4PqXLVOXRTAAq17xJoR2z4shYKGC7AmyTVo6MB
+AuuFGDCaMQCzlc1ejgmRqzP7jwgl6oDIDgcofsqB4MHSgIlHJNYO9emQ4OypJgJA
+xd8KT5S/hThJG1VqJ6P0oiB/WBlzcJ5wX4GSVE25RlpRX8ogqCyI9V+SRq2CrG7U
+Jqv3Kbag7derTfqmsKyjv/kckOgfKH/rm61HMrYshcPfgxL2fZe2Q8wCTexvhZwZ
+8vD8bvR++SxOxbigCIB7ReYgmoj4bocjqDX4vUhe8QKBgQD35oDdOa2uiOs7NWVf
+IV1ZwPWxxwnYFIEA8paQwsYGIxHrYNdGSsGBzwvLDPpTeOO0VdoC+sP5zytTv547
+djeOzGf9Hj6swa5tPdzkYjZV/85mnmGKaEmmCN4AvpYol5l2BTetFtX0v6QEaqvU
+uZbV5X2UcuClExA0frNUJDVHkQKBgQDWOCZq1r9X3iEkcFSBhironVNj80jFqIum
+rMbGUUcOI05U2hkmMDluSW1NNL2k+SNJXq7fmkjIQEXffqcbsXUSIQB0MU6yddt5
+7+c19ioZChx91Kl049rKQ21kPTh7D0TCUvDQLapt2xbUNg6rGCLSrkkVlWwxLnDU
+pNk/c4QcKQKBgEreedLWhabtwSV7pecKO5hM16dedpGk96UinuiPeqEF3HabI8kd
+8L1Um7oybDPjkdm4CATYWXHL6Mj9WTuaI4NkJo/in4krYZOqmFj9dG2auWpysQDN
+KFkV2n6dENqnlnh3cO48tFebvVx8HvM7Ldvh2ICKBWC1ljJUhbKG0PSRAoGBAJVy
+fNLCWKEbVbHPMBVgnaTExT2Qp29F4493MAGBCHpDhU1LDoqG0DoxvbBEIB3stYJl
+LMjQIQCbXmPKPxjh15O7NE7ba1SzRleuV3Zc8wee9zuN1l6265d6LOHml/W6NDUB
+mgESKrkTRLztrZQNdZXXgyMsqFszVAH1s55Bn6PpAoGBAN13Ev7Ynysdvkc3aHO6
+qM0hH6mAlEOAyCTk5r/0cyz9rGyYWXiVXen0ftSaBcISdzhrVkRDs3rLrHwEXdu1
+Y2Z1HhZkILw/C4t+Eaa6FOWfwwPAdOpaxYpxKxCEeCBKmkd1z0Dx0vDEDrt+AaHa
+UYIQ9wAbZpuKGfFQceyr1lBO
+-----END PRIVATE KEY-----
--- a/tests/mutual-auth/certs/server/ca.crt
+++ b/tests/mutual-auth/certs/server/ca.crt
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDBzCCAe+gAwIBAgIUG3vb4pIbvaI/+LzOpu6Z4b6s4iIwDQYJKoZIhvcNAQEL
+BQAwEzERMA8GA1UEAwwIU2VydmVyQ0EwHhcNMjMwNTA2MTEwNjIzWhcNMzMwNTAz
+MTEwNjIzWjATMREwDwYDVQQDDAhTZXJ2ZXJDQTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAKazNKPaH8LDzcaZRvBLrDNJkL1pukmB36mbczj07hZVbPmS
+/hyBvAdBFom0ZTw5dIpsUtRSZbDPrsCVpdY9O1jxwhrDi6mfvyJtKLEbTW4PvARq
+WwDhpa2SYwBMI+0ilXWTAzwJuWT1NhuUsAcB6SGwkNm3iKqZUDxn3V2L2AHRcKEJ
+9Zn9ePP4BsvtAS8ZBLxTnoo7R2SHiWwjDwuTtS4fQ5bWzGkmdmeuJ7JJt4ZzQV+m
+MBqrK3XVi+MXayvt5affGvHj/KuhlVBXHnUgSvEgFpuhK9elsds2iRho8mp1d0iH
+EIMp9LHVftsIpUxbKt/Pa/JL7oG9LBIvPj/SIjsCAwEAAaNTMFEwHQYDVR0OBBYE
+FLlRKsDb/ducVIBirME0VJZ3TwfkMB8GA1UdIwQYMBaAFLlRKsDb/ducVIBirME0
+VJZ3TwfkMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAD7lqNzU
+wxuyO60Gn2q6DUBb1Kseq6bSndNHeagdfMfKManKl1YObnB0ciTO3bnmNXiXktSu
+BsQzlmr3O+H6X39Vpdyqq4SoOcOt0I+bvBykk1UZqEoc7jGXdZVmnk9Q0uoKtWxJ
+rV9CHEhyPNnEh4W07y05UUn9S6EiKy5232yi4USdmk44GXhFblS5inhTTxca2vEq
+9h+FH+QZ7ehaAaWR+EaQjXNwm2mN7gWxM3Q6RfK9N67MHD9ggmfdyZmnyt5gCidC
+ys4W4stEh6d6fXZT77dcGaHKdXW3GwP3ZcAlRFYPqpAvWzndC9kDCgIULeSP1ALy
+cILcb0HQvNS0t60=
+-----END CERTIFICATE-----
--- a/tests/mutual-auth/certs/server/server.crt
+++ b/tests/mutual-auth/certs/server/server.crt
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICrzCCAZcCFGMKRtmMLuut+sxC+TbWQfum7oXZMA0GCSqGSIb3DQEBCwUAMBQx
+EjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMzA1MDYxMTA2MjNaFw0zMzA1MDMxMTA2
+MjNaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAKazNKPaH8LDzcaZRvBLrDNJkL1pukmB36mbczj07hZVbPmS/hyB
+vAdBFom0ZTw5dIpsUtRSZbDPrsCVpdY9O1jxwhrDi6mfvyJtKLEbTW4PvARqWwDh
+pa2SYwBMI+0ilXWTAzwJuWT1NhuUsAcB6SGwkNm3iKqZUDxn3V2L2AHRcKEJ9Zn9
+ePP4BsvtAS8ZBLxTnoo7R2SHiWwjDwuTtS4fQ5bWzGkmdmeuJ7JJt4ZzQV+mMBqr
+K3XVi+MXayvt5affGvHj/KuhlVBXHnUgSvEgFpuhK9elsds2iRho8mp1d0iHEIMp
+9LHVftsIpUxbKt/Pa/JL7oG9LBIvPj/SIjsCAwEAATANBgkqhkiG9w0BAQsFAAOC
+AQEAjPAtZs1by2h/1fr/ypojw16llzbReT8J+T8YHSTf6YwjoE83I0QDOLEo1ax+
+e/8qyQLs0EnlfdomNyA4Z/ECbY5c1nY0Dp//u6WH7AwLUx5HiwUw4Fmxu9Q/oB1o
+3vhIPl5Vd/VpdxDzuO8q8WvagwjVaxsZP3PVaBDRzZZPldPgTakfk+w5XnjNfgJi
+RDRutTRe6KBOxt7PAzAVV71FtOIq0b4xCNJGNurYBhRgZ5iQ7yMw+I5Vte1TakWr
+9gfE/yoKbU1W+y0QxSDTsnTCO4i3mXmBTuceTVWELwqZcr34W7n3vD8UtZQfanML
+cHCZaLPSMDuDtS74FSamP3i+oQ==
+-----END CERTIFICATE-----
--- a/tests/mutual-auth/certs/server/server.crt.1
+++ b/tests/mutual-auth/certs/server/server.crt.1
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICrzCCAZcCFGMKRtmMLuut+sxC+TbWQfum7oXZMA0GCSqGSIb3DQEBCwUAMBQx
+EjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMzA1MDYxMTA2MjNaFw0zMzA1MDMxMTA2
+MjNaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAKazNKPaH8LDzcaZRvBLrDNJkL1pukmB36mbczj07hZVbPmS/hyB
+vAdBFom0ZTw5dIpsUtRSZbDPrsCVpdY9O1jxwhrDi6mfvyJtKLEbTW4PvARqWwDh
+pa2SYwBMI+0ilXWTAzwJuWT1NhuUsAcB6SGwkNm3iKqZUDxn3V2L2AHRcKEJ9Zn9
+ePP4BsvtAS8ZBLxTnoo7R2SHiWwjDwuTtS4fQ5bWzGkmdmeuJ7JJt4ZzQV+mMBqr
+K3XVi+MXayvt5affGvHj/KuhlVBXHnUgSvEgFpuhK9elsds2iRho8mp1d0iHEIMp
+9LHVftsIpUxbKt/Pa/JL7oG9LBIvPj/SIjsCAwEAATANBgkqhkiG9w0BAQsFAAOC
+AQEAjPAtZs1by2h/1fr/ypojw16llzbReT8J+T8YHSTf6YwjoE83I0QDOLEo1ax+
+e/8qyQLs0EnlfdomNyA4Z/ECbY5c1nY0Dp//u6WH7AwLUx5HiwUw4Fmxu9Q/oB1o
+3vhIPl5Vd/VpdxDzuO8q8WvagwjVaxsZP3PVaBDRzZZPldPgTakfk+w5XnjNfgJi
+RDRutTRe6KBOxt7PAzAVV71FtOIq0b4xCNJGNurYBhRgZ5iQ7yMw+I5Vte1TakWr
+9gfE/yoKbU1W+y0QxSDTsnTCO4i3mXmBTuceTVWELwqZcr34W7n3vD8UtZQfanML
+cHCZaLPSMDuDtS74FSamP3i+oQ==
+-----END CERTIFICATE-----
--- a/tests/mutual-auth/certs/server/server.crt.2
+++ b/tests/mutual-auth/certs/server/server.crt.2
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICrzCCAZcCFGMKRtmMLuut+sxC+TbWQfum7oXZMA0GCSqGSIb3DQEBCwUAMBQx
+EjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMzA1MDYxMTA2MjNaFw0zMzA1MDMxMTA2
+MjNaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAKazNKPaH8LDzcaZRvBLrDNJkL1pukmB36mbczj07hZVbPmS/hyB
+vAdBFom0ZTw5dIpsUtRSZbDPrsCVpdY9O1jxwhrDi6mfvyJtKLEbTW4PvARqWwDh
+pa2SYwBMI+0ilXWTAzwJuWT1NhuUsAcB6SGwkNm3iKqZUDxn3V2L2AHRcKEJ9Zn9
+ePP4BsvtAS8ZBLxTnoo7R2SHiWwjDwuTtS4fQ5bWzGkmdmeuJ7JJt4ZzQV+mMBqr
+K3XVi+MXayvt5affGvHj/KuhlVBXHnUgSvEgFpuhK9elsds2iRho8mp1d0iHEIMp
+9LHVftsIpUxbKt/Pa/JL7oG9LBIvPj/SIjsCAwEAATANBgkqhkiG9w0BAQsFAAOC
+AQEAjPAtZs1by2h/1fr/ypojw16llzbReT8J+T8YHSTf6YwjoE83I0QDOLEo1ax+
+e/8qyQLs0EnlfdomNyA4Z/ECbY5c1nY0Dp//u6WH7AwLUx5HiwUw4Fmxu9Q/oB1o
+3vhIPl5Vd/VpdxDzuO8q8WvagwjVaxsZP3PVaBDRzZZPldPgTakfk+w5XnjNfgJi
+RDRutTRe6KBOxt7PAzAVV71FtOIq0b4xCNJGNurYBhRgZ5iQ7yMw+I5Vte1TakWr
+9gfE/yoKbU1W+y0QxSDTsnTCO4i3mXmBTuceTVWELwqZcr34W7n3vD8UtZQfanML
+cHCZaLPSMDuDtS74FSamP3i+oQ==
+-----END CERTIFICATE-----
--- a/tests/mutual-auth/certs/server/server.der
+++ b/tests/mutual-auth/certs/server/server.der
--- a/tests/mutual-auth/certs/server/server.key
+++ b/tests/mutual-auth/certs/server/server.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCmszSj2h/Cw83G
+mUbwS6wzSZC9abpJgd+pm3M49O4WVWz5kv4cgbwHQRaJtGU8OXSKbFLUUmWwz67A
+laXWPTtY8cIaw4upn78ibSixG01uD7wEalsA4aWtkmMATCPtIpV1kwM8Cblk9TYb
+lLAHAekhsJDZt4iqmVA8Z91di9gB0XChCfWZ/Xjz+AbL7QEvGQS8U56KO0dkh4ls
+Iw8Lk7UuH0OW1sxpJnZnrieySbeGc0FfpjAaqyt11YvjF2sr7eWn3xrx4/yroZVQ
+Vx51IErxIBaboSvXpbHbNokYaPJqdXdIhxCDKfSx1X7bCKVMWyrfz2vyS+6BvSwS
+Lz4/0iI7AgMBAAECggEAKvz2u7Rh0WOWGrtnQEt7bkRv13C+8frUd1QXnB4JkefY
+sOmXrzlDiGlgCwXiv2ufopy5pXhUMgr0qUROHlfvCIpbwHQh/Y2tCA83WajNSG81
+ULwumKUYCRFBh4+bCimLemT9hguJ7D+SAv3OgRgciywRxpteWoQr3U/5lYidHSZ/
+gv13lVKbn72zD5opeGA2hS1MlLZV/xueSvhT3lzbv61hqdersACj2Tvi8O2/imVy
+XjEZnPRQhlFPtiAN5J3on6Xo+MqieuhA3yxhBrYoLsMrTCK6ePThdXfcgmpEjQ8l
+6HxNmnPri5KbxCTbGgCjMiSidnRim2IpBMEP32eN8QKBgQDLr2CoMdyliFU6Gm1P
+rxWTMnvzdVbXUp4B8YEdyNyKdWt50cqbB3UvnFX2gpELYdy3uYcXTKm+Nynruam1
+Z/Ya1HXwN+wdgQhjq9n4izLvEfUkXWDNNikQmts8Uxkp+uEK+OOp1/NjZlA6YdS3
+crq5wPxLoAP2JxiaoIJF74QMqwKBgQDRhABgZbWVHwPcLVVqZ5+MJYvQORqIqapf
+kGe/jR/CMC0Tkop2O1tY3f68bMNKkXfj7QEtDlppMswZ9MOqBBr56yGZzrQa+cB3
+lF4+hP06OvyIkdmZlP4NHm/DtF9gt1KjWPF2VcIfD3VfZO8E/XJn2n1KnKCU+4cb
+lyJYi9AgsQKBgQCWkgPy8kE5QSo3tJeAI17gnJ5SoDhdHp7dsukO2pBl7l1QBY0v
+w3iWhIxrmaOddW+ThZve1nZYvjDIKEzTZJHizZKNzNlICj3oaH7OpCA36N9+TWUk
+7le3BbLxykA870/zK4Ao6xHqNhUyw2VbY32zmX0obpbfHZGrpOIIzwGf1wKBgDlM
+U1oJls5QbBrT3w85hZ2rSwBIDaSgWfLGqEjvjGbsC/fVVL6e3w1/sMHRMNt8yv/v
+einbSgiJFt5mXPhrJQGCN28742+ZK/TIA7ovXp2FMjkbQhpJb+0gjMpF0uu9VwFL
+OsX1ECC0dpH/JYsE0TvrueYkzZnQ7BM0kvUKT4IRAoGAOPVed0zkDh3iobQ3A3IG
+JepRygabC68iOHlrD6sVxST0HdyP9pxwMe9gnz5TDAZkWvhJV0UUmaMCpbShsc+n
+ymKSNnXAxt+G6XHH3Mg9aDNi70og4HhhT6dU2579xUOBY2057ZgpWXK3rf+JKls4
+XlkplyHw0UqkEhCw+FMa3Gs=
+-----END PRIVATE KEY-----
--- a/tests/mutual-auth/gen-certs.sh
+++ b/tests/mutual-auth/gen-certs.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+# Create server and client certificate directories
+mkdir -p certs/server
+mkdir -p certs/client
+
+# Generate server key
+openssl genrsa -out certs/server/server.key 2048
+
+# Generate a Certificate Signing Request (CSR) for the server key
+openssl req -new -key certs/server/server.key -out certs/server/server.csr -subj "/CN=localhost"
+
+# Self-sign the server CSR to create the server certificate
+openssl x509 -req -in certs/server/server.csr -signkey certs/server/server.key -out certs/server/server.crt -days 3650
+
+# Generate server-side Certificate Authority (CA) file
+openssl req -x509 -nodes -new -key certs/server/server.key -sha256 -days 3650 -out certs/server/ca.crt -subj "/CN=ServerCA"
+
+# Generate client key
+openssl genrsa -out certs/client/client.key 2048
+
+# Generate a Certificate Signing Request (CSR) for the client key
+openssl req -new -key certs/client/client.key -out certs/client/client.csr -subj "/CN=Client"
+
+# Sign the client CSR with the server CA to create the client certificate
+openssl x509 -req -in certs/client/client.csr -CA certs/server/ca.crt -CAkey certs/server/server.key -CAcreateserial -out certs/client/client.crt -days 365
+
+# Cleanup
+rm -f certs/server/server.csr
+rm -f certs/client/client.csr
+
--- a/tests/test_banner.rs
+++ b/tests/test_banner.rs
@@ -661,6 +661,70 @@ fn banner_prints_recursion_depth() {
        );
 }

+#[test]
+/// test allows non-existent wordlist to trigger the banner printing to stderr
+/// expect to see all mandatory prints + server certs
+fn banner_prints_server_certs() {
+    Command::cargo_bin("feroxbuster")
+        .unwrap()
+        .arg("--url")
+        .arg("http://localhost")
+        .arg("--server-certs")
+        .arg("tests/mutual-auth/certs/server/server.crt.1")
+        .arg("tests/mutual-auth/certs/server/server.crt.2")
+        .arg("--wordlist")
+        .arg("/definitely/doesnt/exist/0cd7fed0-47f4-4b18-a1b0-ac39708c1676")
+        .assert()
+        .success()
+        .stderr(
+            predicate::str::contains("─┬─")
+                .and(predicate::str::contains("Target Url"))
+                .and(predicate::str::contains("http://localhost"))
+                .and(predicate::str::contains("Threads"))
+                .and(predicate::str::contains("Wordlist"))
+                .and(predicate::str::contains("Status Codes"))
+                .and(predicate::str::contains("Timeout (secs)"))
+                .and(predicate::str::contains("User-Agent"))
+                .and(predicate::str::contains("Server Certificates"))
+                .and(predicate::str::contains("server.crt.1"))
+                .and(predicate::str::contains("server.crt.2"))
+                .and(predicate::str::contains("─┴─")),
+        );
+}
+
+#[test]
+/// test allows non-existent wordlist to trigger the banner printing to stderr
+/// expect to see all mandatory prints + server certs
+fn banner_prints_client_cert_and_key() {
+    Command::cargo_bin("feroxbuster")
+        .unwrap()
+        .arg("--url")
+        .arg("http://localhost")
+        .arg("--client-cert")
+        .arg("tests/mutual-auth/certs/client/client.crt")
+        .arg("--client-key")
+        .arg("tests/mutual-auth/certs/client/client.key")
+        .arg("--wordlist")
+        .arg("/definitely/doesnt/exist/0cd7fed0-47f4-4b18-a1b0-ac39708c1676")
+        .assert()
+        .success()
+        .stderr(
+            predicate::str::contains("─┬─")
+                .and(predicate::str::contains("Target Url"))
+                .and(predicate::str::contains("http://localhost"))
+                .and(predicate::str::contains("Threads"))
+                .and(predicate::str::contains("Wordlist"))
+                .and(predicate::str::contains("Status Codes"))
+                .and(predicate::str::contains("Timeout (secs)"))
+                .and(predicate::str::contains("User-Agent"))
+                .and(predicate::str::contains("Client Certificate"))
+                .and(predicate::str::contains("Client Key"))
+                .and(predicate::str::contains("certs/client/client.crt"))
+                .and(predicate::str::contains("certs/client/client.key"))
+                .and(predicate::str::contains("─┴─")),
+        );
+}
+
 #[test]
 /// test allows non-existent wordlist to trigger the banner printing to stderr
 /// expect to see all mandatory prints + no recursion
@@ -1366,6 +1430,7 @@ fn banner_prints_all_composite_settings_burp() {
                .and(predicate::str::contains("─┴─")),
        );
 }
+
 #[test]
 /// test allows non-existent wordlist to trigger the banner printing to stderr
 /// expect to see all mandatory prints + collect words
@@ -1420,3 +1485,15 @@ fn banner_prints_force_recursion() {
                .and(predicate::str::contains("─┴─")),
        );
 }
+
+#[test]
+/// test allows non-existent wordlist to trigger the banner printing to stderr
+/// expect to see all mandatory prints + force recursion
+fn banner_prints_update_app() {
+    Command::cargo_bin("feroxbuster")
+        .unwrap()
+        .arg("--update")
+        .assert()
+        .success()
+        .stdout(predicate::str::contains("Checking target-arch..."));
+}
--- a/tests/test_config.rs
+++ b/tests/test_config.rs
@@ -1,5 +1,6 @@
 mod utils;
 use assert_cmd::prelude::*;
+use httpmock::MockServer;
 use predicates::prelude::*;
 use std::process::Command;
 use utils::{setup_tmp_directory, teardown_tmp_directory};
@@ -7,13 +8,15 @@ use utils::{setup_tmp_directory, teardown_tmp_directory};
 #[test]
 /// send a single valid request, expect a 200 response
 fn read_in_config_file_for_settings() -> Result<(), Box<dyn std::error::Error>> {
+    let srv = MockServer::start();
+
    let (tmp_dir, file) = setup_tmp_directory(&["threads = 37".to_string()], "ferox-config.toml")?;

    Command::cargo_bin("feroxbuster")
        .unwrap()
        .current_dir(&tmp_dir)
        .arg("--url")
-        .arg("http://localhost")
+        .arg(srv.url("/"))
        .arg("--wordlist")
        .arg(file.as_os_str())
        .arg("-vvvv")
--- a/tests/test_deny_list.rs
+++ b/tests/test_deny_list.rs
@@ -45,7 +45,7 @@ fn deny_list_works_during_extraction() {
    let mock = srv.mock(|when, then| {
        when.method(GET).path("/LICENSE");
        then.status(200)
-            .body(&srv.url("'/homepage/assets/img/icons/handshake.svg'"));
+            .body(srv.url("'/homepage/assets/img/icons/handshake.svg'"));
    });

    let mock_two = srv.mock(|when, then| {
@@ -90,17 +90,17 @@ fn deny_list_works_during_recursion() {

    let js_mock = srv.mock(|when, then| {
        when.method(GET).path("/js");
-        then.status(301).header("Location", &srv.url("/js/"));
+        then.status(301).header("Location", srv.url("/js/"));
    });

    let js_prod_mock = srv.mock(|when, then| {
        when.method(GET).path("/js/prod");
-        then.status(301).header("Location", &srv.url("/js/prod/"));
+        then.status(301).header("Location", srv.url("/js/prod/"));
    });

    let js_dev_mock = srv.mock(|when, then| {
        when.method(GET).path("/js/dev");
-        then.status(301).header("Location", &srv.url("/js/dev/"));
+        then.status(301).header("Location", srv.url("/js/dev/"));
    });

    let js_dev_file_mock = srv.mock(|when, then| {
@@ -155,7 +155,7 @@ fn deny_list_works_during_recursion_with_inverted_parents() {

    let js_mock = srv.mock(|when, then| {
        when.method(GET).path("/js");
-        then.status(301).header("Location", &srv.url("/js/"));
+        then.status(301).header("Location", srv.url("/js/"));
    });

    let api_mock = srv.mock(|when, then| {
@@ -165,12 +165,12 @@ fn deny_list_works_during_recursion_with_inverted_parents() {

    let js_prod_mock = srv.mock(|when, then| {
        when.method(GET).path("/js/prod");
-        then.status(301).header("Location", &srv.url("/js/prod/"));
+        then.status(301).header("Location", srv.url("/js/prod/"));
    });

    let js_dev_mock = srv.mock(|when, then| {
        when.method(GET).path("/js/dev");
-        then.status(301).header("Location", &srv.url("/js/dev/"));
+        then.status(301).header("Location", srv.url("/js/dev/"));
    });

    let js_dev_file_mock = srv.mock(|when, then| {
--- a/tests/test_extractor.rs
+++ b/tests/test_extractor.rs
@@ -16,7 +16,7 @@ fn extractor_finds_absolute_url() -> Result<(), Box<dyn std::error::Error>> {
    let mock = srv.mock(|when, then| {
        when.method(GET).path("/LICENSE");
        then.status(200)
-            .body(&srv.url("'/homepage/assets/img/icons/handshake.svg'"));
+            .body(srv.url("'/homepage/assets/img/icons/handshake.svg'"));
    });

    let mock_two = srv.mock(|when, then| {
@@ -136,13 +136,13 @@ fn extractor_finds_same_relative_url_twice() {
    let mock = srv.mock(|when, then| {
        when.method(GET).path("/LICENSE");
        then.status(200)
-            .body(&srv.url("\"/homepage/assets/img/icons/handshake.svg\""));
+            .body(srv.url("\"/homepage/assets/img/icons/handshake.svg\""));
    });

    let mock_two = srv.mock(|when, then| {
        when.method(GET).path("/README");
        then.status(200)
-            .body(&srv.url("\"/homepage/assets/img/icons/handshake.svg\""));
+            .body(srv.url("\"/homepage/assets/img/icons/handshake.svg\""));
    });

    let mock_three = srv.mock(|when, then| {
@@ -185,7 +185,7 @@ fn extractor_finds_filtered_content() -> Result<(), Box<dyn std::error::Error>>
    let mock = srv.mock(|when, then| {
        when.method(GET).path("/LICENSE");
        then.status(200)
-            .body(&srv.url("\"/homepage/assets/img/icons/handshake.svg\""));
+            .body(srv.url("\"/homepage/assets/img/icons/handshake.svg\""));
    });

    let mock_two = srv.mock(|when, then| {
@@ -413,7 +413,7 @@ fn extractor_finds_directory_listing_links_and_displays_files() {

    let mock_dir_redir = srv.mock(|when, then| {
        when.method(GET).path("/misc");
-        then.status(301).header("Location", &srv.url("/misc/"));
+        then.status(301).header("Location", srv.url("/misc/"));
    });
    let mock_dir = srv.mock(|when, then| {
        when.method(GET).path("/misc/");
@@ -522,7 +522,7 @@ fn extractor_finds_directory_listing_links_and_displays_files_non_recursive() {

    let mock_dir_redir = srv.mock(|when, then| {
        when.method(GET).path("/misc");
-        then.status(301).header("Location", &srv.url("/misc/"));
+        then.status(301).header("Location", srv.url("/misc/"));
    });
    let mock_dir = srv.mock(|when, then| {
        when.method(GET).path("/misc/");
@@ -600,7 +600,7 @@ fn extractor_recurses_into_403_directories() -> Result<(), Box<dyn std::error::E
    let mock = srv.mock(|when, then| {
        when.method(GET).path("/LICENSE");
        then.status(200)
-            .body(&srv.url("'/homepage/assets/img/icons/handshake.svg'"));
+            .body(srv.url("'/homepage/assets/img/icons/handshake.svg'"));
    });

    let mock_two = srv.mock(|when, then| {
@@ -640,3 +640,73 @@ fn extractor_recurses_into_403_directories() -> Result<(), Box<dyn std::error::E
    teardown_tmp_directory(tmp_dir);
    Ok(())
 }
+
+#[test]
+/// robots.txt requests shouldn't fire when --dont-extract-links is used
+fn robots_text_extraction_doesnt_run_with_dont_extract_links() {
+    let srv = MockServer::start();
+    let (tmp_dir, file) = setup_tmp_directory(&["LICENSE".to_string()], "wordlist").unwrap();
+
+    let mock = srv.mock(|when, then| {
+        when.method(GET).path("/LICENSE");
+        then.status(200).body("im a little teapot"); // 18
+    });
+
+    let mock_two = srv.mock(|when, then| {
+        when.method(GET).path("/robots.txt");
+        then.status(200).body(
+            r#"
+            User-agent: *
+            Crawl-delay: 10
+            # CSS, JS, Images
+            Allow: /misc/*.css$
+            Disallow: /misc/stupidfile.php
+               Disallow: /disallowed-subdir/
+            "#,
+        );
+    });
+
+    let mock_file = srv.mock(|when, then| {
+        when.method(GET).path("/misc/stupidfile.php");
+        then.status(200).body("im a little teapot too"); // 22
+    });
+
+    let mock_scanned_file = srv.mock(|when, then| {
+        when.method(GET).path("/misc/LICENSE");
+        then.status(200).body("i too, am a container for tea"); // 29
+    });
+
+    let mock_dir = srv.mock(|when, _| {
+        when.method(GET).path("/misc/");
+    });
+
+    let mock_disallowed = srv.mock(|when, then| {
+        when.method(GET).path("/disallowed-subdir");
+        then.status(404);
+    });
+
+    let cmd = Command::cargo_bin("feroxbuster")
+        .unwrap()
+        .arg("--url")
+        .arg(srv.url("/"))
+        .arg("--wordlist")
+        .arg(file.as_os_str())
+        .arg("--dont-extract-links")
+        .arg("--no-recursion")
+        .unwrap();
+
+    cmd.assert().success().stdout(
+        predicate::str::contains("/LICENSE")
+            .and(predicate::str::contains("18c"))
+            .and(predicate::str::contains("/misc/stupidfile.php"))
+            .not(),
+    );
+
+    assert_eq!(mock.hits(), 1);
+    assert_eq!(mock_dir.hits(), 0);
+    assert_eq!(mock_two.hits(), 0);
+    assert_eq!(mock_file.hits(), 0);
+    assert_eq!(mock_disallowed.hits(), 0);
+    assert_eq!(mock_scanned_file.hits(), 0);
+    teardown_tmp_directory(tmp_dir);
+}
--- a/tests/test_filters.rs
+++ b/tests/test_filters.rs
@@ -247,3 +247,46 @@ fn filters_similar_should_filter_response() {
    assert_eq!(not_similar.hits(), 1);
    teardown_tmp_directory(tmp_dir);
 }
+
+#[test]
+/// when using --collect-backups, should only see results in output
+/// when the response shouldn't be otherwise filtered
+fn collect_backups_should_be_filtered() {
+    let srv = MockServer::start();
+    let (tmp_dir, file) = setup_tmp_directory(&["LICENSE".to_string()], "wordlist").unwrap();
+
+    let mock = srv.mock(|when: httpmock::When, then| {
+        when.method(GET).path("/LICENSE");
+        then.status(200).body("this is a test");
+    });
+
+    let mock_two = srv.mock(|when, then| {
+        when.method(GET).path("/LICENSE.bak");
+        then.status(201)
+            .body("im a backup file, but filtered out because im not 200");
+    });
+
+    let cmd = Command::cargo_bin("feroxbuster")
+        .unwrap()
+        .arg("--url")
+        .arg(srv.url("/"))
+        .arg("--wordlist")
+        .arg(file.as_os_str())
+        .arg("--status-codes")
+        .arg("200")
+        .arg("--collect-backups")
+        .unwrap();
+
+    cmd.assert().success().stdout(
+        predicate::str::contains("/LICENSE")
+            .and(predicate::str::contains("200"))
+            .and(predicate::str::contains("/LICENSE.bak"))
+            .not()
+            .and(predicate::str::contains("201"))
+            .not(),
+    );
+
+    assert_eq!(mock.hits(), 1);
+    assert_eq!(mock_two.hits(), 1);
+    teardown_tmp_directory(tmp_dir);
+}
--- a/tests/test_heuristics.rs
+++ b/tests/test_heuristics.rs
@@ -164,7 +164,7 @@ fn test_static_wildcard_request_found() -> Result<(), Box<dyn std::error::Error>

    let mock = srv.mock(|when, then| {
        when.method(GET)
-            .path_matches(Regex::new("/[a-zA-Z0-9]{32}/").unwrap());
+            .path_matches(Regex::new("/[.a-zA-Z0-9]{32,}/").unwrap());
        then.status(200).body("this is a test");
    });

@@ -180,68 +180,19 @@ fn test_static_wildcard_request_found() -> Result<(), Box<dyn std::error::Error>
    teardown_tmp_directory(tmp_dir);

    cmd.assert().success().stdout(
-        predicate::str::contains("WLD")
-            .and(predicate::str::contains("Got"))
+        predicate::str::contains("GET")
+            .and(predicate::str::contains(
+                "Auto-filtering found 404-like response and created new filter",
+            ))
            .and(predicate::str::contains("200"))
-            .and(predicate::str::contains("(url length: 32)")),
+            .and(predicate::str::contains("1l")),
    );

-    assert_eq!(mock.hits(), 1);
+    assert_eq!(mock.hits(), 6);
+
    Ok(())
 }

-#[test]
-/// test finds a dynamic wildcard and reports as much to stdout and a file
-fn test_dynamic_wildcard_request_found() {
-    let srv = MockServer::start();
-    let (tmp_dir, file) = setup_tmp_directory(&["LICENSE".to_string()], "wordlist").unwrap();
-    let outfile = tmp_dir.path().join("outfile");
-
-    let mock = srv.mock(|when, then| {
-        when.method(GET)
-            .path_matches(Regex::new("/[a-zA-Z0-9]{32}/").unwrap());
-        then.status(200)
-            .body("this is a testAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
-    });
-
-    let mock2 = srv.mock(|when, then| {
-        when.method(GET).path_matches(Regex::new("/[a-zA-Z0-9]{96}/").unwrap());
-        then.status(200).body("this is a testAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
-    });
-
-    let cmd = Command::cargo_bin("feroxbuster")
-        .unwrap()
-        .arg("--url")
-        .arg(srv.url("/"))
-        .arg("--wordlist")
-        .arg(file.as_os_str())
-        .arg("--add-slash")
-        .arg("--output")
-        .arg(outfile.as_os_str())
-        .unwrap();
-
-    let contents = std::fs::read_to_string(outfile).unwrap();
-
-    teardown_tmp_directory(tmp_dir);
-
-    assert!(contents.contains("WLD"));
-    assert!(contents.contains("Got"));
-    assert!(contents.contains("200"));
-    assert!(contents.contains("(url length: 32)"));
-    assert!(contents.contains("(url length: 96)"));
-
-    cmd.assert().success().stdout(
-        predicate::str::contains("WLD")
-            .and(predicate::str::contains("Got"))
-            .and(predicate::str::contains("200"))
-            .and(predicate::str::contains("(url length: 32)"))
-            .and(predicate::str::contains("(url length: 96)")),
-    );
-
-    assert_eq!(mock.hits(), 1);
-    assert_eq!(mock2.hits(), 1);
-}
-
 #[test]
 /// uses dont_filter, so the normal wildcard test should never happen
 fn heuristics_static_wildcard_request_with_dont_filter() -> Result<(), Box<dyn std::error::Error>> {
@@ -326,14 +277,14 @@ fn heuristics_wildcard_test_with_two_static_wildcards_with_silent_enabled(

    let mock = srv.mock(|when, then| {
        when.method(GET)
-            .path_matches(Regex::new("/[a-zA-Z0-9]{32}/").unwrap());
+            .path_matches(Regex::new("/.?[a-zA-Z0-9]{32,}").unwrap());
        then.status(200)
            .body("this is a testAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
    });

    let mock2 = srv.mock(|when, then| {
        when.method(GET)
-            .path_matches(Regex::new("/[a-zA-Z0-9]{96}/").unwrap());
+            .path_matches(Regex::new("/LICENSE").unwrap());
        then.status(200)
            .body("this is a testAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
    });
@@ -344,7 +295,6 @@ fn heuristics_wildcard_test_with_two_static_wildcards_with_silent_enabled(
        .arg(srv.url("/"))
        .arg("--wordlist")
        .arg(file.as_os_str())
-        .arg("--add-slash")
        .arg("--silent")
        .arg("--threads")
        .arg("1")
@@ -352,13 +302,71 @@ fn heuristics_wildcard_test_with_two_static_wildcards_with_silent_enabled(

    teardown_tmp_directory(tmp_dir);

-    cmd.assert().success().stdout(predicate::str::is_empty());
+    cmd.assert()
+        .success()
+        .stdout(predicate::str::contains(srv.url("/")));

-    assert_eq!(mock.hits(), 1);
+    assert_eq!(mock.hits(), 6);
    assert_eq!(mock2.hits(), 1);
    Ok(())
 }

+#[test]
+/// test finds a 404-like response that returns a 403 and a 403 directory should still be allowed
+/// to be tested for recrusion
+fn heuristics_wildcard_test_that_auto_filtering_403s_still_allows_for_recursion_into_403_directories(
+) -> Result<(), Box<dyn std::error::Error>> {
+    let srv = MockServer::start();
+
+    let super_long = String::from("92969beae6bf4beb855d1622406d87e395c87387a9ad432e8a11245002b709b03cf609d471004154b83bcc1c6ec49f6f09d471004154b83bcc1c6ec49f6f");
+
+    let (tmp_dir, file) =
+        setup_tmp_directory(&["LICENSE".to_string(), super_long.clone()], "wordlist")?;
+
+    srv.mock(|when, then| {
+        when.method(GET)
+            .path_matches(Regex::new("/.?[a-zA-Z0-9]{32,103}").unwrap());
+        then.status(403)
+            .body("this is a testAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
+    });
+
+    srv.mock(|when, then| {
+        when.method(GET).path("/LICENSE/");
+        then.status(403)
+            .body("this is a testAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
+    });
+
+    srv.mock(|when, then| {
+        when.method(GET).path(format!("/LICENSE/{}", super_long));
+        then.status(200);
+    });
+
+    let cmd = Command::cargo_bin("feroxbuster")
+        .unwrap()
+        .arg("--url")
+        .arg(srv.url("/"))
+        .arg("--wordlist")
+        .arg(file.as_os_str())
+        .arg("--add-slash")
+        .unwrap();
+
+    teardown_tmp_directory(tmp_dir);
+
+    cmd.assert().success().stdout(
+        predicate::str::contains("GET")
+            .and(predicate::str::contains(
+                "Auto-filtering found 404-like response and created new filter",
+            ))
+            .and(predicate::str::contains("403"))
+            .and(predicate::str::contains("1l"))
+            .and(predicate::str::contains("4w"))
+            .and(predicate::str::contains("46c"))
+            .and(predicate::str::contains(srv.url("/LICENSE/LICENSE/"))),
+    );
+
+    Ok(())
+}
+
 // #[test]
 // /// test finds a static wildcard and reports as much to stdout and a file
 // fn heuristics_wildcard_test_with_two_static_wildcards_and_output_to_file() {
--- a/tests/test_main.rs
+++ b/tests/test_main.rs
@@ -127,7 +127,7 @@ fn main_parallel_spawns_children() -> Result<(), Box<dyn std::error::Error>> {
        );

    let contents = read_to_string(outfile).unwrap();
-    println!("contents: {}", contents);
+    println!("contents: {contents}");

    assert!(contents.contains("parallel branch && wrapped main")); // exits parallel branch

@@ -196,7 +196,7 @@ fn main_parallel_creates_output_directory() -> Result<(), Box<dyn std::error::Er
    let file_regex = Regex::new("ferox-[a-zA-Z_:0-9]+-[0-9]+.log").unwrap();
    let dir_regex = Regex::new("output-file-[0-9]+.logs").unwrap();

-    let sub_dir = output_dir.as_ref().join(&sub_dir);
+    let sub_dir = output_dir.as_ref().join(sub_dir);

    // created directory like output-file-1627845741.logs/
    assert!(dir_regex.is_match(&sub_dir.to_string_lossy()));
@@ -218,3 +218,46 @@ fn main_parallel_creates_output_directory() -> Result<(), Box<dyn std::error::Er

    Ok(())
 }
+
+#[test]
+/// download a wordlist from a url
+fn main_download_wordlist_from_url() -> Result<(), Box<dyn std::error::Error>> {
+    let srv = MockServer::start();
+
+    let (tmp_dir, _) = setup_tmp_directory(&["a".to_string()], "wordlist")?;
+
+    let mock1 = srv.mock(|when, then| {
+        when.method(GET).path("/derp");
+        then.status(200).body("stuff\nthings");
+    });
+
+    // serve endpoints stuff and things
+    let mock2 = srv.mock(|when, then| {
+        when.method(GET).path("/stuff");
+        then.status(200);
+    });
+
+    let mock3 = srv.mock(|when, then| {
+        when.method(GET).path("/things");
+        then.status(200);
+    });
+
+    Command::cargo_bin("feroxbuster")
+        .unwrap()
+        .current_dir(&tmp_dir)
+        .arg("--url")
+        .arg(srv.url("/"))
+        .arg("--wordlist")
+        .arg(srv.url("/derp"))
+        .assert()
+        .success()
+        .stderr(predicate::str::contains(srv.url("/derp")));
+
+    teardown_tmp_directory(tmp_dir);
+
+    assert_eq!(mock1.hits(), 1); // downloaded wordlist
+    assert_eq!(mock2.hits(), 1); // found stuff from wordlist
+    assert_eq!(mock3.hits(), 1); // found things from wordlist
+
+    Ok(())
+}
--- a/tests/test_policies.rs
+++ b/tests/test_policies.rs
@@ -92,7 +92,7 @@ fn auto_bail_cancels_scan_with_timeouts() {
                    .parse::<usize>()
                    .unwrap();

-                println!("expected: {}", total_expected);
+                println!("expected: {total_expected}");
                // without bailing, should be 6180; after bail decreases significantly
                assert!(total_expected < 5000);
            }
@@ -161,7 +161,7 @@ fn auto_bail_cancels_scan_with_403s() {
            let str_msg = message.as_str().unwrap_or_default().to_string();

            if str_msg.starts_with("Stats") {
-                println!("{}", str_msg);
+                println!("{str_msg}");
                let re = Regex::new("total_expected: ([0-9]+),").unwrap();
                assert!(re.is_match(&str_msg));
                let total_expected = re
@@ -171,7 +171,7 @@ fn auto_bail_cancels_scan_with_403s() {
                    .map_or("", |m| m.as_str())
                    .parse::<usize>()
                    .unwrap();
-                println!("total_expected: {}", total_expected);
+                println!("total_expected: {total_expected}");
                assert!(total_expected < 5000);
            }
        }
@@ -243,7 +243,7 @@ fn auto_bail_cancels_scan_with_429s() {
            let str_msg = message.as_str().unwrap_or_default().to_string();

            if str_msg.starts_with("Stats") {
-                println!("{}", str_msg);
+                println!("{str_msg}");
                let re = Regex::new("total_expected: ([0-9]+),").unwrap();
                assert!(re.is_match(&str_msg));
                let total_expected = re
@@ -253,7 +253,7 @@ fn auto_bail_cancels_scan_with_429s() {
                    .map_or("", |m| m.as_str())
                    .parse::<usize>()
                    .unwrap();
-                println!("total_expected: {}", total_expected);
+                println!("total_expected: {total_expected}");
                assert!(total_expected < 5000);
            }
        }
--- a/tests/test_scan_manager.rs
+++ b/tests/test_scan_manager.rs
@@ -20,16 +20,16 @@ fn resume_scan_works() {
    // localhost:PORT/ <- complete
    // localhost:PORT/js <- will get scanned with /css and /stuff
    let complete_scan = format!(
-        r#"{{"id":"057016a14769414aac9a7a62707598cb","url":"{}","normalized_url":"{}","scan_type":"Directory","status":"Complete"}}"#,
+        r#"{{"id":"057016a14769414aac9a7a62707598cb","url":"{}","normalized_url":"{}","scan_type":"Directory","status":"Complete","num_requests":4174,"requests_made_so_far":0}}"#,
        srv.url("/"),
        srv.url("/"),
    );
    let incomplete_scan = format!(
-        r#"{{"id":"400b2323a16f43468a04ffcbbeba34c6","url":"{}","normalized_url":"{}/","scan_type":"Directory","status":"NotStarted"}}"#,
+        r#"{{"id":"400b2323a16f43468a04ffcbbeba34c6","url":"{}","normalized_url":"{}/","scan_type":"Directory","status":"NotStarted","num_requests":4174,"requests_made_so_far":0}}"#,
        srv.url("/js"),
        srv.url("/js")
    );
-    let scans = format!(r#""scans":[{},{}]"#, complete_scan, incomplete_scan);
+    let scans = format!(r#""scans":[{complete_scan},{incomplete_scan}]"#);

    let config = format!(
        r#""config": {{"type":"configuration","wordlist":"{}","config":"","proxy":"","replay_proxy":"","target_url":"{}","status_codes":[200,204,301,302,307,308,401,403,405],"replay_codes":[200,204,301,302,307,308,401,403,405],"filter_status":[],"threads":50,"timeout":7,"verbosity":0,"silent":false,"quiet":false,"json":false,"output":"","debug_log":"","user_agent":"feroxbuster/1.9.0","redirects":false,"insecure":false,"extensions":[],"headers":{{}},"queries":[],"no_recursion":false,"extract_links":false,"add_slash":false,"stdin":false,"depth":2,"scan_limit":1,"filter_size":[],"filter_line_count":[],"filter_word_count":[],"filter_regex":[],"dont_filter":false}}"#,
@@ -42,7 +42,7 @@ fn resume_scan_works() {
        r#"{{"type":"response","url":"{}","path":"/js/css","wildcard":true,"status":301,"content_length":173,"line_count":10,"word_count":16,"headers":{{"server":"nginx/1.16.1"}}}}"#,
        srv.url("/js/css")
    );
-    let responses = format!(r#""responses":[{}]"#, response);
+    let responses = format!(r#""responses":[{response}]"#);

    // not scanned because /js is not complete, and /js/stuff response is not known
    let not_scanned_yet = srv.mock(|when, then| {
@@ -63,11 +63,13 @@ fn resume_scan_works() {
        then.status(200).body("two words");
    });

-    let state_file_contents = format!("{{{},{},{}}}", scans, config, responses);
+    let state_file_contents = format!("{{{scans},{config},{responses}}}");
+
    let (tmp_dir2, state_file) = setup_tmp_directory(&[state_file_contents], "state-file").unwrap();

    Command::cargo_bin("feroxbuster")
        .unwrap()
+        .arg("-vvv")
        .arg("--resume-from")
        .arg(state_file.as_os_str())
        .assert()
--- a/tests/test_scanner.rs
+++ b/tests/test_scanner.rs
@@ -53,17 +53,17 @@ fn scanner_recursive_request_scan() -> Result<(), Box<dyn std::error::Error>> {

    let js_mock = srv.mock(|when, then| {
        when.method(GET).path("/js");
-        then.status(301).header("Location", &srv.url("/js/"));
+        then.status(301).header("Location", srv.url("/js/"));
    });

    let js_prod_mock = srv.mock(|when, then| {
        when.method(GET).path("/js/prod");
-        then.status(301).header("Location", &srv.url("/js/prod/"));
+        then.status(301).header("Location", srv.url("/js/prod/"));
    });

    let js_dev_mock = srv.mock(|when, then| {
        when.method(GET).path("/js/dev");
-        then.status(301).header("Location", &srv.url("/js/dev/"));
+        then.status(301).header("Location", srv.url("/js/dev/"));
    });

    let js_dev_file_mock = srv.mock(|when, then| {
@@ -116,17 +116,17 @@ fn scanner_recursive_request_scan_using_only_success_responses(

    let js_mock = srv.mock(|when, then| {
        when.method(GET).path("/js/");
-        then.status(200).header("Location", &srv.url("/js/"));
+        then.status(200).header("Location", srv.url("/js/"));
    });

    let js_prod_mock = srv.mock(|when, then| {
        when.method(GET).path("/js/prod/");
-        then.status(200).header("Location", &srv.url("/js/prod/"));
+        then.status(200).header("Location", srv.url("/js/prod/"));
    });

    let js_dev_mock = srv.mock(|when, then| {
        when.method(GET).path("/js/dev/");
-        then.status(200).header("Location", &srv.url("/js/dev/"));
+        then.status(200).header("Location", srv.url("/js/dev/"));
    });

    let js_dev_file_mock = srv.mock(|when, then| {
@@ -454,7 +454,7 @@ fn scanner_single_request_scan_with_debug_logging() {
        .unwrap();

    let contents = std::fs::read_to_string(outfile).unwrap();
-    println!("{}", contents);
+    println!("{contents}");
    assert!(contents.starts_with("Configuration {"));
    assert!(contents.contains("TRC"));
    assert!(contents.contains("DBG"));
@@ -492,7 +492,7 @@ fn scanner_single_request_scan_with_debug_logging_as_json() {
        .unwrap();

    let contents = std::fs::read_to_string(outfile).unwrap();
-    println!("{}", contents);
+    println!("{contents}");
    assert!(contents.starts_with("{\"type\":\"configuration\""));
    assert!(contents.contains("\"level\":\"TRACE\""));
    assert!(contents.contains("\"level\":\"DEBUG\""));
@@ -587,9 +587,12 @@ fn scanner_recursion_works_with_403_directories() {
    cmd.assert().success().stdout(
        predicate::str::contains("/LICENSE")
            .count(2)
-            .and(predicate::str::contains("200").count(2))
-            .and(predicate::str::contains("403"))
-            .and(predicate::str::contains("53c"))
+            .and(predicate::str::contains("200"))
+            .and(predicate::str::contains("404"))
+            .and(predicate::str::contains("53c Auto-filtering"))
+            .and(predicate::str::contains(
+                "Auto-filtering found 404-like response and created new filter;",
+            ))
            .and(predicate::str::contains("14c"))
            .and(predicate::str::contains("0c"))
            .and(predicate::str::contains("ignored").count(2))
@@ -651,7 +654,7 @@ fn add_discovered_extension_updates_bars_and_stats() {
    )
    .unwrap();

-    srv.mock(|when, then| {
+    let mock = srv.mock(|when, then| {
        when.method(GET).path("/stuff.php");
        then.status(200).body("cool... coolcoolcool");
    });
@@ -675,10 +678,11 @@ fn add_discovered_extension_updates_bars_and_stats() {
        .assert()
        .success();

+    mock.assert_hits(1);
    let contents = std::fs::read_to_string(file_path).unwrap();
-    println!("{}", contents);
+    println!("{contents}");
    assert!(contents.contains("discovered new extension: php"));
-    assert!(contents.contains("extensions_collected: 1"));
+    // assert!(contents.contains("extensions_collected: 1"));  // this is racy
    assert!(contents.contains("expected_per_scan: 6"));
 }

@@ -689,7 +693,7 @@ fn collect_backups_makes_appropriate_requests() {
    let srv = MockServer::start();
    let (tmp_dir, file) = setup_tmp_directory(&["LICENSE.txt".to_string()], "wordlist").unwrap();

-    let valid_paths = vec![
+    let valid_paths = [
        "/LICENSE.txt",
        "/LICENSE.txt~",
        "/LICENSE.txt.bak",
@@ -864,7 +868,7 @@ fn scanner_forced_recursion_ignores_normal_redirect_logic() -> Result<(), Box<dy
        when.method(GET).path("/LICENSE");
        then.status(301)
            .body("this is a test")
-            .header("Location", &srv.url("/LICENSE"));
+            .header("Location", srv.url("/LICENSE"));
    });

    let mock2 = srv.mock(|when, then| {
@@ -891,12 +895,16 @@ fn scanner_forced_recursion_ignores_normal_redirect_logic() -> Result<(), Box<dy
        .arg("--wordlist")
        .arg(file.as_os_str())
        .arg("--force-recursion")
+        .arg("--dont-filter")
+        .arg("--status-codes")
+        .arg("301")
+        .arg("200")
        .arg("-o")
        .arg(outfile.as_os_str())
        .unwrap();

    let contents = std::fs::read_to_string(outfile)?;
-    println!("{}", contents);
+    println!("{contents}");

    assert!(contents.contains("/LICENSE"));
    assert!(contents.contains("301"));