New apprach to writing web security scanners using async generators

scanner.js

/**
 * Generates new http transactions to discover directories, common files and vulnerabilities
 * @param tran  
 * @param options 
 */
const discover = async function*(tran, options) {
    // TODO: add code here
}

/**
 * Given an input transaction, generate new transactions by spidering
 * @param tran 
 * @param options 
 */
const spider = async function*(tran, options) {
    // TODO: add code here
}

/**
 * Active fuzz of the input transaction to discover known vulnerabilities
 * @param tran 
 * @param options 
 */
const fuzz = async function*(tran, options) {
    // TODO: add code here
}

/**
 * Passive analyzis of the input transaction to discover vulnerabilities
 * @param tran 
 * @param options 
 */
const analyze = async function*(tran, options) {
    // TODO: add code here
}

/**
 * Scan the target given input parameters
 * @param tran 
 * @param options 
 */
const scan = async function* (tran, options) {
    for await (let tran of spider(tran, options)) {
        yield tran

        yield* analyze(tran, options)

        for await (let tran of fuzz(tran, options)) {
            yield tran

            yield* analyze(tran, options)

            const { maxDepthLevel = 10, depthLevel = 0 } = options || {}

            if (depthLevel <= maxDepthLevel) {
                yield* scan(tran, { ...options, maxDepthLevel, depthLevel: depthLevel + 1 })
            }
        }
    }
}