Implements an opt-in detection path for likely honeypot/noise targets that match many unrelated templates on the same host.

Proposed Changes

• add -honeypot-threshold / -hpt (default 0, disabled)
• add -honeypot-suppress to suppress findings from flagged hosts
• introduce host-level unique-template tracking in output writer
• emit one warning when a host crosses threshold
• add unit tests for host normalization and suppress/warn behavior

Behavior

• When threshold is disabled (0): no overhead / no behavior changes
• When enabled:
  • each result updates a per-host set of distinct template-id
  • once count reaches threshold, host is marked as potential honeypot
  • warning is printed once per host
  • if -honeypot-suppress is enabled, subsequent results for that host are skipped

Proof

go test ./pkg/output -count=1
go test ./cmd/nuclei -run TestNonExistent -count=1

Checklist

• PR created against dev
• Tests added for the new logic
• Existing touched packages compile and tests pass locally

/claim #6403

Summary by CodeRabbit

• New Features

  • Added honeypot detection to identify and flag hosts that match multiple unique templates.
  • New CLI options to set the per-host match threshold and optionally suppress findings from flagged hosts.
  • Flagged hosts emit a warning the first time they are detected; suppression prevents subsequent outputs when enabled.

• Tests

  • Added tests for host normalization, threshold-triggered flagging, deduplication, pruning behavior, and suppression handling.