bqm 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 5e2f3d5208930a05737b9a4a7689d4e3fd8a3b75c7d2c914169008386c9fce38
+  data.tar.gz: 349dfdeb788a612d2a4231a8a8ee05ead1631bb0d4743b28daad92d5f35d55f2
+SHA512:
+  metadata.gz: 6a6089672981c16b887f00815e4f8ea9b3819792c12503cb862d3149cb75ed6c1422955cf2d6893d5bd4d9905dffaf55106c1982a88f82857af10591019611c3
+  data.tar.gz: 4cce267816043816f8fd56046b6aa481e3d6d920274462b77da4766d5c23bfda99977aa4fb02256975f3dd8beb77d4b883c0171994019dc50b94843c33af0023

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2022 Alexandre ZANNI at ACCEIS
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/bqm.rb

@@ -0,0 +1,73 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'json'
+require 'net/http'
+
+def find_dataset
+  source_file = 'query-sets.json'
+  source_file_paths = ['./data', '/usr/share/bqm/data', '~/.local/share/bqm/data']
+  source_file_paths.each do |path|
+    candidate = "#{path}/#{source_file}"
+    return candidate if File.file?(candidate) && File.readable?(candidate)
+  end
+  raise IOError, "The dataset file #{source_file} does not exist or is unreadable."
+end
+
+def merge(source)
+  src = JSON.load_file(source)
+  queries = []
+  src['sets'].each do |s|
+    customqueries = Net::HTTP.get(URI(s))
+    data = JSON.parse(customqueries)
+    queries += data['queries']
+  end
+  queries
+end
+
+# Query class just for the sake of having custom comparison
+class BQMquery
+  attr_accessor :data
+
+  def initialize(query)
+    @data = query
+  end
+
+  def eql?(other)
+    @data['name'].eql?(other.data['name']) && @data['queryList'].eql?(other.data['queryList'])
+  end
+
+  def hash
+    @data.hash
+  end
+end
+
+def deduplicate(data)
+  data.map { |x| BQMquery.new(x) }.uniq
+end
+
+if __FILE__ == $PROGRAM_NAME
+  source = find_dataset
+  data = merge(source)
+  queries = deduplicate(data).map(&:data)
+
+  require 'optparse'
+  options = {}
+  OptionParser.new do |parser|
+    parser.banner = 'Usage: bqm.rb [options]'
+
+    parser.on('-o', '--output-path PATH', 'Path where to store the query file')
+    parser.separator ''
+    parser.separator 'Example: bqm.rb -o ~/.config/bloodhound/customqueries.json'
+  end.parse!(into: options)
+
+  out = options[:'output-path']
+  if out
+    File.open(out, 'w') do |file|
+      json = JSON.pretty_generate({ 'queries' => queries })
+      file.write(json)
+    end
+  else
+    puts 'Help: bqm.rb -h'
+  end
+end

data/data/query-sets.json

@@ -0,0 +1,11 @@
+{
+  "sets": [
+    "https://raw.githubusercontent.com/ly4k/Certipy/main/customqueries.json",
+    "https://raw.githubusercontent.com/CompassSecurity/BloodHoundQueries/master/customqueries.json",
+    "https://raw.githubusercontent.com/hausec/Bloodhound-Custom-Queries/master/customqueries.json",
+    "https://raw.githubusercontent.com/awsmhacks/awsmBloodhoundCustomQueries/master/customqueries.json",
+    "https://raw.githubusercontent.com/porterhau5/BloodHound-Owned/master/customqueries.json",
+    "https://raw.githubusercontent.com/ZephrFish/Bloodhound-CustomQueries/main/customqueries.json",
+    "https://raw.githubusercontent.com/Scoubi/BloodhoundAD-Queries/master/customqueries.json"
+  ]
+}

metadata

@@ -0,0 +1,56 @@
+--- !ruby/object:Gem::Specification
+name: bqm
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Alexandre ZANNI
+autorequire:
+bindir: "."
+cert_chain: []
+date: 2022-11-04 00:00:00.000000000 Z
+dependencies: []
+description: Deduplicate custom BloudHound queries from different datasets and merge
+  them in one customqueries.json file.
+email: alexandre.zanni@europe.com
+executables:
+- bqm.rb
+extensions: []
+extra_rdoc_files: []
+files:
+- "./bqm.rb"
+- LICENSE
+- bqm.rb
+- data/query-sets.json
+homepage: https://github.com/Acceis/bqm
+licenses:
+- MIT
+metadata:
+  bug_tracker_uri: https://github.com/Acceis/bqm/issues
+  homepage_uri: https://github.com/Acceis/bqm
+  source_code_uri: https://github.com/Acceis/bqm/
+  rubygems_mfa_required: 'true'
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.6.0
+  - - "<"
+    - !ruby/object:Gem::Version
+      version: '3.2'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.3.7
+signing_key:
+specification_version: 4
+summary: Download BloudHound query lists, deduplicate entries and merge them in one
+  file.
+test_files: []