bqm 1.0.1 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/bqm +34 -6
- data/data/query-sets.json +6 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0f38e89871f7a22fe4917e8a66011a93b11bfa2557fa51035062b8fe06b9b6b4
|
4
|
+
data.tar.gz: a37b68ffe558b5e387ee9253d7ca01f25a2bdb5a2e39fa63997577a2d9979c08
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bc2f3b83876b97cb41002d5508f745becdffdb3953d0fcefa721017acefb06e9026ecb0a4c5f27f5f5f503d87b78a53ff45cdf1ffd2e240c748c4518627430e5
|
7
|
+
data.tar.gz: f0d0bee9d057c113bcfa7c92897896166cd05df20a392e1941dc6f4f6f2f2f8fa39f31fe106ce1b7f0fbd2832df25ef776c5534ab8f876ac4f75f26c8df355df
|
data/bin/bqm
CHANGED
@@ -6,7 +6,7 @@ require 'net/http'
|
|
6
6
|
|
7
7
|
def find_dataset
|
8
8
|
source_file = 'query-sets.json'
|
9
|
-
source_file_paths = ['./data', '/usr/share/bqm/data', '~/.local/share/bqm/data']
|
9
|
+
source_file_paths = ['./data', "#{__dir__}/../data", '/usr/share/bqm/data', '~/.local/share/bqm/data']
|
10
10
|
source_file_paths.each do |path|
|
11
11
|
candidate = "#{path}/#{source_file}"
|
12
12
|
return candidate if File.file?(candidate) && File.readable?(candidate)
|
@@ -15,9 +15,9 @@ def find_dataset
|
|
15
15
|
end
|
16
16
|
|
17
17
|
def merge(source)
|
18
|
-
|
18
|
+
sets = get_datasets(source)
|
19
19
|
queries = []
|
20
|
-
|
20
|
+
sets.each do |s|
|
21
21
|
customqueries = Net::HTTP.get(URI(s))
|
22
22
|
data = JSON.parse(customqueries)
|
23
23
|
queries += data['queries']
|
@@ -46,10 +46,25 @@ def deduplicate(data)
|
|
46
46
|
data.map { |x| BQMquery.new(x) }.uniq
|
47
47
|
end
|
48
48
|
|
49
|
+
# Transform a list of raw github links to pretty github links
|
50
|
+
# from https://raw.githubusercontent.com/namespace/project/branch/file.ext
|
51
|
+
# to https://github.com/namespace/project/blob/branch/file.ext
|
52
|
+
def pretty_link(lst)
|
53
|
+
output = []
|
54
|
+
lst.each do |link|
|
55
|
+
_protocol, _void, _host, namespace, project, branch, *path = link.split('/')
|
56
|
+
output << " https://github.com/#{namespace}/#{project}/blob/#{branch}/#{path.join('/')}"
|
57
|
+
end
|
58
|
+
output
|
59
|
+
end
|
60
|
+
|
61
|
+
def get_datasets(source)
|
62
|
+
src = JSON.load_file(source)
|
63
|
+
src['sets']
|
64
|
+
end
|
65
|
+
|
49
66
|
if __FILE__ == $PROGRAM_NAME
|
50
67
|
source = find_dataset
|
51
|
-
data = merge(source)
|
52
|
-
queries = deduplicate(data).map(&:data)
|
53
68
|
|
54
69
|
require 'optparse'
|
55
70
|
options = {}
|
@@ -57,16 +72,29 @@ if __FILE__ == $PROGRAM_NAME
|
|
57
72
|
parser.banner = 'Usage: bqm [options]'
|
58
73
|
|
59
74
|
parser.on('-o', '--output-path PATH', 'Path where to store the query file')
|
75
|
+
parser.on('-l', '--list', 'List available datasets')
|
60
76
|
parser.separator ''
|
61
77
|
parser.separator 'Example: bqm -o ~/.config/bloodhound/customqueries.json'
|
62
78
|
end.parse!(into: options)
|
63
79
|
|
64
80
|
out = options[:'output-path']
|
65
|
-
|
81
|
+
list = options[:list]
|
82
|
+
if list
|
83
|
+
puts '[+] Available datasets:'
|
84
|
+
pretty_link(get_datasets(source)).each do |l|
|
85
|
+
puts l
|
86
|
+
end
|
87
|
+
elsif out
|
88
|
+
puts '[+] Fetching and merging datasets'
|
89
|
+
data = merge(source)
|
90
|
+
puts '[+] Removing duplicates'
|
91
|
+
queries = deduplicate(data).map(&:data)
|
92
|
+
|
66
93
|
File.open(out, 'w') do |file|
|
67
94
|
json = JSON.pretty_generate({ 'queries' => queries })
|
68
95
|
file.write(json)
|
69
96
|
end
|
97
|
+
puts "[+] All queries have been merged in #{out}"
|
70
98
|
else
|
71
99
|
puts 'Help: bqm -h'
|
72
100
|
end
|
data/data/query-sets.json
CHANGED
@@ -6,6 +6,11 @@
|
|
6
6
|
"https://raw.githubusercontent.com/awsmhacks/awsmBloodhoundCustomQueries/master/customqueries.json",
|
7
7
|
"https://raw.githubusercontent.com/porterhau5/BloodHound-Owned/master/customqueries.json",
|
8
8
|
"https://raw.githubusercontent.com/ZephrFish/Bloodhound-CustomQueries/main/customqueries.json",
|
9
|
-
"https://raw.githubusercontent.com/Scoubi/BloodhoundAD-Queries/master/customqueries.json"
|
9
|
+
"https://raw.githubusercontent.com/Scoubi/BloodhoundAD-Queries/master/customqueries.json",
|
10
|
+
"https://raw.githubusercontent.com/InfamousSYN/bloodhound-queries/main/customqueries.json",
|
11
|
+
"https://raw.githubusercontent.com/zeronetworks/BloodHound-Tools/main/CustomQueries/customqueries.json",
|
12
|
+
"https://raw.githubusercontent.com/egypt/customqueries/master/customqueries.json",
|
13
|
+
"https://raw.githubusercontent.com/trustedsec/CrackHound/main/customqueries.json",
|
14
|
+
"https://raw.githubusercontent.com/aress31/bloodhound-utils/main/customqueries.json"
|
10
15
|
]
|
11
16
|
}
|