bbot 2.0.1.4654rc0__py3-none-any.whl → 2.3.0.5397rc0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of bbot might be problematic. Click here for more details.

Files changed (270) hide show
  1. bbot/__init__.py +1 -1
  2. bbot/cli.py +3 -7
  3. bbot/core/config/files.py +0 -1
  4. bbot/core/config/logger.py +34 -4
  5. bbot/core/core.py +21 -6
  6. bbot/core/engine.py +9 -8
  7. bbot/core/event/base.py +162 -63
  8. bbot/core/helpers/bloom.py +10 -3
  9. bbot/core/helpers/command.py +9 -8
  10. bbot/core/helpers/depsinstaller/installer.py +89 -32
  11. bbot/core/helpers/depsinstaller/sudo_askpass.py +38 -2
  12. bbot/core/helpers/diff.py +10 -10
  13. bbot/core/helpers/dns/brute.py +18 -14
  14. bbot/core/helpers/dns/dns.py +16 -15
  15. bbot/core/helpers/dns/engine.py +159 -132
  16. bbot/core/helpers/dns/helpers.py +2 -2
  17. bbot/core/helpers/dns/mock.py +26 -8
  18. bbot/core/helpers/files.py +1 -1
  19. bbot/core/helpers/helper.py +7 -4
  20. bbot/core/helpers/interactsh.py +3 -3
  21. bbot/core/helpers/libmagic.py +65 -0
  22. bbot/core/helpers/misc.py +65 -22
  23. bbot/core/helpers/names_generator.py +17 -3
  24. bbot/core/helpers/process.py +0 -20
  25. bbot/core/helpers/regex.py +1 -1
  26. bbot/core/helpers/regexes.py +12 -6
  27. bbot/core/helpers/validators.py +1 -2
  28. bbot/core/helpers/web/client.py +1 -1
  29. bbot/core/helpers/web/engine.py +18 -13
  30. bbot/core/helpers/web/web.py +25 -116
  31. bbot/core/helpers/wordcloud.py +5 -5
  32. bbot/core/modules.py +36 -27
  33. bbot/core/multiprocess.py +58 -0
  34. bbot/core/shared_deps.py +46 -3
  35. bbot/db/sql/models.py +147 -0
  36. bbot/defaults.yml +15 -10
  37. bbot/errors.py +0 -8
  38. bbot/modules/anubisdb.py +2 -2
  39. bbot/modules/apkpure.py +63 -0
  40. bbot/modules/azure_tenant.py +2 -2
  41. bbot/modules/baddns.py +35 -19
  42. bbot/modules/baddns_direct.py +92 -0
  43. bbot/modules/baddns_zone.py +3 -8
  44. bbot/modules/badsecrets.py +4 -3
  45. bbot/modules/base.py +195 -51
  46. bbot/modules/bevigil.py +7 -7
  47. bbot/modules/binaryedge.py +7 -4
  48. bbot/modules/bufferoverrun.py +47 -0
  49. bbot/modules/builtwith.py +6 -10
  50. bbot/modules/bypass403.py +5 -5
  51. bbot/modules/c99.py +10 -7
  52. bbot/modules/censys.py +9 -13
  53. bbot/modules/certspotter.py +5 -3
  54. bbot/modules/chaos.py +9 -7
  55. bbot/modules/code_repository.py +1 -0
  56. bbot/modules/columbus.py +3 -3
  57. bbot/modules/crt.py +5 -3
  58. bbot/modules/deadly/dastardly.py +1 -1
  59. bbot/modules/deadly/ffuf.py +9 -9
  60. bbot/modules/deadly/nuclei.py +3 -3
  61. bbot/modules/deadly/vhost.py +4 -3
  62. bbot/modules/dehashed.py +1 -1
  63. bbot/modules/digitorus.py +1 -1
  64. bbot/modules/dnsbimi.py +145 -0
  65. bbot/modules/dnscaa.py +3 -3
  66. bbot/modules/dnsdumpster.py +4 -4
  67. bbot/modules/dnstlsrpt.py +144 -0
  68. bbot/modules/docker_pull.py +7 -5
  69. bbot/modules/dockerhub.py +2 -2
  70. bbot/modules/dotnetnuke.py +18 -19
  71. bbot/modules/emailformat.py +1 -1
  72. bbot/modules/extractous.py +122 -0
  73. bbot/modules/filedownload.py +9 -7
  74. bbot/modules/fullhunt.py +7 -4
  75. bbot/modules/generic_ssrf.py +5 -5
  76. bbot/modules/github_codesearch.py +3 -2
  77. bbot/modules/github_org.py +4 -4
  78. bbot/modules/github_workflows.py +4 -4
  79. bbot/modules/gitlab.py +2 -5
  80. bbot/modules/google_playstore.py +93 -0
  81. bbot/modules/gowitness.py +48 -50
  82. bbot/modules/hackertarget.py +5 -3
  83. bbot/modules/host_header.py +5 -5
  84. bbot/modules/httpx.py +1 -4
  85. bbot/modules/hunterio.py +3 -9
  86. bbot/modules/iis_shortnames.py +19 -30
  87. bbot/modules/internal/cloudcheck.py +27 -12
  88. bbot/modules/internal/dnsresolve.py +250 -276
  89. bbot/modules/internal/excavate.py +100 -64
  90. bbot/modules/internal/speculate.py +42 -33
  91. bbot/modules/internetdb.py +4 -2
  92. bbot/modules/ip2location.py +3 -5
  93. bbot/modules/ipneighbor.py +1 -1
  94. bbot/modules/ipstack.py +3 -8
  95. bbot/modules/jadx.py +87 -0
  96. bbot/modules/leakix.py +11 -10
  97. bbot/modules/myssl.py +2 -2
  98. bbot/modules/newsletters.py +2 -2
  99. bbot/modules/otx.py +5 -3
  100. bbot/modules/output/asset_inventory.py +7 -7
  101. bbot/modules/output/base.py +1 -1
  102. bbot/modules/output/csv.py +1 -2
  103. bbot/modules/output/http.py +20 -14
  104. bbot/modules/output/mysql.py +51 -0
  105. bbot/modules/output/neo4j.py +7 -2
  106. bbot/modules/output/postgres.py +49 -0
  107. bbot/modules/output/slack.py +0 -1
  108. bbot/modules/output/sqlite.py +29 -0
  109. bbot/modules/output/stdout.py +2 -2
  110. bbot/modules/output/teams.py +107 -6
  111. bbot/modules/paramminer_headers.py +5 -8
  112. bbot/modules/passivetotal.py +13 -13
  113. bbot/modules/portscan.py +32 -6
  114. bbot/modules/postman.py +50 -126
  115. bbot/modules/postman_download.py +220 -0
  116. bbot/modules/rapiddns.py +3 -8
  117. bbot/modules/report/asn.py +11 -11
  118. bbot/modules/robots.py +3 -3
  119. bbot/modules/securitytrails.py +7 -10
  120. bbot/modules/securitytxt.py +128 -0
  121. bbot/modules/shodan_dns.py +7 -9
  122. bbot/modules/sitedossier.py +1 -1
  123. bbot/modules/skymem.py +2 -2
  124. bbot/modules/social.py +2 -1
  125. bbot/modules/subdomaincenter.py +1 -1
  126. bbot/modules/subdomainradar.py +160 -0
  127. bbot/modules/telerik.py +8 -8
  128. bbot/modules/templates/bucket.py +1 -1
  129. bbot/modules/templates/github.py +22 -14
  130. bbot/modules/templates/postman.py +21 -0
  131. bbot/modules/templates/shodan.py +14 -13
  132. bbot/modules/templates/sql.py +95 -0
  133. bbot/modules/templates/subdomain_enum.py +53 -17
  134. bbot/modules/templates/webhook.py +2 -4
  135. bbot/modules/trickest.py +8 -37
  136. bbot/modules/trufflehog.py +18 -3
  137. bbot/modules/url_manipulation.py +3 -3
  138. bbot/modules/urlscan.py +1 -1
  139. bbot/modules/viewdns.py +1 -1
  140. bbot/modules/virustotal.py +8 -30
  141. bbot/modules/wafw00f.py +1 -1
  142. bbot/modules/wayback.py +1 -1
  143. bbot/modules/wpscan.py +17 -11
  144. bbot/modules/zoomeye.py +11 -6
  145. bbot/presets/baddns-thorough.yml +12 -0
  146. bbot/presets/fast.yml +16 -0
  147. bbot/presets/kitchen-sink.yml +1 -0
  148. bbot/presets/spider.yml +4 -0
  149. bbot/presets/subdomain-enum.yml +7 -7
  150. bbot/scanner/manager.py +5 -16
  151. bbot/scanner/preset/args.py +44 -26
  152. bbot/scanner/preset/environ.py +7 -2
  153. bbot/scanner/preset/path.py +7 -4
  154. bbot/scanner/preset/preset.py +36 -23
  155. bbot/scanner/scanner.py +176 -63
  156. bbot/scanner/target.py +236 -434
  157. bbot/scripts/docs.py +1 -1
  158. bbot/test/bbot_fixtures.py +22 -3
  159. bbot/test/conftest.py +132 -100
  160. bbot/test/fastapi_test.py +17 -0
  161. bbot/test/owasp_mastg.apk +0 -0
  162. bbot/test/run_tests.sh +4 -4
  163. bbot/test/test.conf +2 -0
  164. bbot/test/test_step_1/test_bbot_fastapi.py +82 -0
  165. bbot/test/test_step_1/test_bloom_filter.py +2 -0
  166. bbot/test/test_step_1/test_cli.py +138 -64
  167. bbot/test/test_step_1/test_dns.py +392 -70
  168. bbot/test/test_step_1/test_engine.py +17 -17
  169. bbot/test/test_step_1/test_events.py +203 -37
  170. bbot/test/test_step_1/test_helpers.py +64 -28
  171. bbot/test/test_step_1/test_manager_deduplication.py +1 -1
  172. bbot/test/test_step_1/test_manager_scope_accuracy.py +336 -338
  173. bbot/test/test_step_1/test_modules_basic.py +69 -71
  174. bbot/test/test_step_1/test_presets.py +184 -96
  175. bbot/test/test_step_1/test_python_api.py +7 -2
  176. bbot/test/test_step_1/test_regexes.py +35 -5
  177. bbot/test/test_step_1/test_scan.py +39 -5
  178. bbot/test/test_step_1/test_scope.py +5 -4
  179. bbot/test/test_step_1/test_target.py +243 -145
  180. bbot/test/test_step_1/test_web.py +48 -10
  181. bbot/test/test_step_2/module_tests/base.py +17 -20
  182. bbot/test/test_step_2/module_tests/test_module_anubisdb.py +1 -1
  183. bbot/test/test_step_2/module_tests/test_module_apkpure.py +71 -0
  184. bbot/test/test_step_2/module_tests/test_module_asset_inventory.py +0 -1
  185. bbot/test/test_step_2/module_tests/test_module_azure_realm.py +1 -1
  186. bbot/test/test_step_2/module_tests/test_module_baddns.py +6 -6
  187. bbot/test/test_step_2/module_tests/test_module_baddns_direct.py +62 -0
  188. bbot/test/test_step_2/module_tests/test_module_bevigil.py +29 -2
  189. bbot/test/test_step_2/module_tests/test_module_binaryedge.py +4 -2
  190. bbot/test/test_step_2/module_tests/test_module_bucket_amazon.py +2 -2
  191. bbot/test/test_step_2/module_tests/test_module_bucket_azure.py +1 -1
  192. bbot/test/test_step_2/module_tests/test_module_bufferoverrun.py +35 -0
  193. bbot/test/test_step_2/module_tests/test_module_builtwith.py +2 -2
  194. bbot/test/test_step_2/module_tests/test_module_bypass403.py +1 -1
  195. bbot/test/test_step_2/module_tests/test_module_c99.py +126 -0
  196. bbot/test/test_step_2/module_tests/test_module_censys.py +4 -1
  197. bbot/test/test_step_2/module_tests/test_module_cloudcheck.py +4 -0
  198. bbot/test/test_step_2/module_tests/test_module_code_repository.py +11 -1
  199. bbot/test/test_step_2/module_tests/test_module_columbus.py +1 -1
  200. bbot/test/test_step_2/module_tests/test_module_credshed.py +3 -3
  201. bbot/test/test_step_2/module_tests/test_module_dastardly.py +2 -1
  202. bbot/test/test_step_2/module_tests/test_module_dehashed.py +2 -2
  203. bbot/test/test_step_2/module_tests/test_module_digitorus.py +1 -1
  204. bbot/test/test_step_2/module_tests/test_module_discord.py +1 -1
  205. bbot/test/test_step_2/module_tests/test_module_dnsbimi.py +103 -0
  206. bbot/test/test_step_2/module_tests/test_module_dnsbrute.py +9 -10
  207. bbot/test/test_step_2/module_tests/test_module_dnsbrute_mutations.py +1 -2
  208. bbot/test/test_step_2/module_tests/test_module_dnscommonsrv.py +1 -2
  209. bbot/test/test_step_2/module_tests/test_module_dnsdumpster.py +4 -4
  210. bbot/test/test_step_2/module_tests/test_module_dnstlsrpt.py +64 -0
  211. bbot/test/test_step_2/module_tests/test_module_dotnetnuke.py +0 -8
  212. bbot/test/test_step_2/module_tests/test_module_excavate.py +17 -37
  213. bbot/test/test_step_2/module_tests/test_module_extractous.py +54 -0
  214. bbot/test/test_step_2/module_tests/test_module_ffuf_shortnames.py +1 -1
  215. bbot/test/test_step_2/module_tests/test_module_filedownload.py +14 -14
  216. bbot/test/test_step_2/module_tests/test_module_git_clone.py +2 -2
  217. bbot/test/test_step_2/module_tests/test_module_github_org.py +19 -8
  218. bbot/test/test_step_2/module_tests/test_module_github_workflows.py +1 -1
  219. bbot/test/test_step_2/module_tests/test_module_gitlab.py +9 -4
  220. bbot/test/test_step_2/module_tests/test_module_google_playstore.py +83 -0
  221. bbot/test/test_step_2/module_tests/test_module_gowitness.py +4 -4
  222. bbot/test/test_step_2/module_tests/test_module_host_header.py +1 -1
  223. bbot/test/test_step_2/module_tests/test_module_http.py +4 -4
  224. bbot/test/test_step_2/module_tests/test_module_httpx.py +10 -8
  225. bbot/test/test_step_2/module_tests/test_module_hunterio.py +68 -4
  226. bbot/test/test_step_2/module_tests/test_module_jadx.py +55 -0
  227. bbot/test/test_step_2/module_tests/test_module_json.py +24 -11
  228. bbot/test/test_step_2/module_tests/test_module_leakix.py +7 -3
  229. bbot/test/test_step_2/module_tests/test_module_mysql.py +76 -0
  230. bbot/test/test_step_2/module_tests/test_module_myssl.py +1 -1
  231. bbot/test/test_step_2/module_tests/test_module_neo4j.py +1 -1
  232. bbot/test/test_step_2/module_tests/test_module_newsletters.py +6 -6
  233. bbot/test/test_step_2/module_tests/test_module_ntlm.py +7 -7
  234. bbot/test/test_step_2/module_tests/test_module_oauth.py +1 -1
  235. bbot/test/test_step_2/module_tests/test_module_otx.py +1 -1
  236. bbot/test/test_step_2/module_tests/test_module_paramminer_cookies.py +1 -2
  237. bbot/test/test_step_2/module_tests/test_module_paramminer_getparams.py +0 -6
  238. bbot/test/test_step_2/module_tests/test_module_paramminer_headers.py +2 -9
  239. bbot/test/test_step_2/module_tests/test_module_passivetotal.py +3 -1
  240. bbot/test/test_step_2/module_tests/test_module_portscan.py +9 -8
  241. bbot/test/test_step_2/module_tests/test_module_postgres.py +74 -0
  242. bbot/test/test_step_2/module_tests/test_module_postman.py +84 -253
  243. bbot/test/test_step_2/module_tests/test_module_postman_download.py +439 -0
  244. bbot/test/test_step_2/module_tests/test_module_rapiddns.py +93 -1
  245. bbot/test/test_step_2/module_tests/test_module_securitytxt.py +50 -0
  246. bbot/test/test_step_2/module_tests/test_module_shodan_dns.py +20 -1
  247. bbot/test/test_step_2/module_tests/test_module_sitedossier.py +2 -2
  248. bbot/test/test_step_2/module_tests/test_module_smuggler.py +1 -1
  249. bbot/test/test_step_2/module_tests/test_module_social.py +11 -1
  250. bbot/test/test_step_2/module_tests/test_module_speculate.py +2 -6
  251. bbot/test/test_step_2/module_tests/test_module_splunk.py +4 -4
  252. bbot/test/test_step_2/module_tests/test_module_sqlite.py +18 -0
  253. bbot/test/test_step_2/module_tests/test_module_sslcert.py +1 -1
  254. bbot/test/test_step_2/module_tests/test_module_stdout.py +5 -3
  255. bbot/test/test_step_2/module_tests/test_module_subdomaincenter.py +1 -1
  256. bbot/test/test_step_2/module_tests/test_module_subdomainradar.py +208 -0
  257. bbot/test/test_step_2/module_tests/test_module_subdomains.py +1 -1
  258. bbot/test/test_step_2/module_tests/test_module_teams.py +8 -6
  259. bbot/test/test_step_2/module_tests/test_module_telerik.py +1 -1
  260. bbot/test/test_step_2/module_tests/test_module_trufflehog.py +317 -11
  261. bbot/test/test_step_2/module_tests/test_module_wayback.py +1 -1
  262. bbot/test/test_step_2/template_tests/test_template_subdomain_enum.py +135 -0
  263. {bbot-2.0.1.4654rc0.dist-info → bbot-2.3.0.5397rc0.dist-info}/METADATA +48 -18
  264. bbot-2.3.0.5397rc0.dist-info/RECORD +421 -0
  265. {bbot-2.0.1.4654rc0.dist-info → bbot-2.3.0.5397rc0.dist-info}/WHEEL +1 -1
  266. bbot/modules/unstructured.py +0 -163
  267. bbot/test/test_step_2/module_tests/test_module_unstructured.py +0 -102
  268. bbot-2.0.1.4654rc0.dist-info/RECORD +0 -385
  269. {bbot-2.0.1.4654rc0.dist-info → bbot-2.3.0.5397rc0.dist-info}/LICENSE +0 -0
  270. {bbot-2.0.1.4654rc0.dist-info → bbot-2.3.0.5397rc0.dist-info}/entry_points.txt +0 -0
bbot/test/test_step_2/module_tests/test_module_social.py CHANGED
@@ -14,13 +14,14 @@ class TestSocial(ModuleTestBase):
14
14
  <a href="https://hub.docker.com/r/blacklanternsecurity"/>
15
15
  <a href="https://hub.docker.com/r/blacklanternsecurity/bbot"/>
16
16
  <a href="https://hub.docker.com/r/blacklanternSECURITY/bbot"/>
17
+ <a href="https://www.postman.com/blacklanternsecurity/bbot"/>
17
18
  </html>
18
19
  """
19
20
  }
20
21
  module_test.set_expect_requests(expect_args=expect_args, respond_args=respond_args)
21
22
 
22
23
  def check(self, module_test, events):
23
- assert 3 == len([e for e in events if e.type == "SOCIAL"])
24
+ assert 4 == len([e for e in events if e.type == "SOCIAL"])
24
25
  assert 1 == len(
25
26
  [
26
27
  e
@@ -46,3 +47,12 @@ class TestSocial(ModuleTestBase):
46
47
  and e.data["profile_name"] == "blacklanternsecurity"
47
48
  ]
48
49
  )
50
+ assert 1 == len(
51
+ [
52
+ e
53
+ for e in events
54
+ if e.type == "SOCIAL"
55
+ and e.data["platform"] == "postman"
56
+ and e.data["profile_name"] == "blacklanternsecurity"
57
+ ]
58
+ )
bbot/test/test_step_2/module_tests/test_module_speculate.py CHANGED
@@ -62,10 +62,8 @@ class TestSpeculate_OpenPorts(ModuleTestBase):
62
62
  for e in module_test.scan.modules["dummy"].events:
63
63
  events_data.add(e.data)
64
64
  assert all(
65
- [
66
- x in events_data
65
+ x in events_data
67
66
  for x in ("evilcorp.com:80", "evilcorp.com:443", "asdf.evilcorp.com:80", "asdf.evilcorp.com:443")
68
- ]
69
67
  )
70
68
 
71
69
 
@@ -79,8 +77,6 @@ class TestSpeculate_OpenPorts_Portscanner(TestSpeculate_OpenPorts):
79
77
  for e in module_test.scan.modules["dummy"].events:
80
78
  events_data.add(e.data)
81
79
  assert not any(
82
- [
83
- x in events_data
80
+ x in events_data
84
81
  for x in ("evilcorp.com:80", "evilcorp.com:443", "asdf.evilcorp.com:80", "asdf.evilcorp.com:443")
85
- ]
86
82
  )
bbot/test/test_step_2/module_tests/test_module_splunk.py CHANGED
@@ -52,7 +52,7 @@ class TestSplunk(ModuleTestBase):
52
52
  module_test.httpx_mock.add_response()
53
53
 
54
54
  def check(self, module_test, events):
55
- assert self.got_event == True
56
- assert self.headers_correct == True
57
- assert self.method_correct == True
58
- assert self.url_correct == True
55
+ assert self.got_event is True
56
+ assert self.headers_correct is True
57
+ assert self.method_correct is True
58
+ assert self.url_correct is True
bbot/test/test_step_2/module_tests/test_module_sqlite.py ADDED
@@ -0,0 +1,18 @@
1
+ import sqlite3
2
+ from .base import ModuleTestBase
3
+
4
+
5
+ class TestSQLite(ModuleTestBase):
6
+ targets = ["evilcorp.com"]
7
+
8
+ def check(self, module_test, events):
9
+ sqlite_output_file = module_test.scan.home / "output.sqlite"
10
+ assert sqlite_output_file.exists(), "SQLite output file not found"
11
+ with sqlite3.connect(sqlite_output_file) as db:
12
+ cursor = db.cursor()
13
+ results = cursor.execute("SELECT * FROM event").fetchall()
14
+ assert len(results) == 3, "No events found in SQLite database"
15
+ results = cursor.execute("SELECT * FROM scan").fetchall()
16
+ assert len(results) == 1, "No scans found in SQLite database"
17
+ results = cursor.execute("SELECT * FROM target").fetchall()
18
+ assert len(results) == 1, "No targets found in SQLite database"
bbot/test/test_step_2/module_tests/test_module_sslcert.py CHANGED
@@ -6,7 +6,7 @@ class TestSSLCert(ModuleTestBase):
6
6
  config_overrides = {"scope": {"report_distance": 1}}
7
7
 
8
8
  def check(self, module_test, events):
9
- assert len(events) == 6
9
+ assert len(events) == 7
10
10
  assert 1 == len(
11
11
  [
12
12
  e
bbot/test/test_step_2/module_tests/test_module_stdout.py CHANGED
@@ -41,13 +41,15 @@ class TestStdoutJSON(TestStdout):
41
41
  def check(self, module_test, events):
42
42
  out, err = module_test.capsys.readouterr()
43
43
  lines = out.splitlines()
44
- assert len(lines) == 2
44
+ assert len(lines) == 3
45
45
  for i, line in enumerate(lines):
46
46
  event = json.loads(line)
47
47
  if i == 0:
48
48
  assert event["type"] == "SCAN"
49
- elif i == 2:
49
+ elif i == 1:
50
50
  assert event["type"] == "DNS_NAME" and event["data"] == "blacklanternsecurity.com"
51
+ if i == 2:
52
+ assert event["type"] == "SCAN"
51
53
 
52
54
 
53
55
  class TestStdoutJSONFields(TestStdout):
@@ -56,7 +58,7 @@ class TestStdoutJSONFields(TestStdout):
56
58
  def check(self, module_test, events):
57
59
  out, err = module_test.capsys.readouterr()
58
60
  lines = out.splitlines()
59
- assert len(lines) == 2
61
+ assert len(lines) == 3
60
62
  for line in lines:
61
63
  event = json.loads(line)
62
64
  assert set(event) == {"data", "module_sequence"}
bbot/test/test_step_2/module_tests/test_module_subdomaincenter.py CHANGED
@@ -4,7 +4,7 @@ from .base import ModuleTestBase
4
4
  class TestSubdomainCenter(ModuleTestBase):
5
5
  async def setup_after_prep(self, module_test):
6
6
  module_test.httpx_mock.add_response(
7
- url=f"https://api.subdomain.center/?domain=blacklanternsecurity.com",
7
+ url="https://api.subdomain.center/?domain=blacklanternsecurity.com",
8
8
  json=["asdf.blacklanternsecurity.com", "zzzz.blacklanternsecurity.com"],
9
9
  )
10
10
 
bbot/test/test_step_2/module_tests/test_module_subdomainradar.py ADDED
@@ -0,0 +1,208 @@
1
+ from .base import ModuleTestBase
2
+
3
+
4
+ class TestSubDomainRadar(ModuleTestBase):
5
+ config_overrides = {"modules": {"subdomainradar": {"api_key": "asdf"}}}
6
+
7
+ async def setup_before_prep(self, module_test):
8
+ await module_test.mock_dns(
9
+ {
10
+ "blacklanternsecurity.com": {"A": ["127.0.0.88"]},
11
+ "www.blacklanternsecurity.com": {"A": ["127.0.0.88"]},
12
+ "asdf.blacklanternsecurity.com": {"A": ["127.0.0.88"]},
13
+ }
14
+ )
15
+ module_test.httpx_mock.add_response(
16
+ url="https://api.subdomainradar.io/profile",
17
+ match_headers={"Authorization": "Bearer asdf"},
18
+ )
19
+ module_test.httpx_mock.add_response(
20
+ url="https://api.subdomainradar.io/enumerate",
21
+ method="POST",
22
+ json={
23
+ "tasks": {"blacklanternsecurity.com": "86de4531-0a67-41fe-b5e4-8ce8207d6245"},
24
+ "message": "Tasks initiated",
25
+ },
26
+ match_headers={"Authorization": "Bearer asdf"},
27
+ )
28
+ module_test.httpx_mock.add_response(
29
+ url="https://api.subdomainradar.io/tasks/86de4531-0a67-41fe-b5e4-8ce8207d6245",
30
+ match_headers={"Authorization": "Bearer asdf"},
31
+ json={
32
+ "task_id": "86de4531-0a67-41fe-b5e4-8ce8207d6245",
33
+ "status": "completed",
34
+ "domain": "blacklanternsecurity.com",
35
+ "subdomains": [
36
+ {
37
+ "subdomain": "www.blacklanternsecurity.com",
38
+ "ip": None,
39
+ "reverse_dns": [],
40
+ "country": None,
41
+ "timestamp": None,
42
+ },
43
+ {
44
+ "subdomain": "asdf.blacklanternsecurity.com",
45
+ "ip": None,
46
+ "reverse_dns": [],
47
+ "country": None,
48
+ "timestamp": None,
49
+ },
50
+ ],
51
+ "total_subdomains": 2,
52
+ "rank": None,
53
+ "whois": {
54
+ "domain_name": ["BLACKLANTERNSECURITY.COM", "blacklanternsecurity.com"],
55
+ "registrar": "MarkMonitor, Inc.",
56
+ "creation_date": ["1992-11-04T05:00:00", "1992-11-04T05:00:00+00:00"],
57
+ "expiration_date": ["2026-11-03T05:00:00", "2026-11-03T00:00:00+00:00"],
58
+ "last_updated": ["2024-10-02T10:15:20", "2024-10-02T10:15:20+00:00"],
59
+ "status": [
60
+ "clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited",
61
+ "clientTransferProhibited https://icann.org/epp#clientTransferProhibited",
62
+ "clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited",
63
+ "serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited",
64
+ "serverTransferProhibited https://icann.org/epp#serverTransferProhibited",
65
+ "serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited",
66
+ "clientUpdateProhibited (https://www.icann.org/epp#clientUpdateProhibited)",
67
+ "clientTransferProhibited (https://www.icann.org/epp#clientTransferProhibited)",
68
+ "clientDeleteProhibited (https://www.icann.org/epp#clientDeleteProhibited)",
69
+ "serverUpdateProhibited (https://www.icann.org/epp#serverUpdateProhibited)",
70
+ "serverTransferProhibited (https://www.icann.org/epp#serverTransferProhibited)",
71
+ "serverDeleteProhibited (https://www.icann.org/epp#serverDeleteProhibited)",
72
+ ],
73
+ "nameservers": [
74
+ "A1-12.AKAM.NET",
75
+ "A10-67.AKAM.NET",
76
+ "A12-64.AKAM.NET",
77
+ "A28-65.AKAM.NET",
78
+ "A7-66.AKAM.NET",
79
+ "A9-67.AKAM.NET",
80
+ "EDNS69.ULTRADNS.BIZ",
81
+ "EDNS69.ULTRADNS.COM",
82
+ "EDNS69.ULTRADNS.NET",
83
+ "EDNS69.ULTRADNS.ORG",
84
+ "edns69.ultradns.biz",
85
+ "a12-64.akam.net",
86
+ "edns69.ultradns.net",
87
+ "edns69.ultradns.org",
88
+ "a10-67.akam.net",
89
+ "a28-65.akam.net",
90
+ "a9-67.akam.net",
91
+ "a1-12.akam.net",
92
+ "a7-66.akam.net",
93
+ "edns69.ultradns.com",
94
+ ],
95
+ "emails": [
96
+ "abusecomplaints@markmonitor.com",
97
+ "admin@dnstinations.com",
98
+ "whoisrequest@markmonitor.com",
99
+ ],
100
+ "dnssec": "unsigned",
101
+ "org": "DNStination Inc.",
102
+ "address": "3450 Sacramento Street, Suite 405",
103
+ "city": "San Francisco",
104
+ "state": "CA",
105
+ "zipcode": None,
106
+ "country": "US",
107
+ },
108
+ "enumerators": ["Aquarius Enumerator", "Beta Enumerator", "Chi Enumerator", "Eta Enumerator"],
109
+ "timestamp": "2024-10-06T02:48:10.075636",
110
+ "error": None,
111
+ "is_notification": False,
112
+ "notification_domain_id": None,
113
+ "demo": False,
114
+ "user_id": 49,
115
+ "time_to_finish": 41,
116
+ },
117
+ )
118
+ module_test.httpx_mock.add_response(
119
+ url="https://api.subdomainradar.io/enumerators/groups",
120
+ match_headers={"Authorization": "Bearer asdf"},
121
+ json=[
122
+ {
123
+ "id": "1",
124
+ "name": "Fast",
125
+ "description": "Enumerators optimized for high-speed scanning and rapid data collection",
126
+ "enumerators": [
127
+ {"display_name": "Beta Enumerator"},
128
+ {"display_name": "Chi Enumerator"},
129
+ {"display_name": "Aquarius Enumerator"},
130
+ {"display_name": "Eta Enumerator"},
131
+ ],
132
+ },
133
+ {
134
+ "id": "2",
135
+ "name": "Medium",
136
+ "description": "Enumerators balanced for moderate speed with a focus on thoroughness",
137
+ "enumerators": [
138
+ {"display_name": "Kappa Enumerator"},
139
+ {"display_name": "Lambda Enumerator"},
140
+ {"display_name": "Mu Enumerator"},
141
+ {"display_name": "Pi Enumerator"},
142
+ {"display_name": "Tau Enumerator"},
143
+ {"display_name": "Beta Enumerator"},
144
+ {"display_name": "Chi Enumerator"},
145
+ {"display_name": "Psi Enumerator"},
146
+ {"display_name": "Aquarius Enumerator"},
147
+ {"display_name": "Zeta Enumerator"},
148
+ {"display_name": "Eta Enumerator"},
149
+ ],
150
+ },
151
+ {
152
+ "id": "3",
153
+ "name": "Deep",
154
+ "description": "Enumerators designed for exhaustive searches and in-depth data analysis",
155
+ "enumerators": [
156
+ {"display_name": "Alpha Enumerator"},
157
+ {"display_name": "Kappa Enumerator"},
158
+ {"display_name": "Lambda Enumerator"},
159
+ {"display_name": "Mu Enumerator"},
160
+ {"display_name": "Nu Enumerator"},
161
+ {"display_name": "Xi Enumerator"},
162
+ {"display_name": "Pi Enumerator"},
163
+ {"display_name": "Rho Enumerator"},
164
+ {"display_name": "Sigma Enumerator"},
165
+ {"display_name": "Tau Enumerator"},
166
+ {"display_name": "Beta Enumerator"},
167
+ {"display_name": "Chi Enumerator"},
168
+ {"display_name": "Omega Enumerator"},
169
+ {"display_name": "Psi Enumerator"},
170
+ {"display_name": "Phi Enumerator"},
171
+ {"display_name": "Axon Enumerator"},
172
+ {"display_name": "Aquarius Enumerator"},
173
+ {"display_name": "Pegasus Enumerator"},
174
+ {"display_name": "Petra Enumerator"},
175
+ {"display_name": "Oasis Enumerator"},
176
+ {"display_name": "Mike Enumerator"},
177
+ {"display_name": "Cat Enumerator"},
178
+ {"display_name": "Brutus Enumerator"},
179
+ {"display_name": "Dee Enumerator"},
180
+ {"display_name": "Jul Enumerator"},
181
+ {"display_name": "Eve Enumerator"},
182
+ {"display_name": "Frank Enumerator"},
183
+ {"display_name": "Gus Enumerator"},
184
+ {"display_name": "Hank Enumerator"},
185
+ {"display_name": "Delta Enumerator"},
186
+ {"display_name": "Ivy Enumerator"},
187
+ {"display_name": "Jack Enumerator"},
188
+ {"display_name": "Karl Enumerator"},
189
+ {"display_name": "Liam Enumerator"},
190
+ {"display_name": "Nora Enumerator"},
191
+ {"display_name": "Mars Enumerator"},
192
+ {"display_name": "Neptune Enumerator"},
193
+ {"display_name": "Orion Enumerator"},
194
+ {"display_name": "Oedipus Enumerator"},
195
+ {"display_name": "Pandora Enumerator"},
196
+ {"display_name": "Epsilon Enumerator"},
197
+ {"display_name": "Zeta Enumerator"},
198
+ {"display_name": "Eta Enumerator"},
199
+ {"display_name": "Theta Enumerator"},
200
+ {"display_name": "Iota Enumerator"},
201
+ ],
202
+ },
203
+ ],
204
+ )
205
+
206
+ def check(self, module_test, events):
207
+ assert any(e.data == "www.blacklanternsecurity.com" for e in events), "Failed to detect subdomain #1"
208
+ assert any(e.data == "asdf.blacklanternsecurity.com" for e in events), "Failed to detect subdomain #2"
bbot/test/test_step_2/module_tests/test_module_subdomains.py CHANGED
@@ -6,7 +6,7 @@ class TestSubdomains(ModuleTestBase):
6
6
 
7
7
  async def setup_after_prep(self, module_test):
8
8
  module_test.httpx_mock.add_response(
9
- url=f"https://api.subdomain.center/?domain=blacklanternsecurity.com",
9
+ url="https://api.subdomain.center/?domain=blacklanternsecurity.com",
10
10
  json=["asdfasdf.blacklanternsecurity.com", "zzzzzzzz.blacklanternsecurity.com"],
11
11
  )
12
12
 
bbot/test/test_step_2/module_tests/test_module_teams.py CHANGED
@@ -16,13 +16,15 @@ class TestTeams(DiscordBase):
16
16
  module_test.request_count += 1
17
17
  if module_test.request_count == 2:
18
18
  return httpx.Response(
19
- status_code=200,
20
- text="Webhook message delivery failed with error: Microsoft Teams endpoint returned HTTP error 429 with ContextId tcid=0,server=msgapi-production-eus-azsc2-4-170,cv=deadbeef=2..",
19
+ status_code=400,
20
+ json={
21
+ "error": {
22
+ "code": "WorkflowTriggerIsNotEnabled",
23
+ "message": "Could not execute workflow 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' trigger 'manual' with state 'Disabled': trigger is not enabled.",
24
+ }
25
+ },
21
26
  )
22
27
  else:
23
- return httpx.Response(
24
- status_code=200,
25
- text="1",
26
- )
28
+ return httpx.Response(status_code=200)
27
29
 
28
30
  module_test.httpx_mock.add_callback(custom_response, url=self.webhook_url)
bbot/test/test_step_2/module_tests/test_module_telerik.py CHANGED
@@ -11,7 +11,7 @@ class TestTelerik(ModuleTestBase):
11
11
  # Simulate Telerik.Web.UI.WebResource.axd?type=rau detection
12
12
  expect_args = {"method": "GET", "uri": "/Telerik.Web.UI.WebResource.axd", "query_string": "type=rau"}
13
13
  respond_args = {
14
- "response_data": '{ "message" : "RadAsyncUpload handler is registered succesfully, however, it may not be accessed directly." }'
14
+ "response_data": '{ "message" : "RadAsyncUpload handler is registered successfully, however, it may not be accessed directly." }'
15
15
  }
16
16
  module_test.set_expect_requests(expect_args=expect_args, respond_args=respond_args)
17
17