bbot 2.3.0.5368rc0__py3-none-any.whl → 2.3.0.5376rc0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of bbot might be problematic. Click here for more details.
- bbot/__init__.py +1 -1
- bbot/cli.py +0 -4
- bbot/core/config/files.py +0 -1
- bbot/core/event/base.py +0 -3
- bbot/core/helpers/dns/dns.py +0 -1
- bbot/core/helpers/dns/engine.py +0 -2
- bbot/core/helpers/dns/mock.py +0 -1
- bbot/core/helpers/libmagic.py +0 -1
- bbot/core/helpers/process.py +0 -2
- bbot/core/helpers/validators.py +0 -1
- bbot/core/helpers/web/engine.py +0 -1
- bbot/core/helpers/web/web.py +0 -1
- bbot/core/modules.py +0 -1
- bbot/db/sql/models.py +0 -1
- bbot/modules/baddns.py +0 -2
- bbot/modules/baddns_direct.py +0 -1
- bbot/modules/dnstlsrpt.py +144 -0
- bbot/modules/dotnetnuke.py +0 -2
- bbot/modules/internal/excavate.py +18 -21
- bbot/modules/paramminer_headers.py +1 -4
- bbot/modules/trufflehog.py +1 -1
- bbot/scanner/preset/args.py +0 -1
- bbot/scanner/preset/environ.py +0 -1
- bbot/test/test_step_2/module_tests/test_module_asset_inventory.py +0 -1
- bbot/test/test_step_2/module_tests/test_module_dnsbrute.py +0 -1
- bbot/test/test_step_2/module_tests/test_module_dnsbrute_mutations.py +0 -1
- bbot/test/test_step_2/module_tests/test_module_dnscommonsrv.py +0 -1
- bbot/test/test_step_2/module_tests/test_module_dnstlsrpt.py +64 -0
- bbot/test/test_step_2/module_tests/test_module_dotnetnuke.py +0 -2
- bbot/test/test_step_2/module_tests/test_module_excavate.py +0 -20
- bbot/test/test_step_2/module_tests/test_module_paramminer_cookies.py +0 -1
- bbot/test/test_step_2/module_tests/test_module_paramminer_getparams.py +0 -6
- bbot/test/test_step_2/module_tests/test_module_paramminer_headers.py +0 -7
- bbot/test/test_step_2/module_tests/test_module_portscan.py +0 -1
- {bbot-2.3.0.5368rc0.dist-info → bbot-2.3.0.5376rc0.dist-info}/METADATA +1 -1
- {bbot-2.3.0.5368rc0.dist-info → bbot-2.3.0.5376rc0.dist-info}/RECORD +39 -37
- {bbot-2.3.0.5368rc0.dist-info → bbot-2.3.0.5376rc0.dist-info}/LICENSE +0 -0
- {bbot-2.3.0.5368rc0.dist-info → bbot-2.3.0.5376rc0.dist-info}/WHEEL +0 -0
- {bbot-2.3.0.5368rc0.dist-info → bbot-2.3.0.5376rc0.dist-info}/entry_points.txt +0 -0
bbot/__init__.py
CHANGED
bbot/cli.py
CHANGED
|
@@ -29,7 +29,6 @@ scan_name = ""
|
|
|
29
29
|
|
|
30
30
|
|
|
31
31
|
async def _main():
|
|
32
|
-
|
|
33
32
|
import asyncio
|
|
34
33
|
import traceback
|
|
35
34
|
from contextlib import suppress
|
|
@@ -45,7 +44,6 @@ async def _main():
|
|
|
45
44
|
global scan_name
|
|
46
45
|
|
|
47
46
|
try:
|
|
48
|
-
|
|
49
47
|
# start by creating a default scan preset
|
|
50
48
|
preset = Preset(_log=True, name="bbot_cli_main")
|
|
51
49
|
# parse command line arguments and merge into preset
|
|
@@ -81,7 +79,6 @@ async def _main():
|
|
|
81
79
|
|
|
82
80
|
# if we're listing modules or their options
|
|
83
81
|
if options.list_modules or options.list_module_options:
|
|
84
|
-
|
|
85
82
|
# if no modules or flags are specified, enable everything
|
|
86
83
|
if not (options.modules or options.output_modules or options.flags):
|
|
87
84
|
for module, preloaded in preset.module_loader.preloaded().items():
|
|
@@ -172,7 +169,6 @@ async def _main():
|
|
|
172
169
|
log.trace(f"Command: {' '.join(sys.argv)}")
|
|
173
170
|
|
|
174
171
|
if sys.stdin.isatty():
|
|
175
|
-
|
|
176
172
|
# warn if any targets belong directly to a cloud provider
|
|
177
173
|
for event in scan.target.seeds.events:
|
|
178
174
|
if event.type == "DNS_NAME":
|
bbot/core/config/files.py
CHANGED
|
@@ -10,7 +10,6 @@ bbot_code_dir = Path(__file__).parent.parent.parent
|
|
|
10
10
|
|
|
11
11
|
|
|
12
12
|
class BBOTConfigFiles:
|
|
13
|
-
|
|
14
13
|
config_dir = (Path.home() / ".config" / "bbot").resolve()
|
|
15
14
|
defaults_filename = (bbot_code_dir / "defaults.yml").resolve()
|
|
16
15
|
config_filename = (config_dir / "bbot.yml").resolve()
|
bbot/core/event/base.py
CHANGED
|
@@ -1180,7 +1180,6 @@ class URL_UNVERIFIED(BaseEvent):
|
|
|
1180
1180
|
self.num_redirects = getattr(self.parent, "num_redirects", 0)
|
|
1181
1181
|
|
|
1182
1182
|
def _data_id(self):
|
|
1183
|
-
|
|
1184
1183
|
data = super()._data_id()
|
|
1185
1184
|
|
|
1186
1185
|
# remove the querystring for URL/URL_UNVERIFIED events, because we will conditionally add it back in (based on settings)
|
|
@@ -1267,7 +1266,6 @@ class URL_UNVERIFIED(BaseEvent):
|
|
|
1267
1266
|
|
|
1268
1267
|
|
|
1269
1268
|
class URL(URL_UNVERIFIED):
|
|
1270
|
-
|
|
1271
1269
|
def __init__(self, *args, **kwargs):
|
|
1272
1270
|
super().__init__(*args, **kwargs)
|
|
1273
1271
|
|
|
@@ -1309,7 +1307,6 @@ class URL_HINT(URL_UNVERIFIED):
|
|
|
1309
1307
|
|
|
1310
1308
|
|
|
1311
1309
|
class WEB_PARAMETER(DictHostEvent):
|
|
1312
|
-
|
|
1313
1310
|
def _data_id(self):
|
|
1314
1311
|
# dedupe by url:name:param_type
|
|
1315
1312
|
url = self.data.get("url", "")
|
bbot/core/helpers/dns/dns.py
CHANGED
bbot/core/helpers/dns/engine.py
CHANGED
|
@@ -24,7 +24,6 @@ all_rdtypes = ["A", "AAAA", "SRV", "MX", "NS", "SOA", "CNAME", "TXT"]
|
|
|
24
24
|
|
|
25
25
|
|
|
26
26
|
class DNSEngine(EngineServer):
|
|
27
|
-
|
|
28
27
|
CMDS = {
|
|
29
28
|
0: "resolve",
|
|
30
29
|
1: "resolve_raw",
|
|
@@ -476,7 +475,6 @@ class DNSEngine(EngineServer):
|
|
|
476
475
|
# for every parent domain, starting with the shortest
|
|
477
476
|
parents = list(domain_parents(query))
|
|
478
477
|
for parent in parents[::-1]:
|
|
479
|
-
|
|
480
478
|
# check if the parent domain is set up with wildcards
|
|
481
479
|
wildcard_results = await self.is_wildcard_domain(parent, rdtypes_to_check)
|
|
482
480
|
|
bbot/core/helpers/dns/mock.py
CHANGED
bbot/core/helpers/libmagic.py
CHANGED
bbot/core/helpers/process.py
CHANGED
|
@@ -7,7 +7,6 @@ from .misc import in_exception_chain
|
|
|
7
7
|
|
|
8
8
|
|
|
9
9
|
class BBOTThread(threading.Thread):
|
|
10
|
-
|
|
11
10
|
default_name = "default bbot thread"
|
|
12
11
|
|
|
13
12
|
def __init__(self, *args, **kwargs):
|
|
@@ -24,7 +23,6 @@ class BBOTThread(threading.Thread):
|
|
|
24
23
|
|
|
25
24
|
|
|
26
25
|
class BBOTProcess(SpawnProcess):
|
|
27
|
-
|
|
28
26
|
default_name = "bbot process pool"
|
|
29
27
|
|
|
30
28
|
def __init__(self, *args, **kwargs):
|
bbot/core/helpers/validators.py
CHANGED
bbot/core/helpers/web/engine.py
CHANGED
bbot/core/helpers/web/web.py
CHANGED
bbot/core/modules.py
CHANGED
|
@@ -337,7 +337,6 @@ class ModuleLoader:
|
|
|
337
337
|
# look for classes
|
|
338
338
|
if type(root_element) == ast.ClassDef:
|
|
339
339
|
for class_attr in root_element.body:
|
|
340
|
-
|
|
341
340
|
# class attributes that are dictionaries
|
|
342
341
|
if type(class_attr) == ast.Assign and type(class_attr.value) == ast.Dict:
|
|
343
342
|
# module options
|
bbot/db/sql/models.py
CHANGED
bbot/modules/baddns.py
CHANGED
|
@@ -55,7 +55,6 @@ class baddns(BaseModule):
|
|
|
55
55
|
return True
|
|
56
56
|
|
|
57
57
|
async def handle_event(self, event):
|
|
58
|
-
|
|
59
58
|
tasks = []
|
|
60
59
|
for ModuleClass in self.select_modules():
|
|
61
60
|
kwargs = {
|
|
@@ -75,7 +74,6 @@ class baddns(BaseModule):
|
|
|
75
74
|
tasks.append((module_instance, task))
|
|
76
75
|
|
|
77
76
|
async for completed_task in self.helpers.as_completed([task for _, task in tasks]):
|
|
78
|
-
|
|
79
77
|
module_instance = next((m for m, t in tasks if t == completed_task), None)
|
|
80
78
|
try:
|
|
81
79
|
task_result = await completed_task
|
bbot/modules/baddns_direct.py
CHANGED
|
@@ -0,0 +1,144 @@
|
|
|
1
|
+
# dnstlsrpt.py
|
|
2
|
+
#
|
|
3
|
+
# Checks for and parses common TLS-RPT TXT records, e.g. _smtp._tls.target.domain
|
|
4
|
+
#
|
|
5
|
+
# TLS-RPT policies may contain email addresses or URL's for reporting destinations, typically the email addresses are software processed inboxes, but they may also be to individual humans or team inboxes.
|
|
6
|
+
#
|
|
7
|
+
# The domain portion of any email address or URL is also passively checked and added as appropriate, for additional inspection by other modules.
|
|
8
|
+
#
|
|
9
|
+
# Example records,
|
|
10
|
+
# _smtp._tls.example.com TXT "v=TLSRPTv1;rua=https://tlsrpt.azurewebsites.net/report"
|
|
11
|
+
# _smtp._tls.example.net TXT "v=TLSRPTv1; rua=mailto:sts-reports@example.net;"
|
|
12
|
+
#
|
|
13
|
+
# TODO: extract %{UNIQUE_ID}% from hosted services as ORG_STUB ?
|
|
14
|
+
# e.g. %{UNIQUE_ID}%@tlsrpt.hosted.service.provider is usually a tenant specific ID.
|
|
15
|
+
# e.g. tlsrpt@%{UNIQUE_ID}%.hosted.service.provider is usually a tenant specific ID.
|
|
16
|
+
|
|
17
|
+
from bbot.modules.base import BaseModule
|
|
18
|
+
from bbot.core.helpers.dns.helpers import service_record
|
|
19
|
+
|
|
20
|
+
import re
|
|
21
|
+
|
|
22
|
+
from bbot.core.helpers.regexes import email_regex, url_regexes
|
|
23
|
+
|
|
24
|
+
_tlsrpt_regex = r"^v=(?P<v>TLSRPTv[0-9]+); *(?P<kvps>.*)$"
|
|
25
|
+
tlsrpt_regex = re.compile(_tlsrpt_regex, re.I)
|
|
26
|
+
|
|
27
|
+
_tlsrpt_kvp_regex = r"(?P<k>\w+)=(?P<v>[^;]+);*"
|
|
28
|
+
tlsrpt_kvp_regex = re.compile(_tlsrpt_kvp_regex)
|
|
29
|
+
|
|
30
|
+
_csul = r"(?P<uri>[^, ]+)"
|
|
31
|
+
csul = re.compile(_csul)
|
|
32
|
+
|
|
33
|
+
|
|
34
|
+
class dnstlsrpt(BaseModule):
|
|
35
|
+
watched_events = ["DNS_NAME"]
|
|
36
|
+
produced_events = ["EMAIL_ADDRESS", "URL_UNVERIFIED", "RAW_DNS_RECORD"]
|
|
37
|
+
flags = ["subdomain-enum", "cloud-enum", "email-enum", "passive", "safe"]
|
|
38
|
+
meta = {
|
|
39
|
+
"description": "Check for TLS-RPT records",
|
|
40
|
+
"author": "@colin-stubbs",
|
|
41
|
+
"created_date": "2024-07-26",
|
|
42
|
+
}
|
|
43
|
+
options = {
|
|
44
|
+
"emit_emails": True,
|
|
45
|
+
"emit_raw_dns_records": False,
|
|
46
|
+
"emit_urls": True,
|
|
47
|
+
"emit_vulnerabilities": True,
|
|
48
|
+
}
|
|
49
|
+
options_desc = {
|
|
50
|
+
"emit_emails": "Emit EMAIL_ADDRESS events",
|
|
51
|
+
"emit_raw_dns_records": "Emit RAW_DNS_RECORD events",
|
|
52
|
+
"emit_urls": "Emit URL_UNVERIFIED events",
|
|
53
|
+
"emit_vulnerabilities": "Emit VULNERABILITY events",
|
|
54
|
+
}
|
|
55
|
+
|
|
56
|
+
async def setup(self):
|
|
57
|
+
self.emit_emails = self.config.get("emit_emails", True)
|
|
58
|
+
self.emit_raw_dns_records = self.config.get("emit_raw_dns_records", False)
|
|
59
|
+
self.emit_urls = self.config.get("emit_urls", True)
|
|
60
|
+
self.emit_vulnerabilities = self.config.get("emit_vulnerabilities", True)
|
|
61
|
+
return await super().setup()
|
|
62
|
+
|
|
63
|
+
def _incoming_dedup_hash(self, event):
|
|
64
|
+
# dedupe by parent
|
|
65
|
+
parent_domain = self.helpers.parent_domain(event.data)
|
|
66
|
+
return hash(parent_domain), "already processed parent domain"
|
|
67
|
+
|
|
68
|
+
async def filter_event(self, event):
|
|
69
|
+
if "_wildcard" in str(event.host).split("."):
|
|
70
|
+
return False, "event is wildcard"
|
|
71
|
+
|
|
72
|
+
# there's no value in inspecting service records
|
|
73
|
+
if service_record(event.host) == True:
|
|
74
|
+
return False, "service record detected"
|
|
75
|
+
|
|
76
|
+
return True
|
|
77
|
+
|
|
78
|
+
async def handle_event(self, event):
|
|
79
|
+
rdtype = "TXT"
|
|
80
|
+
tags = ["tlsrpt-record"]
|
|
81
|
+
hostname = f"_smtp._tls.{event.host}"
|
|
82
|
+
|
|
83
|
+
r = await self.helpers.resolve_raw(hostname, type=rdtype)
|
|
84
|
+
|
|
85
|
+
if r:
|
|
86
|
+
raw_results, errors = r
|
|
87
|
+
for answer in raw_results:
|
|
88
|
+
if self.emit_raw_dns_records:
|
|
89
|
+
await self.emit_event(
|
|
90
|
+
{"host": hostname, "type": rdtype, "answer": answer.to_text()},
|
|
91
|
+
"RAW_DNS_RECORD",
|
|
92
|
+
parent=event,
|
|
93
|
+
tags=tags.append(f"{rdtype.lower()}-record"),
|
|
94
|
+
context=f"{rdtype} lookup on {hostname} produced {{event.type}}",
|
|
95
|
+
)
|
|
96
|
+
|
|
97
|
+
# we need to fix TXT data that may have been split across two different rdata's
|
|
98
|
+
# e.g. we will get a single string, but within that string we may have two parts such as:
|
|
99
|
+
# answer = '"part 1 that was really long" "part 2 that did not fit in part 1"'
|
|
100
|
+
# NOTE: the leading and trailing double quotes are essential as part of a raw DNS TXT record, or another record type that contains a free form text string as a component.
|
|
101
|
+
s = answer.to_text().strip('"').replace('" "', "")
|
|
102
|
+
|
|
103
|
+
# validate TLSRPT record, tag appropriately
|
|
104
|
+
tlsrpt_match = tlsrpt_regex.search(s)
|
|
105
|
+
|
|
106
|
+
if (
|
|
107
|
+
tlsrpt_match
|
|
108
|
+
and tlsrpt_match.group("v")
|
|
109
|
+
and tlsrpt_match.group("kvps")
|
|
110
|
+
and tlsrpt_match.group("kvps") != ""
|
|
111
|
+
):
|
|
112
|
+
for kvp_match in tlsrpt_kvp_regex.finditer(tlsrpt_match.group("kvps")):
|
|
113
|
+
key = kvp_match.group("k").lower()
|
|
114
|
+
|
|
115
|
+
if key == "rua":
|
|
116
|
+
for csul_match in csul.finditer(kvp_match.group("v")):
|
|
117
|
+
if csul_match.group("uri"):
|
|
118
|
+
for match in email_regex.finditer(csul_match.group("uri")):
|
|
119
|
+
start, end = match.span()
|
|
120
|
+
email = csul_match.group("uri")[start:end]
|
|
121
|
+
|
|
122
|
+
if self.emit_emails:
|
|
123
|
+
await self.emit_event(
|
|
124
|
+
email,
|
|
125
|
+
"EMAIL_ADDRESS",
|
|
126
|
+
tags=tags.append(f"tlsrpt-record-{key}"),
|
|
127
|
+
parent=event,
|
|
128
|
+
)
|
|
129
|
+
|
|
130
|
+
for url_regex in url_regexes:
|
|
131
|
+
for match in url_regex.finditer(csul_match.group("uri")):
|
|
132
|
+
start, end = match.span()
|
|
133
|
+
url = csul_match.group("uri")[start:end]
|
|
134
|
+
|
|
135
|
+
if self.emit_urls:
|
|
136
|
+
await self.emit_event(
|
|
137
|
+
url,
|
|
138
|
+
"URL_UNVERIFIED",
|
|
139
|
+
tags=tags.append(f"tlsrpt-record-{key}"),
|
|
140
|
+
parent=event,
|
|
141
|
+
)
|
|
142
|
+
|
|
143
|
+
|
|
144
|
+
# EOF
|
bbot/modules/dotnetnuke.py
CHANGED
|
@@ -32,7 +32,6 @@ class dotnetnuke(BaseModule):
|
|
|
32
32
|
self.interactsh_instance = None
|
|
33
33
|
|
|
34
34
|
if self.scan.config.get("interactsh_disable", False) == False:
|
|
35
|
-
|
|
36
35
|
try:
|
|
37
36
|
self.interactsh_instance = self.helpers.interactsh()
|
|
38
37
|
self.interactsh_domain = await self.interactsh_instance.register(callback=self.interactsh_callback)
|
|
@@ -114,7 +113,6 @@ class dotnetnuke(BaseModule):
|
|
|
114
113
|
)
|
|
115
114
|
|
|
116
115
|
if "endpoint" not in event.tags:
|
|
117
|
-
|
|
118
116
|
# NewsArticlesSlider ImageHandler.ashx File Read
|
|
119
117
|
result = await self.helpers.request(
|
|
120
118
|
f'{event.data["url"]}/DesktopModules/dnnUI_NewsArticlesSlider/ImageHandler.ashx?img=~/web.config'
|
|
@@ -62,7 +62,6 @@ def _exclude_key(original_dict, key_to_exclude):
|
|
|
62
62
|
|
|
63
63
|
|
|
64
64
|
def extract_params_url(parsed_url):
|
|
65
|
-
|
|
66
65
|
params = parse_qs(parsed_url.query)
|
|
67
66
|
flat_params = {k: v[0] for k, v in params.items()}
|
|
68
67
|
|
|
@@ -94,7 +93,6 @@ def extract_params_location(location_header_value, original_parsed_url):
|
|
|
94
93
|
|
|
95
94
|
|
|
96
95
|
class YaraRuleSettings:
|
|
97
|
-
|
|
98
96
|
def __init__(self, description, tags, emit_match):
|
|
99
97
|
self.description = description
|
|
100
98
|
self.tags = tags
|
|
@@ -263,7 +261,6 @@ class ExcavateRule:
|
|
|
263
261
|
|
|
264
262
|
|
|
265
263
|
class CustomExtractor(ExcavateRule):
|
|
266
|
-
|
|
267
264
|
def __init__(self, excavate):
|
|
268
265
|
super().__init__(excavate)
|
|
269
266
|
|
|
@@ -358,7 +355,6 @@ class excavate(BaseInternalModule, BaseInterceptModule):
|
|
|
358
355
|
)
|
|
359
356
|
|
|
360
357
|
class ParameterExtractor(ExcavateRule):
|
|
361
|
-
|
|
362
358
|
yara_rules = {}
|
|
363
359
|
|
|
364
360
|
class ParameterExtractorRule:
|
|
@@ -372,7 +368,6 @@ class excavate(BaseInternalModule, BaseInterceptModule):
|
|
|
372
368
|
self.result = result
|
|
373
369
|
|
|
374
370
|
class GetJquery(ParameterExtractorRule):
|
|
375
|
-
|
|
376
371
|
name = "GET jquery"
|
|
377
372
|
discovery_regex = r"/\$.get\([^\)].+\)/ nocase"
|
|
378
373
|
extraction_regex = re.compile(r"\$.get\([\'\"](.+)[\'\"].+(\{.+\})\)")
|
|
@@ -393,8 +388,12 @@ class excavate(BaseInternalModule, BaseInterceptModule):
|
|
|
393
388
|
for action, extracted_parameters in extracted_results:
|
|
394
389
|
extracted_parameters_dict = self.convert_to_dict(extracted_parameters)
|
|
395
390
|
for parameter_name, original_value in extracted_parameters_dict.items():
|
|
396
|
-
yield
|
|
397
|
-
|
|
391
|
+
yield (
|
|
392
|
+
self.output_type,
|
|
393
|
+
parameter_name,
|
|
394
|
+
original_value,
|
|
395
|
+
action,
|
|
396
|
+
_exclude_key(extracted_parameters_dict, parameter_name),
|
|
398
397
|
)
|
|
399
398
|
|
|
400
399
|
class PostJquery(GetJquery):
|
|
@@ -418,8 +417,12 @@ class excavate(BaseInternalModule, BaseInterceptModule):
|
|
|
418
417
|
k: v[0] if isinstance(v, list) and len(v) == 1 else v for k, v in query_strings.items()
|
|
419
418
|
}
|
|
420
419
|
for parameter_name, original_value in query_strings_dict.items():
|
|
421
|
-
yield
|
|
422
|
-
|
|
420
|
+
yield (
|
|
421
|
+
self.output_type,
|
|
422
|
+
parameter_name,
|
|
423
|
+
original_value,
|
|
424
|
+
url,
|
|
425
|
+
_exclude_key(query_strings_dict, parameter_name),
|
|
423
426
|
)
|
|
424
427
|
|
|
425
428
|
class GetForm(ParameterExtractorRule):
|
|
@@ -444,8 +447,12 @@ class excavate(BaseInternalModule, BaseInterceptModule):
|
|
|
444
447
|
form_parameters[parameter_name] = original_value
|
|
445
448
|
|
|
446
449
|
for parameter_name, original_value in form_parameters.items():
|
|
447
|
-
yield
|
|
448
|
-
|
|
450
|
+
yield (
|
|
451
|
+
self.output_type,
|
|
452
|
+
parameter_name,
|
|
453
|
+
original_value,
|
|
454
|
+
form_action,
|
|
455
|
+
_exclude_key(form_parameters, parameter_name),
|
|
449
456
|
)
|
|
450
457
|
|
|
451
458
|
class PostForm(GetForm):
|
|
@@ -485,7 +492,6 @@ class excavate(BaseInternalModule, BaseInterceptModule):
|
|
|
485
492
|
endpoint,
|
|
486
493
|
additional_params,
|
|
487
494
|
) in extracted_params:
|
|
488
|
-
|
|
489
495
|
self.excavate.debug(
|
|
490
496
|
f"Found Parameter [{parameter_name}] in [{parameterExtractorSubModule.name}] ParameterExtractor Submodule"
|
|
491
497
|
)
|
|
@@ -497,7 +503,6 @@ class excavate(BaseInternalModule, BaseInterceptModule):
|
|
|
497
503
|
)
|
|
498
504
|
|
|
499
505
|
if self.excavate.helpers.validate_parameter(parameter_name, parameter_type):
|
|
500
|
-
|
|
501
506
|
if self.excavate.in_bl(parameter_name) == False:
|
|
502
507
|
parsed_url = urlparse(url)
|
|
503
508
|
description = f"HTTP Extracted Parameter [{parameter_name}] ({parameterExtractorSubModule.name} Submodule)"
|
|
@@ -532,7 +537,6 @@ class excavate(BaseInternalModule, BaseInterceptModule):
|
|
|
532
537
|
await self.report(domain, event, yara_rule_settings, discovery_context, event_type="DNS_NAME")
|
|
533
538
|
|
|
534
539
|
class EmailExtractor(ExcavateRule):
|
|
535
|
-
|
|
536
540
|
yara_rules = {
|
|
537
541
|
"email": 'rule email { meta: description = "contains email address" strings: $email = /[^\\W_][\\w\\-\\.\\+\']{0,100}@[a-zA-Z0-9\\-]{1,100}(\\.[a-zA-Z0-9\\-]{1,100})*\\.[a-zA-Z]{2,63}/ nocase fullword condition: $email }',
|
|
538
542
|
}
|
|
@@ -551,7 +555,6 @@ class excavate(BaseInternalModule, BaseInterceptModule):
|
|
|
551
555
|
}
|
|
552
556
|
|
|
553
557
|
class ErrorExtractor(ExcavateRule):
|
|
554
|
-
|
|
555
558
|
signatures = {
|
|
556
559
|
"PHP_1": r"/\.php on line [0-9]+/",
|
|
557
560
|
"PHP_2": r"/\.php<\/b> on line <b>[0-9]+/",
|
|
@@ -589,7 +592,6 @@ class excavate(BaseInternalModule, BaseInterceptModule):
|
|
|
589
592
|
await self.report(event_data, event, yara_rule_settings, discovery_context, event_type="FINDING")
|
|
590
593
|
|
|
591
594
|
class SerializationExtractor(ExcavateRule):
|
|
592
|
-
|
|
593
595
|
regexes = {
|
|
594
596
|
"Java": re.compile(r"[^a-zA-Z0-9\/+]rO0[a-zA-Z0-9+\/]+={0,2}"),
|
|
595
597
|
"DOTNET": re.compile(r"[^a-zA-Z0-9\/+]AAEAAAD\/\/[a-zA-Z0-9\/+]+={0,2}"),
|
|
@@ -619,7 +621,6 @@ class excavate(BaseInternalModule, BaseInterceptModule):
|
|
|
619
621
|
await self.report(event_data, event, yara_rule_settings, discovery_context, event_type="FINDING")
|
|
620
622
|
|
|
621
623
|
class FunctionalityExtractor(ExcavateRule):
|
|
622
|
-
|
|
623
624
|
yara_rules = {
|
|
624
625
|
"File_Upload_Functionality": r'rule File_Upload_Functionality { meta: description = "contains file upload functionality" strings: $fileuploadfunc = /<input[^>]+type=["\']?file["\']?[^>]+>/ nocase condition: $fileuploadfunc }',
|
|
625
626
|
"Web_Service_WSDL": r'rule Web_Service_WSDL { meta: emit_match = "True" description = "contains a web service WSDL URL" strings: $wsdl = /https?:\/\/[^\s]*\.(wsdl)/ nocase condition: $wsdl }',
|
|
@@ -704,7 +705,6 @@ class excavate(BaseInternalModule, BaseInterceptModule):
|
|
|
704
705
|
tag_attribute_regex = bbot_regexes.tag_attribute_regex
|
|
705
706
|
|
|
706
707
|
async def process(self, yara_results, event, yara_rule_settings, discovery_context):
|
|
707
|
-
|
|
708
708
|
for identifier, results in yara_results.items():
|
|
709
709
|
urls_found = 0
|
|
710
710
|
final_url = ""
|
|
@@ -897,7 +897,6 @@ class excavate(BaseInternalModule, BaseInterceptModule):
|
|
|
897
897
|
decoded_data = await self.helpers.re.recursive_decode(data)
|
|
898
898
|
|
|
899
899
|
if self.parameter_extraction:
|
|
900
|
-
|
|
901
900
|
content_type_lower = content_type.lower() if content_type else ""
|
|
902
901
|
extraction_map = {
|
|
903
902
|
"json": self.helpers.extract_params_json,
|
|
@@ -934,7 +933,6 @@ class excavate(BaseInternalModule, BaseInterceptModule):
|
|
|
934
933
|
self.hugewarning(f"YARA Rule {rule_name} not found in pre-compiled rules")
|
|
935
934
|
|
|
936
935
|
async def handle_event(self, event):
|
|
937
|
-
|
|
938
936
|
if event.type == "HTTP_RESPONSE":
|
|
939
937
|
# Harvest GET parameters from URL, if it came directly from the target, and parameter extraction is enabled
|
|
940
938
|
if (
|
|
@@ -1023,7 +1021,6 @@ class excavate(BaseInternalModule, BaseInterceptModule):
|
|
|
1023
1021
|
|
|
1024
1022
|
# Try to extract parameters from the redirect URL
|
|
1025
1023
|
if self.parameter_extraction:
|
|
1026
|
-
|
|
1027
1024
|
for (
|
|
1028
1025
|
method,
|
|
1029
1026
|
parsed_url,
|
|
@@ -82,7 +82,6 @@ class paramminer_headers(BaseModule):
|
|
|
82
82
|
header_regex = re.compile(r"^[!#$%&\'*+\-.^_`|~0-9a-zA-Z]+: [^\r\n]+$")
|
|
83
83
|
|
|
84
84
|
async def setup(self):
|
|
85
|
-
|
|
86
85
|
self.recycle_words = self.config.get("recycle_words", True)
|
|
87
86
|
self.event_dict = {}
|
|
88
87
|
self.already_checked = set()
|
|
@@ -157,7 +156,6 @@ class paramminer_headers(BaseModule):
|
|
|
157
156
|
)
|
|
158
157
|
|
|
159
158
|
async def handle_event(self, event):
|
|
160
|
-
|
|
161
159
|
# If recycle words is enabled, we will collect WEB_PARAMETERS we find to build our list in finish()
|
|
162
160
|
# We also collect any parameters of type "SPECULATIVE"
|
|
163
161
|
if event.type == "WEB_PARAMETER":
|
|
@@ -201,7 +199,7 @@ class paramminer_headers(BaseModule):
|
|
|
201
199
|
return
|
|
202
200
|
for count, args, kwargs in self.gen_count_args(url):
|
|
203
201
|
r = await self.helpers.request(*args, **kwargs)
|
|
204
|
-
if r is not None and not (
|
|
202
|
+
if r is not None and not (str(r.status_code)[0] in ("4", "5")):
|
|
205
203
|
return count
|
|
206
204
|
|
|
207
205
|
def gen_count_args(self, url):
|
|
@@ -240,7 +238,6 @@ class paramminer_headers(BaseModule):
|
|
|
240
238
|
return await compare_helper.compare(url, headers=test_headers, check_reflection=(len(header_list) == 1))
|
|
241
239
|
|
|
242
240
|
async def finish(self):
|
|
243
|
-
|
|
244
241
|
untested_matches = sorted(list(self.extracted_words_master.copy()))
|
|
245
242
|
for url, (event, batch_size) in list(self.event_dict.items()):
|
|
246
243
|
try:
|
bbot/modules/trufflehog.py
CHANGED
bbot/scanner/preset/args.py
CHANGED
bbot/scanner/preset/environ.py
CHANGED
|
@@ -10,7 +10,6 @@ class TestAsset_Inventory(ModuleTestBase):
|
|
|
10
10
|
masscan_output = """{ "ip": "127.0.0.1", "timestamp": "1680197558", "ports": [ {"port": 9999, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 54} ] }"""
|
|
11
11
|
|
|
12
12
|
async def setup_before_prep(self, module_test):
|
|
13
|
-
|
|
14
13
|
async def run_masscan(command, *args, **kwargs):
|
|
15
14
|
if "masscan" in command[:2]:
|
|
16
15
|
targets = open(command[11]).read().splitlines()
|
|
@@ -7,7 +7,6 @@ class TestDnsbrute(ModuleTestBase):
|
|
|
7
7
|
config_overrides = {"modules": {"dnsbrute": {"wordlist": str(subdomain_wordlist), "max_depth": 3}}}
|
|
8
8
|
|
|
9
9
|
async def setup_after_prep(self, module_test):
|
|
10
|
-
|
|
11
10
|
old_run_live = module_test.scan.helpers.run_live
|
|
12
11
|
|
|
13
12
|
async def new_run_live(*command, check=False, text=True, **kwargs):
|
|
@@ -8,7 +8,6 @@ class TestDNSCommonSRV(ModuleTestBase):
|
|
|
8
8
|
config_overrides = {"dns": {"minimal": False}}
|
|
9
9
|
|
|
10
10
|
async def setup_after_prep(self, module_test):
|
|
11
|
-
|
|
12
11
|
old_run_live = module_test.scan.helpers.run_live
|
|
13
12
|
|
|
14
13
|
async def new_run_live(*command, check=False, text=True, **kwargs):
|
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
from .base import ModuleTestBase
|
|
2
|
+
|
|
3
|
+
raw_smtp_tls_txt = '"v=TLSRPTv1; rua=mailto:tlsrpt@sub.blacklanternsecurity.notreal,mailto:test@on.thirdparty.com, https://tlspost.example.com;"'
|
|
4
|
+
|
|
5
|
+
|
|
6
|
+
class TestDNSTLSRPT(ModuleTestBase):
|
|
7
|
+
targets = ["blacklanternsecurity.notreal"]
|
|
8
|
+
modules_overrides = ["dnstlsrpt", "speculate"]
|
|
9
|
+
config_overrides = {"modules": {"dnstlsrpt": {"emit_raw_dns_records": True}}, "scope": {"report_distance": 1}}
|
|
10
|
+
|
|
11
|
+
async def setup_after_prep(self, module_test):
|
|
12
|
+
await module_test.mock_dns(
|
|
13
|
+
{
|
|
14
|
+
"blacklanternsecurity.notreal": {
|
|
15
|
+
"A": ["127.0.0.11"],
|
|
16
|
+
},
|
|
17
|
+
"_tls.blacklanternsecurity.notreal": {
|
|
18
|
+
"A": ["127.0.0.22"],
|
|
19
|
+
},
|
|
20
|
+
"_smtp._tls.blacklanternsecurity.notreal": {
|
|
21
|
+
"A": ["127.0.0.33"],
|
|
22
|
+
"TXT": [raw_smtp_tls_txt],
|
|
23
|
+
},
|
|
24
|
+
"_tls._smtp._tls.blacklanternsecurity.notreal": {
|
|
25
|
+
"A": ["127.0.0.44"],
|
|
26
|
+
},
|
|
27
|
+
"_smtp._tls._smtp._tls.blacklanternsecurity.notreal": {
|
|
28
|
+
"TXT": [raw_smtp_tls_txt],
|
|
29
|
+
},
|
|
30
|
+
"sub.blacklanternsecurity.notreal": {
|
|
31
|
+
"A": ["127.0.0.55"],
|
|
32
|
+
},
|
|
33
|
+
}
|
|
34
|
+
)
|
|
35
|
+
|
|
36
|
+
def check(self, module_test, events):
|
|
37
|
+
assert any(
|
|
38
|
+
e.type == "RAW_DNS_RECORD" and e.data["answer"] == raw_smtp_tls_txt for e in events
|
|
39
|
+
), "Failed to emit RAW_DNS_RECORD"
|
|
40
|
+
assert any(
|
|
41
|
+
e.type == "DNS_NAME" and e.data == "sub.blacklanternsecurity.notreal" for e in events
|
|
42
|
+
), "Failed to detect sub-domain"
|
|
43
|
+
assert any(
|
|
44
|
+
e.type == "EMAIL_ADDRESS" and e.data == "tlsrpt@sub.blacklanternsecurity.notreal" for e in events
|
|
45
|
+
), "Failed to detect email address"
|
|
46
|
+
assert any(
|
|
47
|
+
e.type == "EMAIL_ADDRESS" and e.data == "test@on.thirdparty.com" for e in events
|
|
48
|
+
), "Failed to detect third party email address"
|
|
49
|
+
assert any(
|
|
50
|
+
e.type == "URL_UNVERIFIED" and e.data == "https://tlspost.example.com/" for e in events
|
|
51
|
+
), "Failed to detect third party URL"
|
|
52
|
+
|
|
53
|
+
|
|
54
|
+
class TestDNSTLSRPTRecursiveRecursion(TestDNSTLSRPT):
|
|
55
|
+
config_overrides = {
|
|
56
|
+
"scope": {"report_distance": 1},
|
|
57
|
+
"modules": {"dnstlsrpt": {"emit_raw_dns_records": True}},
|
|
58
|
+
}
|
|
59
|
+
|
|
60
|
+
def check(self, module_test, events):
|
|
61
|
+
assert not any(
|
|
62
|
+
e.type == "RAW_DNS_RECORD" and e.data["host"] == "_mta-sts._mta-sts.blacklanternsecurity.notreal"
|
|
63
|
+
for e in events
|
|
64
|
+
), "Unwanted recursion occurring"
|
|
@@ -146,14 +146,12 @@ class TestDotnetnuke_blindssrf(ModuleTestBase):
|
|
|
146
146
|
return Response("alive", status=200)
|
|
147
147
|
|
|
148
148
|
async def setup_before_prep(self, module_test):
|
|
149
|
-
|
|
150
149
|
self.interactsh_mock_instance = module_test.mock_interactsh("dotnetnuke_blindssrf")
|
|
151
150
|
module_test.monkeypatch.setattr(
|
|
152
151
|
module_test.scan.helpers, "interactsh", lambda *args, **kwargs: self.interactsh_mock_instance
|
|
153
152
|
)
|
|
154
153
|
|
|
155
154
|
async def setup_after_prep(self, module_test):
|
|
156
|
-
|
|
157
155
|
# Simulate DotNetNuke Instance
|
|
158
156
|
expect_args = {"method": "GET", "uri": "/"}
|
|
159
157
|
respond_args = {"response_data": dotnetnuke_http_response}
|
|
@@ -13,7 +13,6 @@ class TestExcavate(ModuleTestBase):
|
|
|
13
13
|
config_overrides = {"web": {"spider_distance": 1, "spider_depth": 1}}
|
|
14
14
|
|
|
15
15
|
async def setup_before_prep(self, module_test):
|
|
16
|
-
|
|
17
16
|
response_data = """
|
|
18
17
|
ftp://ftp.test.notreal
|
|
19
18
|
\\nhttps://www1.test.notreal
|
|
@@ -181,7 +180,6 @@ class TestExcavateRedirect(TestExcavate):
|
|
|
181
180
|
module_test.httpserver.no_handler_status_code = 404
|
|
182
181
|
|
|
183
182
|
def check(self, module_test, events):
|
|
184
|
-
|
|
185
183
|
assert 1 == len(
|
|
186
184
|
[
|
|
187
185
|
e
|
|
@@ -332,7 +330,6 @@ class TestExcavateMaxLinksPerPage(TestExcavate):
|
|
|
332
330
|
|
|
333
331
|
|
|
334
332
|
class TestExcavateCSP(TestExcavate):
|
|
335
|
-
|
|
336
333
|
csp_test_header = "default-src 'self'; script-src asdf.test.notreal; object-src 'none';"
|
|
337
334
|
|
|
338
335
|
async def setup_before_prep(self, module_test):
|
|
@@ -356,7 +353,6 @@ class TestExcavateURL(TestExcavate):
|
|
|
356
353
|
|
|
357
354
|
|
|
358
355
|
class TestExcavateURL_IP(TestExcavate):
|
|
359
|
-
|
|
360
356
|
targets = ["http://127.0.0.1:8888/", "127.0.0.2"]
|
|
361
357
|
|
|
362
358
|
async def setup_before_prep(self, module_test):
|
|
@@ -405,7 +401,6 @@ class TestExcavateSerializationPositive(TestExcavate):
|
|
|
405
401
|
|
|
406
402
|
|
|
407
403
|
class TestExcavateNonHttpScheme(TestExcavate):
|
|
408
|
-
|
|
409
404
|
targets = ["http://127.0.0.1:8888/", "test.notreal"]
|
|
410
405
|
|
|
411
406
|
non_http_scheme_html = """
|
|
@@ -425,7 +420,6 @@ class TestExcavateNonHttpScheme(TestExcavate):
|
|
|
425
420
|
module_test.httpserver.expect_request("/").respond_with_data(self.non_http_scheme_html)
|
|
426
421
|
|
|
427
422
|
def check(self, module_test, events):
|
|
428
|
-
|
|
429
423
|
found_hxxp_url = False
|
|
430
424
|
found_ftp_url = False
|
|
431
425
|
found_nonsense_url = False
|
|
@@ -540,7 +534,6 @@ class TestExcavateParameterExtraction(TestExcavate):
|
|
|
540
534
|
|
|
541
535
|
|
|
542
536
|
class TestExcavateParameterExtraction_getparam(ModuleTestBase):
|
|
543
|
-
|
|
544
537
|
targets = ["http://127.0.0.1:8888/"]
|
|
545
538
|
|
|
546
539
|
# hunt is added as parameter extraction is only activated by one or more modules that consume WEB_PARAMETER
|
|
@@ -554,11 +547,9 @@ class TestExcavateParameterExtraction_getparam(ModuleTestBase):
|
|
|
554
547
|
module_test.set_expect_requests(respond_args=respond_args)
|
|
555
548
|
|
|
556
549
|
def check(self, module_test, events):
|
|
557
|
-
|
|
558
550
|
excavate_getparam_extraction = False
|
|
559
551
|
for e in events:
|
|
560
552
|
if e.type == "WEB_PARAMETER":
|
|
561
|
-
|
|
562
553
|
if "HTTP Extracted Parameter [hack] (HTML Tags Submodule)" in e.data["description"]:
|
|
563
554
|
excavate_getparam_extraction = True
|
|
564
555
|
assert excavate_getparam_extraction, "Excavate failed to extract web parameter"
|
|
@@ -626,7 +617,6 @@ class excavateTestRule(ExcavateRule):
|
|
|
626
617
|
|
|
627
618
|
|
|
628
619
|
class TestExcavateYara(TestExcavate):
|
|
629
|
-
|
|
630
620
|
targets = ["http://127.0.0.1:8888/"]
|
|
631
621
|
yara_test_html = """
|
|
632
622
|
<html>
|
|
@@ -641,12 +631,10 @@ class TestExcavateYara(TestExcavate):
|
|
|
641
631
|
"""
|
|
642
632
|
|
|
643
633
|
async def setup_before_prep(self, module_test):
|
|
644
|
-
|
|
645
634
|
self.modules_overrides = ["excavate", "httpx"]
|
|
646
635
|
module_test.httpserver.expect_request("/").respond_with_data(self.yara_test_html)
|
|
647
636
|
|
|
648
637
|
async def setup_after_prep(self, module_test):
|
|
649
|
-
|
|
650
638
|
excavate_module = module_test.scan.modules["excavate"]
|
|
651
639
|
excavateruleinstance = excavateTestRule(excavate_module)
|
|
652
640
|
excavate_module.add_yara_rule(
|
|
@@ -665,7 +653,6 @@ class TestExcavateYara(TestExcavate):
|
|
|
665
653
|
found_yara_string_1 = False
|
|
666
654
|
found_yara_string_2 = False
|
|
667
655
|
for e in events:
|
|
668
|
-
|
|
669
656
|
if e.type == "FINDING":
|
|
670
657
|
if e.data["description"] == "HTTP response (body) Contains the text AAAABBBBCCCC":
|
|
671
658
|
found_yara_string_1 = True
|
|
@@ -677,7 +664,6 @@ class TestExcavateYara(TestExcavate):
|
|
|
677
664
|
|
|
678
665
|
|
|
679
666
|
class TestExcavateYaraCustom(TestExcavateYara):
|
|
680
|
-
|
|
681
667
|
rule_file = [
|
|
682
668
|
'rule SearchForText { meta: description = "Contains the text AAAABBBBCCCC" strings: $text = "AAAABBBBCCCC" condition: $text }',
|
|
683
669
|
'rule SearchForText2 { meta: description = "Contains the text DDDDEEEEFFFF" strings: $text2 = "DDDDEEEEFFFF" condition: $text2 }',
|
|
@@ -711,7 +697,6 @@ class TestExcavateSpiderDedupe(ModuleTestBase):
|
|
|
711
697
|
module_test.httpserver.expect_request("/spider").respond_with_data("hi")
|
|
712
698
|
|
|
713
699
|
def check(self, module_test, events):
|
|
714
|
-
|
|
715
700
|
found_url_unverified_spider_max = False
|
|
716
701
|
found_url_unverified_dummy = False
|
|
717
702
|
found_url_event = False
|
|
@@ -803,7 +788,6 @@ class TestExcavate_retain_querystring(ModuleTestBase):
|
|
|
803
788
|
|
|
804
789
|
|
|
805
790
|
class TestExcavate_retain_querystring_not(TestExcavate_retain_querystring):
|
|
806
|
-
|
|
807
791
|
config_overrides = {
|
|
808
792
|
"url_querystring_remove": False,
|
|
809
793
|
"url_querystring_collapse": False,
|
|
@@ -827,7 +811,6 @@ class TestExcavate_retain_querystring_not(TestExcavate_retain_querystring):
|
|
|
827
811
|
|
|
828
812
|
|
|
829
813
|
class TestExcavate_webparameter_outofscope(ModuleTestBase):
|
|
830
|
-
|
|
831
814
|
html_body = "<html><a class=button href='https://socialmediasite.com/send?text=foo'><a class=button href='https://outofscope.com/send?text=foo'></html>"
|
|
832
815
|
|
|
833
816
|
targets = ["http://127.0.0.1:8888", "socialmediasite.com"]
|
|
@@ -858,13 +841,11 @@ class TestExcavate_webparameter_outofscope(ModuleTestBase):
|
|
|
858
841
|
|
|
859
842
|
|
|
860
843
|
class TestExcavateHeaders(ModuleTestBase):
|
|
861
|
-
|
|
862
844
|
targets = ["http://127.0.0.1:8888/"]
|
|
863
845
|
modules_overrides = ["excavate", "httpx", "hunt"]
|
|
864
846
|
config_overrides = {"web": {"spider_distance": 1, "spider_depth": 1}}
|
|
865
847
|
|
|
866
848
|
async def setup_before_prep(self, module_test):
|
|
867
|
-
|
|
868
849
|
module_test.httpserver.expect_request("/").respond_with_data(
|
|
869
850
|
"<html><p>test</p></html>",
|
|
870
851
|
status=200,
|
|
@@ -877,7 +858,6 @@ class TestExcavateHeaders(ModuleTestBase):
|
|
|
877
858
|
)
|
|
878
859
|
|
|
879
860
|
def check(self, module_test, events):
|
|
880
|
-
|
|
881
861
|
found_first_cookie = False
|
|
882
862
|
found_second_cookie = False
|
|
883
863
|
|
|
@@ -89,7 +89,6 @@ class TestParamminer_Getparams_boring_off(TestParamminer_Getparams):
|
|
|
89
89
|
module_test.set_expect_requests(respond_args=respond_args)
|
|
90
90
|
|
|
91
91
|
def check(self, module_test, events):
|
|
92
|
-
|
|
93
92
|
emitted_boring_parameter = False
|
|
94
93
|
for e in events:
|
|
95
94
|
if e.type == "WEB_PARAMETER":
|
|
@@ -106,7 +105,6 @@ class TestParamminer_Getparams_boring_on(TestParamminer_Getparams_boring_off):
|
|
|
106
105
|
}
|
|
107
106
|
|
|
108
107
|
def check(self, module_test, events):
|
|
109
|
-
|
|
110
108
|
emitted_boring_parameter = False
|
|
111
109
|
|
|
112
110
|
for e in events:
|
|
@@ -160,15 +158,12 @@ class TestParamminer_Getparams_finish(Paramminer_Headers):
|
|
|
160
158
|
module_test.set_expect_requests(expect_args=expect_args, respond_args=respond_args)
|
|
161
159
|
|
|
162
160
|
def check(self, module_test, events):
|
|
163
|
-
|
|
164
161
|
excavate_extracted_web_parameter = False
|
|
165
162
|
found_hidden_getparam_recycled = False
|
|
166
163
|
emitted_excavate_paramminer_duplicate = False
|
|
167
164
|
|
|
168
165
|
for e in events:
|
|
169
|
-
|
|
170
166
|
if e.type == "WEB_PARAMETER":
|
|
171
|
-
|
|
172
167
|
if (
|
|
173
168
|
"http://127.0.0.1:8888/test2.php" in e.data["url"]
|
|
174
169
|
and "HTTP Extracted Parameter [abcd1234] (HTML Tags Submodule)" in e.data["description"]
|
|
@@ -213,7 +208,6 @@ class TestParamminer_Getparams_xmlspeculative(Paramminer_Headers):
|
|
|
213
208
|
"""
|
|
214
209
|
|
|
215
210
|
async def setup_after_prep(self, module_test):
|
|
216
|
-
|
|
217
211
|
module_test.scan.modules["paramminer_getparams"].rand_string = lambda *args, **kwargs: "AAAAAAAAAAAAAA"
|
|
218
212
|
module_test.monkeypatch.setattr(
|
|
219
213
|
helper.HttpCompare, "gen_cache_buster", lambda *args, **kwargs: {"AAAAAA": "1"}
|
|
@@ -39,7 +39,6 @@ class Paramminer_Headers(ModuleTestBase):
|
|
|
39
39
|
module_test.set_expect_requests(respond_args=respond_args)
|
|
40
40
|
|
|
41
41
|
def check(self, module_test, events):
|
|
42
|
-
|
|
43
42
|
found_reflected_header = False
|
|
44
43
|
false_positive_match = False
|
|
45
44
|
|
|
@@ -60,7 +59,6 @@ class TestParamminer_Headers(Paramminer_Headers):
|
|
|
60
59
|
|
|
61
60
|
|
|
62
61
|
class TestParamminer_Headers_noreflection(Paramminer_Headers):
|
|
63
|
-
|
|
64
62
|
found_nonreflected_header = False
|
|
65
63
|
|
|
66
64
|
headers_body_match = """
|
|
@@ -82,7 +80,6 @@ class TestParamminer_Headers_noreflection(Paramminer_Headers):
|
|
|
82
80
|
|
|
83
81
|
|
|
84
82
|
class TestParamminer_Headers_extract(Paramminer_Headers):
|
|
85
|
-
|
|
86
83
|
modules_overrides = ["httpx", "paramminer_headers", "excavate"]
|
|
87
84
|
config_overrides = {
|
|
88
85
|
"modules": {
|
|
@@ -123,7 +120,6 @@ class TestParamminer_Headers_extract(Paramminer_Headers):
|
|
|
123
120
|
module_test.set_expect_requests(respond_args=respond_args)
|
|
124
121
|
|
|
125
122
|
def check(self, module_test, events):
|
|
126
|
-
|
|
127
123
|
excavate_extracted_web_parameter = False
|
|
128
124
|
used_recycled_parameter = False
|
|
129
125
|
|
|
@@ -139,17 +135,14 @@ class TestParamminer_Headers_extract(Paramminer_Headers):
|
|
|
139
135
|
|
|
140
136
|
|
|
141
137
|
class TestParamminer_Headers_extract_norecycle(TestParamminer_Headers_extract):
|
|
142
|
-
|
|
143
138
|
modules_overrides = ["httpx", "excavate"]
|
|
144
139
|
config_overrides = {}
|
|
145
140
|
|
|
146
141
|
async def setup_after_prep(self, module_test):
|
|
147
|
-
|
|
148
142
|
respond_args = {"response_data": self.headers_body}
|
|
149
143
|
module_test.set_expect_requests(respond_args=respond_args)
|
|
150
144
|
|
|
151
145
|
def check(self, module_test, events):
|
|
152
|
-
|
|
153
146
|
excavate_extracted_web_parameter = False
|
|
154
147
|
|
|
155
148
|
for e in events:
|
|
@@ -21,7 +21,6 @@ class TestPortscan(ModuleTestBase):
|
|
|
21
21
|
masscan_output_ping = """{ "ip": "8.8.8.8", "timestamp": "1719862594", "ports": [ {"port": 0, "proto": "icmp", "status": "open", "reason": "none", "ttl": 54} ] }"""
|
|
22
22
|
|
|
23
23
|
async def setup_after_prep(self, module_test):
|
|
24
|
-
|
|
25
24
|
from bbot.modules.base import BaseModule
|
|
26
25
|
|
|
27
26
|
class DummyModule(BaseModule):
|
|
@@ -1,13 +1,13 @@
|
|
|
1
|
-
bbot/__init__.py,sha256=
|
|
2
|
-
bbot/cli.py,sha256
|
|
1
|
+
bbot/__init__.py,sha256=axMbsMMdxGO7hofgbNW8GFlsfp7fd12R17RP3nRqYC0,130
|
|
2
|
+
bbot/cli.py,sha256=f_HbPSOyR7ishGb-UVwGdI71kLFrvkko4d01lDYlSdE,10436
|
|
3
3
|
bbot/core/__init__.py,sha256=l255GJE_DvUnWvrRb0J5lG-iMztJ8zVvoweDOfegGtI,46
|
|
4
4
|
bbot/core/config/__init__.py,sha256=zYNw2Me6tsEr8hOOkLb4BQ97GB7Kis2k--G81S8vofU,342
|
|
5
|
-
bbot/core/config/files.py,sha256=
|
|
5
|
+
bbot/core/config/files.py,sha256=zANvrTRLJQIOWSNkxd9MpWmf9cQFr0gRZLUxeIbTwQc,1412
|
|
6
6
|
bbot/core/config/logger.py,sha256=YBWLg3x0bEaHKQR8Fn9e1Y0OeyFTED0fgAMtUZT2gEw,10583
|
|
7
7
|
bbot/core/core.py,sha256=zFSbPd0YcjpeI1uO9U6lYY5gKmzNSTGhduvXvB6qZ0M,7065
|
|
8
8
|
bbot/core/engine.py,sha256=uauGZgd7zAnJwNmVVPDicwHbUVCa8pV_pif49lgYeWk,29364
|
|
9
9
|
bbot/core/event/__init__.py,sha256=8ut88ZUg0kbtWkOx2j3XzNr_3kTfgoM-3UdiWHFA_ag,56
|
|
10
|
-
bbot/core/event/base.py,sha256=
|
|
10
|
+
bbot/core/event/base.py,sha256=_WKPUeCFc6hC7G2DQaLOlHqdre-TBWWlUEvfJF3g2zU,61462
|
|
11
11
|
bbot/core/event/helpers.py,sha256=PUN4Trq5_wpKVuhmwUQWAr40apgMXhJ9Gz-VfZ0j3lA,1554
|
|
12
12
|
bbot/core/flags.py,sha256=Ltvm8Bc4D65I55HuU5bzyjO1R3yMDNpVmreGU83ZBXE,1266
|
|
13
13
|
bbot/core/helpers/__init__.py,sha256=0UNwcZjNsX41hbHdo3yZPuARkYWch-okI68DScexve4,86
|
|
@@ -21,33 +21,33 @@ bbot/core/helpers/depsinstaller/sudo_askpass.py,sha256=yGa2OQv30RO75QkMuG1iruKqb
|
|
|
21
21
|
bbot/core/helpers/diff.py,sha256=7waBeHFGnAKn-R-sBd-wc3yjwxT_umwy4YxfE7JFd6w,10599
|
|
22
22
|
bbot/core/helpers/dns/__init__.py,sha256=2JK8P0BUfPlh4CTuuOWQCOacwL7NEtGFYPJsxbA0Zwo,27
|
|
23
23
|
bbot/core/helpers/dns/brute.py,sha256=sTlgFabHVL5rNaD8Pef0kXap1gM4LFpc71kdR9j7pdE,6990
|
|
24
|
-
bbot/core/helpers/dns/dns.py,sha256=
|
|
25
|
-
bbot/core/helpers/dns/engine.py,sha256=
|
|
24
|
+
bbot/core/helpers/dns/dns.py,sha256=xlmHIdH4I4cn0dHeyYHipPiqeagibBW-BCHMbIlxtsw,8436
|
|
25
|
+
bbot/core/helpers/dns/engine.py,sha256=senRWnKADkH3z8lcPPMGCPVfKHnXHk2HejqAV9iGa4E,28747
|
|
26
26
|
bbot/core/helpers/dns/helpers.py,sha256=aQroIuz5TxrCZ4zoplOaqLj3ZNgOgDRKn0xM8GKz2dA,8505
|
|
27
|
-
bbot/core/helpers/dns/mock.py,sha256=
|
|
27
|
+
bbot/core/helpers/dns/mock.py,sha256=FCPrihu6O4kun38IH70RfktsXIKKfe0Qx5PMzZVUdsY,2588
|
|
28
28
|
bbot/core/helpers/files.py,sha256=GqrwNGJljUvGSzaOW5-Y357hkt7j88dOYbzQxJGsdTc,5787
|
|
29
29
|
bbot/core/helpers/helper.py,sha256=t6bv_wwI_MYlVpBAh9_c318rRSKGmoejx6qO9JOldbI,8423
|
|
30
30
|
bbot/core/helpers/interactsh.py,sha256=Q9IHUzH-T7e1s4YTHevHe-VJj1Mokv0EHY16UZJdl8M,12627
|
|
31
|
-
bbot/core/helpers/libmagic.py,sha256=
|
|
31
|
+
bbot/core/helpers/libmagic.py,sha256=QMHyxjgDLb2jyjBvK1MQ-xt6WkGXhKcHu9ZP1li-sik,3460
|
|
32
32
|
bbot/core/helpers/misc.py,sha256=fphXVSGtW70m2xdUCPDdISLtLwIG1v_cL6RxgNGmJNk,87757
|
|
33
33
|
bbot/core/helpers/names_generator.py,sha256=Sj_Q-7KQyElEpalzlUadSwaniESqrIVVEle9ycPIiho,10322
|
|
34
34
|
bbot/core/helpers/ntlm.py,sha256=P2Xj4-GPos2iAzw4dfk0FJp6oGyycGhu2x6sLDVjYjs,2573
|
|
35
|
-
bbot/core/helpers/process.py,sha256=
|
|
35
|
+
bbot/core/helpers/process.py,sha256=00uRpLMFi3Pt3uT8qXwAIhsXdoa7h-ifoXh0sGYgwqs,1702
|
|
36
36
|
bbot/core/helpers/ratelimiter.py,sha256=K8qFIyJPJtfdb9kSW6_lL6ahWqxR2uWyCBkDlg6uJgo,1990
|
|
37
37
|
bbot/core/helpers/regex.py,sha256=XURaY6ijpOYYU9lzWMAKg12G1VFtGJjlJl07_eN1xxk,4170
|
|
38
38
|
bbot/core/helpers/regexes.py,sha256=-IHbsvS9XJXHkfbthaB1CbRaikDt1pmiiUsbOJW7wpc,5946
|
|
39
39
|
bbot/core/helpers/url.py,sha256=1NDrvirODzzD6Mcssu-4WDNerMeMdekHCFzhRCS0m3g,5947
|
|
40
|
-
bbot/core/helpers/validators.py,sha256=
|
|
40
|
+
bbot/core/helpers/validators.py,sha256=TIjgtHS6fMObjTszDJ_nng3YMJpuV6BzKdmkQ2LY3Qk,9695
|
|
41
41
|
bbot/core/helpers/web/__init__.py,sha256=pIEkL3DhjaGTSmZ7D3yKKYwWpntoLRILekV2wWsbsws,27
|
|
42
42
|
bbot/core/helpers/web/client.py,sha256=vDRhUQ6onkNzeJCqWd8oCQb08rLrWB2Sg7sDH7ZssK0,3562
|
|
43
|
-
bbot/core/helpers/web/engine.py,sha256=
|
|
43
|
+
bbot/core/helpers/web/engine.py,sha256=hwFSWrW8fDzinmKS27u1RHl3rP-QM05FOZp8zXWD5AY,8869
|
|
44
44
|
bbot/core/helpers/web/ssl_context.py,sha256=aWVgl-d0HoE8B4EBKNxaa5UAzQmx79DjDByfBw9tezo,356
|
|
45
|
-
bbot/core/helpers/web/web.py,sha256=
|
|
45
|
+
bbot/core/helpers/web/web.py,sha256=sdsffF3F_gj76DwfFcgW9D70Vj8HJszSNxw21QJdUKk,22657
|
|
46
46
|
bbot/core/helpers/wordcloud.py,sha256=WdQwboCNcCxcUdLuB6MMMDQBL4ZshFM_f6GW7nUZEBQ,19819
|
|
47
|
-
bbot/core/modules.py,sha256=
|
|
47
|
+
bbot/core/modules.py,sha256=k4a-4cxdpQGA-17vELWOZ8eqsMSrd4nk5g3eOJVhx9g,31431
|
|
48
48
|
bbot/core/multiprocess.py,sha256=ocQHanskJ09gHwe7RZmwNdZyCOQyeyUoIHCtLbtvXUk,1771
|
|
49
49
|
bbot/core/shared_deps.py,sha256=A3vrI62uPTTayNIHhWAj6xz43cj--oXWC4prmDlgJnw,6958
|
|
50
|
-
bbot/db/sql/models.py,sha256=
|
|
50
|
+
bbot/db/sql/models.py,sha256=SrUdDOBCICzXJBY29p0VvILhMQ1JCuh725bqvIYogX0,4884
|
|
51
51
|
bbot/defaults.yml,sha256=d1uVZOWzaJ7IM5YF-Zpambb8Gdbas-aCInqoWElxsEw,6221
|
|
52
52
|
bbot/errors.py,sha256=xwQcD26nU9oc7-o0kv5jmEDTInmi8_W8eKAgQZZxdVM,953
|
|
53
53
|
bbot/logger.py,sha256=rLcLzNDvfR8rFj7_tZ-f5QB3Z8T0RVroact3W0ogjpA,1408
|
|
@@ -57,8 +57,8 @@ bbot/modules/anubisdb.py,sha256=JCy2YCfa0e_VawpzNmcPXAosKUthmYGutireJ0gMDws,1916
|
|
|
57
57
|
bbot/modules/apkpure.py,sha256=V-bGIFV7b91kXo24OitACip8Rx5qaoI1p6iHwbICxwk,2434
|
|
58
58
|
bbot/modules/azure_realm.py,sha256=pP2PUlLy0K9KKaE8aNcznWjDW3PKHvnMejdOSc-o4ms,1612
|
|
59
59
|
bbot/modules/azure_tenant.py,sha256=cKS53GjvrplaFFYvacUmJKCdLB6h7Yp_AzHNFuKtFrU,5374
|
|
60
|
-
bbot/modules/baddns.py,sha256=
|
|
61
|
-
bbot/modules/baddns_direct.py,sha256=
|
|
60
|
+
bbot/modules/baddns.py,sha256=SP-o0M2dq5QIkaQZUKl9YZiOXdZasty-fHPxTJJAeR0,6378
|
|
61
|
+
bbot/modules/baddns_direct.py,sha256=pe_seO74XI4b6w4Q_IBDNvtBjmD-7it5ts0Z-FB0L6k,3818
|
|
62
62
|
bbot/modules/baddns_zone.py,sha256=IcewDBtA_-64NCNFojEFd9jt2YBek6ltB2mmqdDH6LE,1034
|
|
63
63
|
bbot/modules/badsecrets.py,sha256=JSukBYdD3yuvVy84DkyX48428R_LgQ7P39tjTRAD_Mo,5107
|
|
64
64
|
bbot/modules/base.py,sha256=-nPgoPjMwcveZ81fzb4TwhbtBFqNYorj-zD3TG91ZPg,71115
|
|
@@ -93,9 +93,10 @@ bbot/modules/dnsbrute_mutations.py,sha256=bOJidK_oKZe87u8e9t0mEFnyuBi93UiNsQvpZY
|
|
|
93
93
|
bbot/modules/dnscaa.py,sha256=pyaLqHrdsVhqtd1JBZVjKKcuYT_ywUbFYkrnfXcGD5s,5014
|
|
94
94
|
bbot/modules/dnscommonsrv.py,sha256=gEErfSur7Odkaif4CbXYx3OZ3FQrQESyiMGPbcDKSIg,1538
|
|
95
95
|
bbot/modules/dnsdumpster.py,sha256=n-UP428_9kAmh_1gf55jeh-3uWyr1EZN0AYSnT3uOnU,3253
|
|
96
|
+
bbot/modules/dnstlsrpt.py,sha256=LW-8NTfUlYAlSlDrDBcELTe4LTrAI412J03xQfAL93Y,6427
|
|
96
97
|
bbot/modules/docker_pull.py,sha256=Dp8de9UCCELcozwmZphA3lMh8qZaXyDo2kfwG45Wm3w,9069
|
|
97
98
|
bbot/modules/dockerhub.py,sha256=ruvTP8Uz5LEuX-_SrKDzByvSNtd1ofZbX-lRTeKUB24,3491
|
|
98
|
-
bbot/modules/dotnetnuke.py,sha256=
|
|
99
|
+
bbot/modules/dotnetnuke.py,sha256=qS1lzAmvWlDYrm1ODufIBvIS20oTr7m7m3xU-a5PGUA,10537
|
|
99
100
|
bbot/modules/emailformat.py,sha256=RLPJW-xitYB-VT4Lp08qVzFkXx_kMyV_035JT_Yf4fM,1082
|
|
100
101
|
bbot/modules/extractous.py,sha256=22pc62jOs_4E3uZtBjUbUksLTadNr9sp_4r0-eU1un8,4551
|
|
101
102
|
bbot/modules/ffuf_shortnames.py,sha256=9Kh0kJsw7XXpXmCkiB5eAhG4h9rSo8Y-mB3p0EDa_l0,12624
|
|
@@ -122,7 +123,7 @@ bbot/modules/internal/aggregate.py,sha256=csWYIt2fUp9K_CRxP3bndUMIjpNIh8rmBubp5F
|
|
|
122
123
|
bbot/modules/internal/base.py,sha256=BXO4Hc7XKaAOaLzolF3krJX1KibPxtek2GTQUgnCHk0,387
|
|
123
124
|
bbot/modules/internal/cloudcheck.py,sha256=86wYVzoY8OeorpqQFger9UrdNdu2vTkd8XmC9xtplUc,4727
|
|
124
125
|
bbot/modules/internal/dnsresolve.py,sha256=UW88BlpJ7gOjPARrjVgtwpDIDPNQZRpuIRpL2yVP6T4,15251
|
|
125
|
-
bbot/modules/internal/excavate.py,sha256=
|
|
126
|
+
bbot/modules/internal/excavate.py,sha256=3kQqtA0yAfPXtwyhiDiywDVBXIsq5H9qAVBW6SB2wuY,51536
|
|
126
127
|
bbot/modules/internal/speculate.py,sha256=hOJPrmJP8-APqSEbmYsbKrvovLIGIz4dJUoZyusq0w0,9270
|
|
127
128
|
bbot/modules/internetdb.py,sha256=Edg0Z84dH8dPTZMd7RlzvYBYNq8JHs_ns_ldnFxwRKo,5415
|
|
128
129
|
bbot/modules/ip2location.py,sha256=yGivX9fzvwvLpnqmYCP2a8SPjTarzrZxfRluog-nkME,2628
|
|
@@ -158,7 +159,7 @@ bbot/modules/output/web_report.py,sha256=lZ0FqRZ7Jz1lljI9JMhH9gjtWLaTCSpSnAKQGAc
|
|
|
158
159
|
bbot/modules/output/websocket.py,sha256=sDTtHU-Ey_tvS0gMi6PVPV9L4qAmGyWeccxAKfEWCac,2278
|
|
159
160
|
bbot/modules/paramminer_cookies.py,sha256=q1PzftHQpCHLz81_VgLZsO6moia7ZtnU32igfcySi2w,1816
|
|
160
161
|
bbot/modules/paramminer_getparams.py,sha256=_j6rgaqV5wGJoa8p5-KKbe2YsVGUtmWIanCVtFiF97Y,1893
|
|
161
|
-
bbot/modules/paramminer_headers.py,sha256=
|
|
162
|
+
bbot/modules/paramminer_headers.py,sha256=fljlCoRuH6ML4Hz2ZCGH7Yr3aeOgRM896KfS8TVBKrs,10300
|
|
162
163
|
bbot/modules/passivetotal.py,sha256=uGT6c_CUxBNInmClsTg8afIYA2ZykKYYCgjkyzujfHg,1653
|
|
163
164
|
bbot/modules/pgp.py,sha256=Xu2M9WEIlwTm5-Lv29g7BblI05tD9Dl0XsYSeY6UURs,2065
|
|
164
165
|
bbot/modules/portscan.py,sha256=2VSoxoh0AypE8DoGKHqE-a57G4Z91XEo3kquQ5OpM3Y,14656
|
|
@@ -189,7 +190,7 @@ bbot/modules/templates/sql.py,sha256=o-CdyyoJvHJdJBKkj3CIGXYxUta4w2AB_2Vr-k7cDDU
|
|
|
189
190
|
bbot/modules/templates/subdomain_enum.py,sha256=54prHdg_wgTBHIJLPLbDWBqq2x978NDfDOGG7R5A6fQ,8403
|
|
190
191
|
bbot/modules/templates/webhook.py,sha256=MYhKWrNYrsfM0a4PR6yVotudLyyCwgmy2eI-l9LvpBs,3706
|
|
191
192
|
bbot/modules/trickest.py,sha256=MRgLW0YiDWzlWdAjyqfPPLFb-a51r-Ffn_dphiJI_gA,1550
|
|
192
|
-
bbot/modules/trufflehog.py,sha256=
|
|
193
|
+
bbot/modules/trufflehog.py,sha256=NCggggfFFdHn-tpws0mvD2OYLQcKkYDLb1P6CRySPWM,8554
|
|
193
194
|
bbot/modules/url_manipulation.py,sha256=BI-OhlzNzP5xvwzHphL4qdehc4NiEYnL2BNK-JoEm90,4322
|
|
194
195
|
bbot/modules/urlscan.py,sha256=ajhiX2sj-zZDlKU1q5rE8JTzxioj1mDLqZ9PRSQCpAw,3741
|
|
195
196
|
bbot/modules/viewdns.py,sha256=f0vwoLpua2Ovw1gcrjoafUdaAP9fi4bHgTUiDOe8iWg,2596
|
|
@@ -219,9 +220,9 @@ bbot/scanner/__init__.py,sha256=gCyAAbkNm8_KozNpDENCKqO3E3ZCgseplnz40AtiJ1U,56
|
|
|
219
220
|
bbot/scanner/dispatcher.py,sha256=_hsIegfUDrt8CUdXqgRvp1J0UwwzqVSDxjQmiviO41c,793
|
|
220
221
|
bbot/scanner/manager.py,sha256=_5FBfxOmSMUeGp_-ryyGGl0pxb_eu-NSWft-lH1Pyog,10466
|
|
221
222
|
bbot/scanner/preset/__init__.py,sha256=Jf2hWsHlTFtWNXL6gXD8_ZbKPFUM564ppdSxHFYnIJU,27
|
|
222
|
-
bbot/scanner/preset/args.py,sha256=
|
|
223
|
+
bbot/scanner/preset/args.py,sha256=wuG-eVCsl-4EpmJoNeuuFB4sFNulOgCYFc_8P7ztKLE,16023
|
|
223
224
|
bbot/scanner/preset/conditions.py,sha256=hFL9cSIWGEsv2TfM5UGurf0c91cyaM8egb5IngBmIjA,1569
|
|
224
|
-
bbot/scanner/preset/environ.py,sha256
|
|
225
|
+
bbot/scanner/preset/environ.py,sha256=9KbEOLWkUdoAf5Ez_2A1NNm6QduQElbnNnrPi6VDhZs,4731
|
|
225
226
|
bbot/scanner/preset/path.py,sha256=Q29MO8cOEn690yW6bB08P72kbZ3C-H_TOEoXuwWnFM8,2274
|
|
226
227
|
bbot/scanner/preset/preset.py,sha256=QHUKc2raBArcdzn3op7BhLJHJpb5yjDsQumOvvOw85E,40058
|
|
227
228
|
bbot/scanner/scanner.py,sha256=YPvu4KMKLAM_P-kzww5JdvX6JMVHC0gq6P0kUOt1_X8,53884
|
|
@@ -270,7 +271,7 @@ bbot/test/test_step_2/module_tests/test_module_ajaxpro.py,sha256=0sPzcm0O3mmeqcO
|
|
|
270
271
|
bbot/test/test_step_2/module_tests/test_module_anubisdb.py,sha256=aQHUUswX2VJYoUWFm3cInXnUK4lkU-ah3b2BnxWgWcQ,546
|
|
271
272
|
bbot/test/test_step_2/module_tests/test_module_apkpure.py,sha256=8KM-JCir0doUupwN3JwV5OPaPE_Jq_hz2-96-ZKGpRI,2823
|
|
272
273
|
bbot/test/test_step_2/module_tests/test_module_asn.py,sha256=qIbitSAEAmYyxhpxvdFDsQrHaaxfgKsFox9Q3jTmvgI,10616
|
|
273
|
-
bbot/test/test_step_2/module_tests/test_module_asset_inventory.py,sha256=
|
|
274
|
+
bbot/test/test_step_2/module_tests/test_module_asset_inventory.py,sha256=NEMSPBlczpA5NbQpIcRBpRXpVnfS9lmSS1U7eJmIXAU,3878
|
|
274
275
|
bbot/test/test_step_2/module_tests/test_module_azure_realm.py,sha256=uCNeyKmlC26tcyQGyasnTqzzVWo_oKy_EHKEVVh8W9o,1287
|
|
275
276
|
bbot/test/test_step_2/module_tests/test_module_azure_tenant.py,sha256=Aaid6Ftb_qBOmjcUDauXeI6WZcBz49Wli5Yk8FWrZVc,4805
|
|
276
277
|
bbot/test/test_step_2/module_tests/test_module_baddns.py,sha256=vJYZZeYPYO2BbR4fdpB8KjGei3APB9gxOlrnU3lamXU,2822
|
|
@@ -303,18 +304,19 @@ bbot/test/test_step_2/module_tests/test_module_dehashed.py,sha256=YVsTEFEPchahDT
|
|
|
303
304
|
bbot/test/test_step_2/module_tests/test_module_digitorus.py,sha256=81mNwDb4WLUibstUSD8TowSJB3B5DBneS2LWimie9y4,1613
|
|
304
305
|
bbot/test/test_step_2/module_tests/test_module_discord.py,sha256=Z66fGb-kkdZTQfUh6WZiM35Ad-gDyvwxlA7mUUB2vnQ,1838
|
|
305
306
|
bbot/test/test_step_2/module_tests/test_module_dnsbimi.py,sha256=Ag24Bcm4MFxgUwvXXubPGE6mLMBsJGwfhCQ6paK-rRU,4391
|
|
306
|
-
bbot/test/test_step_2/module_tests/test_module_dnsbrute.py,sha256=
|
|
307
|
-
bbot/test/test_step_2/module_tests/test_module_dnsbrute_mutations.py,sha256=
|
|
307
|
+
bbot/test/test_step_2/module_tests/test_module_dnsbrute.py,sha256=x6p3rhLPbEvtOjV1u9C25He15xrVJq6diKEx-05sdtk,5152
|
|
308
|
+
bbot/test/test_step_2/module_tests/test_module_dnsbrute_mutations.py,sha256=AkL1cOCwHF1unabsbMZz_HXs45K6myxmPndNbcigbjo,3901
|
|
308
309
|
bbot/test/test_step_2/module_tests/test_module_dnscaa.py,sha256=5JaAYt-oFGON8Gc4xJNyc2UtjCp97OEiaJrvD04VHQM,2751
|
|
309
|
-
bbot/test/test_step_2/module_tests/test_module_dnscommonsrv.py,sha256=
|
|
310
|
+
bbot/test/test_step_2/module_tests/test_module_dnscommonsrv.py,sha256=T9RwPZCAnSVgnjLH7bBpH516owws_B2yxhiDRPBAp40,8259
|
|
310
311
|
bbot/test/test_step_2/module_tests/test_module_dnsdumpster.py,sha256=pgwOrfq_qNxbDBCAffspz6qlbd9MU5yZxguJizqHpFU,59749
|
|
311
312
|
bbot/test/test_step_2/module_tests/test_module_dnsresolve.py,sha256=15LEcggP_eVYFQdMO1zHTvoGc6n8IaUjsQDmX0sZS4o,2077
|
|
313
|
+
bbot/test/test_step_2/module_tests/test_module_dnstlsrpt.py,sha256=tAXUcu66BrNOo4AWvJfHft8IWKJtL0pLhfWstpl5zUc,2640
|
|
312
314
|
bbot/test/test_step_2/module_tests/test_module_docker_pull.py,sha256=-JSAo51dS3Ie9RaLBcWK0kfbg8bCPr7mohpFGAwOKPQ,27988
|
|
313
315
|
bbot/test/test_step_2/module_tests/test_module_dockerhub.py,sha256=9T8CFcFP32MOppUmSVNBUSifnk2kMONqzW_7vvvKdpk,3907
|
|
314
|
-
bbot/test/test_step_2/module_tests/test_module_dotnetnuke.py,sha256=
|
|
316
|
+
bbot/test/test_step_2/module_tests/test_module_dotnetnuke.py,sha256=voi1C_v7VeaRe_-yzCybO9FUxnFf9qzWkoUY66KYiGI,8114
|
|
315
317
|
bbot/test/test_step_2/module_tests/test_module_emailformat.py,sha256=cKxBPnEQ4AiRKV_-hSYEE6756ypst3hi6MN0L5RTukY,461
|
|
316
318
|
bbot/test/test_step_2/module_tests/test_module_emails.py,sha256=bZjtO8N3GG2_g6SUEYprAFLcsi7SlwNPJJ0nODfrWYU,944
|
|
317
|
-
bbot/test/test_step_2/module_tests/test_module_excavate.py,sha256=
|
|
319
|
+
bbot/test/test_step_2/module_tests/test_module_excavate.py,sha256=jK0MQsaIVkg-QOKrvJde4zw_L6moHqy7soyLBO3TFUY,42159
|
|
318
320
|
bbot/test/test_step_2/module_tests/test_module_extractous.py,sha256=FiMSgddx2qnxGIDImvofrd5hPRQIIul6Y67wwNsgEqE,17973
|
|
319
321
|
bbot/test/test_step_2/module_tests/test_module_ffuf.py,sha256=aSB49aN77sw-2LNTDHckiEEaHAn_85xCJno1shdOwus,2964
|
|
320
322
|
bbot/test/test_step_2/module_tests/test_module_ffuf_shortnames.py,sha256=s8E7M9d1fhm__krM4lmteyTtSsYpVL4hn1z8ub7RVss,7608
|
|
@@ -352,12 +354,12 @@ bbot/test/test_step_2/module_tests/test_module_ntlm.py,sha256=N8SrrA-q8CMtL2Mcdz
|
|
|
352
354
|
bbot/test/test_step_2/module_tests/test_module_nuclei.py,sha256=rLCTuKWnGWiGDcVnMjk4D7x6RGftEj3D4Woqpam-cgQ,7050
|
|
353
355
|
bbot/test/test_step_2/module_tests/test_module_oauth.py,sha256=i6kSBK-aa7QREGaGAi6WeDaD3susclAqImUxW2i2tyc,9482
|
|
354
356
|
bbot/test/test_step_2/module_tests/test_module_otx.py,sha256=tWkJlrdSCP2IUPGkB2RoS_xUN1xndMwyRDNyDfj5l3s,1160
|
|
355
|
-
bbot/test/test_step_2/module_tests/test_module_paramminer_cookies.py,sha256=
|
|
356
|
-
bbot/test/test_step_2/module_tests/test_module_paramminer_getparams.py,sha256
|
|
357
|
-
bbot/test/test_step_2/module_tests/test_module_paramminer_headers.py,sha256=
|
|
357
|
+
bbot/test/test_step_2/module_tests/test_module_paramminer_cookies.py,sha256=lQZkbaCFh5znw-wDBB2Jz4lCYm0g_AOSPZM_bAhNqbE,2376
|
|
358
|
+
bbot/test/test_step_2/module_tests/test_module_paramminer_getparams.py,sha256=-nQjicpNlwsXWi-SSz8IRUMKnjHpjXtSv3aSwTWbCvM,10077
|
|
359
|
+
bbot/test/test_step_2/module_tests/test_module_paramminer_headers.py,sha256=wutLsVnsL3tk7nIwKb-0xbjvyFlim9rXyCfylt2l-W0,5538
|
|
358
360
|
bbot/test/test_step_2/module_tests/test_module_passivetotal.py,sha256=fTGQECQ0OzcwiH64-0igFRKO-rs3kXScivZord_oWWU,1120
|
|
359
361
|
bbot/test/test_step_2/module_tests/test_module_pgp.py,sha256=-m-nPq6WR5UzPDuxeZbuzBQfFi1QfrZQ8RZH4g11ocE,1609
|
|
360
|
-
bbot/test/test_step_2/module_tests/test_module_portscan.py,sha256=
|
|
362
|
+
bbot/test/test_step_2/module_tests/test_module_portscan.py,sha256=8TZyzlWQcBDFEiArs-wpbsRlVXzwqlE6LjrPx6vctQk,7551
|
|
361
363
|
bbot/test/test_step_2/module_tests/test_module_postgres.py,sha256=6Seqq1Bq2FEXbJnTi_BYv8ZZPWdy-SfnY8UJN24Op0Q,2689
|
|
362
364
|
bbot/test/test_step_2/module_tests/test_module_postman.py,sha256=XvgfMgUhJuVgGkgT-JzxJyevNSVv7YvX1yLKJHmD3dw,5026
|
|
363
365
|
bbot/test/test_step_2/module_tests/test_module_postman_download.py,sha256=B_NajQaGQjwMSmcBCr37_7cvcnw4Zmh8k_hVoWL7bVI,21623
|
|
@@ -412,8 +414,8 @@ bbot/wordlists/raft-small-extensions-lowercase_CLEANED.txt,sha256=ruUQwVfia1_m2u
|
|
|
412
414
|
bbot/wordlists/top_open_ports_nmap.txt,sha256=LmdFYkfapSxn1pVuQC2LkOIY2hMLgG-Xts7DVtYzweM,42727
|
|
413
415
|
bbot/wordlists/valid_url_schemes.txt,sha256=VciB-ww0y-O8Ii1wpTR6rJzGDiC2r-dhVsIJApS1ZYU,3309
|
|
414
416
|
bbot/wordlists/wordninja_dns.txt.gz,sha256=DYHvvfW0TvzrVwyprqODAk4tGOxv5ezNmCPSdPuDUnQ,570241
|
|
415
|
-
bbot-2.3.0.
|
|
416
|
-
bbot-2.3.0.
|
|
417
|
-
bbot-2.3.0.
|
|
418
|
-
bbot-2.3.0.
|
|
419
|
-
bbot-2.3.0.
|
|
417
|
+
bbot-2.3.0.5376rc0.dist-info/LICENSE,sha256=GzeCzK17hhQQDNow0_r0L8OfLpeTKQjFQwBQU7ZUymg,32473
|
|
418
|
+
bbot-2.3.0.5376rc0.dist-info/METADATA,sha256=9IQwlCJ32F6Qp4wPblchHo4XaX41A8BjZOz_3skrnaI,17893
|
|
419
|
+
bbot-2.3.0.5376rc0.dist-info/WHEEL,sha256=Nq82e9rUAnEjt98J6MlVmMCZb-t9cYE2Ir1kpBmnWfs,88
|
|
420
|
+
bbot-2.3.0.5376rc0.dist-info/entry_points.txt,sha256=cWjvcU_lLrzzJgjcjF7yeGuRA_eDS8pQ-kmPUAyOBfo,38
|
|
421
|
+
bbot-2.3.0.5376rc0.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|