bbot 2.3.0.5370rc0__py3-none-any.whl → 2.3.0.5382rc0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of bbot might be problematic. Click here for more details.
- bbot/__init__.py +1 -1
- bbot/cli.py +2 -6
- bbot/core/config/files.py +0 -1
- bbot/core/config/logger.py +1 -1
- bbot/core/core.py +1 -1
- bbot/core/event/base.py +13 -16
- bbot/core/helpers/command.py +4 -4
- bbot/core/helpers/depsinstaller/installer.py +5 -5
- bbot/core/helpers/diff.py +7 -7
- bbot/core/helpers/dns/brute.py +1 -1
- bbot/core/helpers/dns/dns.py +1 -2
- bbot/core/helpers/dns/engine.py +4 -6
- bbot/core/helpers/dns/mock.py +0 -1
- bbot/core/helpers/files.py +1 -1
- bbot/core/helpers/helper.py +3 -1
- bbot/core/helpers/interactsh.py +3 -3
- bbot/core/helpers/libmagic.py +0 -1
- bbot/core/helpers/misc.py +11 -11
- bbot/core/helpers/process.py +0 -2
- bbot/core/helpers/regex.py +1 -1
- bbot/core/helpers/regexes.py +3 -3
- bbot/core/helpers/validators.py +1 -2
- bbot/core/helpers/web/client.py +1 -1
- bbot/core/helpers/web/engine.py +1 -2
- bbot/core/helpers/web/web.py +2 -3
- bbot/core/helpers/wordcloud.py +5 -5
- bbot/core/modules.py +21 -22
- bbot/db/sql/models.py +0 -1
- bbot/modules/azure_tenant.py +2 -2
- bbot/modules/baddns.py +0 -2
- bbot/modules/baddns_direct.py +0 -1
- bbot/modules/base.py +16 -16
- bbot/modules/bypass403.py +5 -5
- bbot/modules/c99.py +1 -1
- bbot/modules/columbus.py +1 -1
- bbot/modules/deadly/ffuf.py +8 -8
- bbot/modules/deadly/nuclei.py +1 -1
- bbot/modules/deadly/vhost.py +3 -3
- bbot/modules/dnsbimi.py +1 -1
- bbot/modules/dnsdumpster.py +2 -2
- bbot/modules/dockerhub.py +1 -1
- bbot/modules/dotnetnuke.py +0 -2
- bbot/modules/extractous.py +1 -1
- bbot/modules/filedownload.py +1 -1
- bbot/modules/generic_ssrf.py +3 -3
- bbot/modules/github_workflows.py +1 -1
- bbot/modules/gowitness.py +7 -7
- bbot/modules/host_header.py +5 -5
- bbot/modules/httpx.py +1 -1
- bbot/modules/iis_shortnames.py +6 -6
- bbot/modules/internal/cloudcheck.py +5 -5
- bbot/modules/internal/dnsresolve.py +7 -7
- bbot/modules/internal/excavate.py +23 -26
- bbot/modules/internal/speculate.py +4 -4
- bbot/modules/ipneighbor.py +1 -1
- bbot/modules/jadx.py +1 -1
- bbot/modules/newsletters.py +2 -2
- bbot/modules/output/asset_inventory.py +6 -6
- bbot/modules/output/base.py +1 -1
- bbot/modules/output/csv.py +1 -1
- bbot/modules/output/stdout.py +2 -2
- bbot/modules/paramminer_headers.py +4 -7
- bbot/modules/portscan.py +3 -3
- bbot/modules/report/asn.py +11 -11
- bbot/modules/robots.py +3 -3
- bbot/modules/securitytxt.py +1 -1
- bbot/modules/sitedossier.py +1 -1
- bbot/modules/social.py +1 -1
- bbot/modules/subdomainradar.py +1 -1
- bbot/modules/telerik.py +7 -7
- bbot/modules/templates/bucket.py +1 -1
- bbot/modules/templates/github.py +1 -1
- bbot/modules/templates/shodan.py +1 -1
- bbot/modules/templates/subdomain_enum.py +1 -1
- bbot/modules/templates/webhook.py +1 -1
- bbot/modules/trufflehog.py +2 -2
- bbot/modules/url_manipulation.py +3 -3
- bbot/modules/urlscan.py +1 -1
- bbot/modules/viewdns.py +1 -1
- bbot/modules/wafw00f.py +1 -1
- bbot/scanner/preset/args.py +10 -11
- bbot/scanner/preset/environ.py +0 -1
- bbot/scanner/preset/preset.py +9 -9
- bbot/scanner/scanner.py +17 -17
- bbot/scanner/target.py +1 -1
- bbot/scripts/docs.py +1 -1
- bbot/test/bbot_fixtures.py +1 -1
- bbot/test/conftest.py +1 -1
- bbot/test/run_tests.sh +4 -4
- bbot/test/test_step_1/test_bbot_fastapi.py +2 -2
- bbot/test/test_step_1/test_cli.py +56 -56
- bbot/test/test_step_1/test_dns.py +15 -15
- bbot/test/test_step_1/test_engine.py +17 -17
- bbot/test/test_step_1/test_events.py +22 -22
- bbot/test/test_step_1/test_helpers.py +26 -26
- bbot/test/test_step_1/test_manager_scope_accuracy.py +306 -306
- bbot/test/test_step_1/test_modules_basic.py +52 -53
- bbot/test/test_step_1/test_presets.py +81 -81
- bbot/test/test_step_1/test_regexes.py +5 -5
- bbot/test/test_step_1/test_scan.py +4 -4
- bbot/test/test_step_1/test_target.py +25 -25
- bbot/test/test_step_1/test_web.py +5 -5
- bbot/test/test_step_2/module_tests/base.py +6 -6
- bbot/test/test_step_2/module_tests/test_module_anubisdb.py +1 -1
- bbot/test/test_step_2/module_tests/test_module_asset_inventory.py +0 -1
- bbot/test/test_step_2/module_tests/test_module_azure_realm.py +1 -1
- bbot/test/test_step_2/module_tests/test_module_baddns.py +6 -6
- bbot/test/test_step_2/module_tests/test_module_baddns_direct.py +2 -4
- bbot/test/test_step_2/module_tests/test_module_bevigil.py +4 -4
- bbot/test/test_step_2/module_tests/test_module_binaryedge.py +2 -2
- bbot/test/test_step_2/module_tests/test_module_bucket_amazon.py +2 -2
- bbot/test/test_step_2/module_tests/test_module_bucket_azure.py +1 -1
- bbot/test/test_step_2/module_tests/test_module_builtwith.py +2 -2
- bbot/test/test_step_2/module_tests/test_module_c99.py +9 -9
- bbot/test/test_step_2/module_tests/test_module_columbus.py +1 -1
- bbot/test/test_step_2/module_tests/test_module_credshed.py +2 -2
- bbot/test/test_step_2/module_tests/test_module_dehashed.py +1 -1
- bbot/test/test_step_2/module_tests/test_module_digitorus.py +1 -1
- bbot/test/test_step_2/module_tests/test_module_dnsbrute.py +8 -9
- bbot/test/test_step_2/module_tests/test_module_dnsbrute_mutations.py +0 -1
- bbot/test/test_step_2/module_tests/test_module_dnscommonsrv.py +0 -1
- bbot/test/test_step_2/module_tests/test_module_dnsdumpster.py +2 -2
- bbot/test/test_step_2/module_tests/test_module_dotnetnuke.py +0 -2
- bbot/test/test_step_2/module_tests/test_module_excavate.py +10 -30
- bbot/test/test_step_2/module_tests/test_module_extractous.py +9 -9
- bbot/test/test_step_2/module_tests/test_module_filedownload.py +14 -14
- bbot/test/test_step_2/module_tests/test_module_git_clone.py +2 -2
- bbot/test/test_step_2/module_tests/test_module_gowitness.py +4 -4
- bbot/test/test_step_2/module_tests/test_module_host_header.py +1 -1
- bbot/test/test_step_2/module_tests/test_module_http.py +4 -4
- bbot/test/test_step_2/module_tests/test_module_httpx.py +7 -7
- bbot/test/test_step_2/module_tests/test_module_leakix.py +2 -2
- bbot/test/test_step_2/module_tests/test_module_myssl.py +1 -1
- bbot/test/test_step_2/module_tests/test_module_neo4j.py +1 -1
- bbot/test/test_step_2/module_tests/test_module_newsletters.py +6 -6
- bbot/test/test_step_2/module_tests/test_module_ntlm.py +7 -7
- bbot/test/test_step_2/module_tests/test_module_oauth.py +1 -1
- bbot/test/test_step_2/module_tests/test_module_otx.py +1 -1
- bbot/test/test_step_2/module_tests/test_module_paramminer_cookies.py +1 -2
- bbot/test/test_step_2/module_tests/test_module_paramminer_getparams.py +0 -6
- bbot/test/test_step_2/module_tests/test_module_paramminer_headers.py +2 -9
- bbot/test/test_step_2/module_tests/test_module_portscan.py +3 -4
- bbot/test/test_step_2/module_tests/test_module_postgres.py +1 -1
- bbot/test/test_step_2/module_tests/test_module_rapiddns.py +9 -9
- bbot/test/test_step_2/module_tests/test_module_sitedossier.py +2 -2
- bbot/test/test_step_2/module_tests/test_module_smuggler.py +1 -1
- bbot/test/test_step_2/module_tests/test_module_speculate.py +2 -6
- bbot/test/test_step_2/module_tests/test_module_splunk.py +4 -4
- bbot/test/test_step_2/module_tests/test_module_subdomaincenter.py +1 -1
- bbot/test/test_step_2/module_tests/test_module_subdomains.py +1 -1
- bbot/test/test_step_2/module_tests/test_module_trufflehog.py +2 -2
- bbot/test/test_step_2/module_tests/test_module_wayback.py +1 -1
- {bbot-2.3.0.5370rc0.dist-info → bbot-2.3.0.5382rc0.dist-info}/METADATA +2 -2
- {bbot-2.3.0.5370rc0.dist-info → bbot-2.3.0.5382rc0.dist-info}/RECORD +157 -157
- {bbot-2.3.0.5370rc0.dist-info → bbot-2.3.0.5382rc0.dist-info}/LICENSE +0 -0
- {bbot-2.3.0.5370rc0.dist-info → bbot-2.3.0.5382rc0.dist-info}/WHEEL +0 -0
- {bbot-2.3.0.5370rc0.dist-info → bbot-2.3.0.5382rc0.dist-info}/entry_points.txt +0 -0
|
@@ -5,7 +5,7 @@ class TestMySSL(ModuleTestBase):
|
|
|
5
5
|
async def setup_after_prep(self, module_test):
|
|
6
6
|
module_test.module.abort_if = lambda e: False
|
|
7
7
|
module_test.httpx_mock.add_response(
|
|
8
|
-
url=
|
|
8
|
+
url="https://myssl.com/api/v1/discover_sub_domain?domain=blacklanternsecurity.com",
|
|
9
9
|
json={
|
|
10
10
|
"code": 0,
|
|
11
11
|
"data": [
|
|
@@ -33,11 +33,11 @@ class TestNewsletters(ModuleTestBase):
|
|
|
33
33
|
"""
|
|
34
34
|
|
|
35
35
|
async def setup_after_prep(self, module_test):
|
|
36
|
-
request_args =
|
|
37
|
-
respond_args =
|
|
36
|
+
request_args = {"uri": "/found", "headers": {"test": "header"}}
|
|
37
|
+
respond_args = {"response_data": self.html_with_newsletter}
|
|
38
38
|
module_test.set_expect_requests(request_args, respond_args)
|
|
39
|
-
request_args =
|
|
40
|
-
respond_args =
|
|
39
|
+
request_args = {"uri": "/missing", "headers": {"test": "header"}}
|
|
40
|
+
respond_args = {"response_data": self.html_without_newsletter}
|
|
41
41
|
module_test.set_expect_requests(request_args, respond_args)
|
|
42
42
|
|
|
43
43
|
def check(self, module_test, events):
|
|
@@ -53,5 +53,5 @@ class TestNewsletters(ModuleTestBase):
|
|
|
53
53
|
# Verify Negative Result (should skip this statement if correct)
|
|
54
54
|
elif event.data["url"] == self.missing_tgt:
|
|
55
55
|
missing = False
|
|
56
|
-
assert found,
|
|
57
|
-
assert missing,
|
|
56
|
+
assert found, "NEWSLETTER 'Found' Error - Expect status of True but got False"
|
|
57
|
+
assert missing, "NEWSLETTER 'Missing' Error - Expect status of True but got False"
|
|
@@ -7,16 +7,16 @@ class TestNTLM(ModuleTestBase):
|
|
|
7
7
|
config_overrides = {"modules": {"ntlm": {"try_all": True}}}
|
|
8
8
|
|
|
9
9
|
async def setup_after_prep(self, module_test):
|
|
10
|
-
request_args =
|
|
10
|
+
request_args = {"uri": "/", "headers": {"test": "header"}}
|
|
11
11
|
module_test.set_expect_requests(request_args, {})
|
|
12
|
-
request_args =
|
|
13
|
-
uri
|
|
14
|
-
|
|
15
|
-
respond_args =
|
|
16
|
-
headers
|
|
12
|
+
request_args = {
|
|
13
|
+
"uri": "/oab/", "headers": {"Authorization": "NTLM TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAKAGFKAAAADw=="}
|
|
14
|
+
}
|
|
15
|
+
respond_args = {
|
|
16
|
+
"headers": {
|
|
17
17
|
"WWW-Authenticate": "NTLM TlRMTVNTUAACAAAABgAGADgAAAAVgoni89aZT4Q0mH0AAAAAAAAAAHYAdgA+AAAABgGxHQAAAA9WAE4ATwACAAYAVgBOAE8AAQAKAEUAWABDADAAMQAEABIAdgBuAG8ALgBsAG8AYwBhAGwAAwAeAEUAWABDADAAMQAuAHYAbgBvAC4AbABvAGMAYQBsAAUAEgB2AG4AbwAuAGwAbwBjAGEAbAAHAAgAXxo0p/6L2QEAAAAA"
|
|
18
18
|
}
|
|
19
|
-
|
|
19
|
+
}
|
|
20
20
|
module_test.set_expect_requests(request_args, respond_args)
|
|
21
21
|
|
|
22
22
|
def check(self, module_test, events):
|
|
@@ -167,7 +167,7 @@ class TestOAUTH(ModuleTestBase):
|
|
|
167
167
|
async def setup_after_prep(self, module_test):
|
|
168
168
|
await module_test.mock_dns({"evilcorp.com": {"A": ["127.0.0.1"]}})
|
|
169
169
|
module_test.httpx_mock.add_response(
|
|
170
|
-
url=
|
|
170
|
+
url="https://login.microsoftonline.com/getuserrealm.srf?login=test@evilcorp.com",
|
|
171
171
|
json=Azure_Realm.response_json,
|
|
172
172
|
)
|
|
173
173
|
module_test.httpx_mock.add_response(
|
|
@@ -4,7 +4,7 @@ from .base import ModuleTestBase
|
|
|
4
4
|
class TestOTX(ModuleTestBase):
|
|
5
5
|
async def setup_after_prep(self, module_test):
|
|
6
6
|
module_test.httpx_mock.add_response(
|
|
7
|
-
url=
|
|
7
|
+
url="https://otx.alienvault.com/api/v1/indicators/domain/blacklanternsecurity.com/passive_dns",
|
|
8
8
|
json={
|
|
9
9
|
"passive_dns": [
|
|
10
10
|
{
|
|
@@ -28,7 +28,7 @@ class TestParamminer_Cookies(Paramminer_Headers):
|
|
|
28
28
|
module_test.monkeypatch.setattr(
|
|
29
29
|
helper.HttpCompare, "gen_cache_buster", lambda *args, **kwargs: {"AAAAAA": "1"}
|
|
30
30
|
)
|
|
31
|
-
expect_args =
|
|
31
|
+
expect_args = {"headers": {"Cookie": "admincookie=AAAAAAAAAAAAAA"}}
|
|
32
32
|
respond_args = {"response_data": self.cookies_body_match}
|
|
33
33
|
module_test.set_expect_requests(expect_args=expect_args, respond_args=respond_args)
|
|
34
34
|
|
|
@@ -36,7 +36,6 @@ class TestParamminer_Cookies(Paramminer_Headers):
|
|
|
36
36
|
module_test.set_expect_requests(respond_args=respond_args)
|
|
37
37
|
|
|
38
38
|
def check(self, module_test, events):
|
|
39
|
-
|
|
40
39
|
found_reflected_cookie = False
|
|
41
40
|
false_positive_match = False
|
|
42
41
|
|
|
@@ -89,7 +89,6 @@ class TestParamminer_Getparams_boring_off(TestParamminer_Getparams):
|
|
|
89
89
|
module_test.set_expect_requests(respond_args=respond_args)
|
|
90
90
|
|
|
91
91
|
def check(self, module_test, events):
|
|
92
|
-
|
|
93
92
|
emitted_boring_parameter = False
|
|
94
93
|
for e in events:
|
|
95
94
|
if e.type == "WEB_PARAMETER":
|
|
@@ -106,7 +105,6 @@ class TestParamminer_Getparams_boring_on(TestParamminer_Getparams_boring_off):
|
|
|
106
105
|
}
|
|
107
106
|
|
|
108
107
|
def check(self, module_test, events):
|
|
109
|
-
|
|
110
108
|
emitted_boring_parameter = False
|
|
111
109
|
|
|
112
110
|
for e in events:
|
|
@@ -160,15 +158,12 @@ class TestParamminer_Getparams_finish(Paramminer_Headers):
|
|
|
160
158
|
module_test.set_expect_requests(expect_args=expect_args, respond_args=respond_args)
|
|
161
159
|
|
|
162
160
|
def check(self, module_test, events):
|
|
163
|
-
|
|
164
161
|
excavate_extracted_web_parameter = False
|
|
165
162
|
found_hidden_getparam_recycled = False
|
|
166
163
|
emitted_excavate_paramminer_duplicate = False
|
|
167
164
|
|
|
168
165
|
for e in events:
|
|
169
|
-
|
|
170
166
|
if e.type == "WEB_PARAMETER":
|
|
171
|
-
|
|
172
167
|
if (
|
|
173
168
|
"http://127.0.0.1:8888/test2.php" in e.data["url"]
|
|
174
169
|
and "HTTP Extracted Parameter [abcd1234] (HTML Tags Submodule)" in e.data["description"]
|
|
@@ -213,7 +208,6 @@ class TestParamminer_Getparams_xmlspeculative(Paramminer_Headers):
|
|
|
213
208
|
"""
|
|
214
209
|
|
|
215
210
|
async def setup_after_prep(self, module_test):
|
|
216
|
-
|
|
217
211
|
module_test.scan.modules["paramminer_getparams"].rand_string = lambda *args, **kwargs: "AAAAAAAAAAAAAA"
|
|
218
212
|
module_test.monkeypatch.setattr(
|
|
219
213
|
helper.HttpCompare, "gen_cache_buster", lambda *args, **kwargs: {"AAAAAA": "1"}
|
|
@@ -31,7 +31,7 @@ class Paramminer_Headers(ModuleTestBase):
|
|
|
31
31
|
module_test.monkeypatch.setattr(
|
|
32
32
|
helper.HttpCompare, "gen_cache_buster", lambda *args, **kwargs: {"AAAAAA": "1"}
|
|
33
33
|
)
|
|
34
|
-
expect_args =
|
|
34
|
+
expect_args = {"headers": {"tracestate": "AAAAAAAAAAAAAA"}}
|
|
35
35
|
respond_args = {"response_data": self.headers_body_match}
|
|
36
36
|
module_test.set_expect_requests(expect_args=expect_args, respond_args=respond_args)
|
|
37
37
|
|
|
@@ -39,7 +39,6 @@ class Paramminer_Headers(ModuleTestBase):
|
|
|
39
39
|
module_test.set_expect_requests(respond_args=respond_args)
|
|
40
40
|
|
|
41
41
|
def check(self, module_test, events):
|
|
42
|
-
|
|
43
42
|
found_reflected_header = False
|
|
44
43
|
false_positive_match = False
|
|
45
44
|
|
|
@@ -60,7 +59,6 @@ class TestParamminer_Headers(Paramminer_Headers):
|
|
|
60
59
|
|
|
61
60
|
|
|
62
61
|
class TestParamminer_Headers_noreflection(Paramminer_Headers):
|
|
63
|
-
|
|
64
62
|
found_nonreflected_header = False
|
|
65
63
|
|
|
66
64
|
headers_body_match = """
|
|
@@ -82,7 +80,6 @@ class TestParamminer_Headers_noreflection(Paramminer_Headers):
|
|
|
82
80
|
|
|
83
81
|
|
|
84
82
|
class TestParamminer_Headers_extract(Paramminer_Headers):
|
|
85
|
-
|
|
86
83
|
modules_overrides = ["httpx", "paramminer_headers", "excavate"]
|
|
87
84
|
config_overrides = {
|
|
88
85
|
"modules": {
|
|
@@ -115,7 +112,7 @@ class TestParamminer_Headers_extract(Paramminer_Headers):
|
|
|
115
112
|
module_test.monkeypatch.setattr(
|
|
116
113
|
helper.HttpCompare, "gen_cache_buster", lambda *args, **kwargs: {"AAAAAA": "1"}
|
|
117
114
|
)
|
|
118
|
-
expect_args =
|
|
115
|
+
expect_args = {"headers": {"foo": "AAAAAAAAAAAAAA"}}
|
|
119
116
|
respond_args = {"response_data": self.headers_body_match}
|
|
120
117
|
module_test.set_expect_requests(expect_args=expect_args, respond_args=respond_args)
|
|
121
118
|
|
|
@@ -123,7 +120,6 @@ class TestParamminer_Headers_extract(Paramminer_Headers):
|
|
|
123
120
|
module_test.set_expect_requests(respond_args=respond_args)
|
|
124
121
|
|
|
125
122
|
def check(self, module_test, events):
|
|
126
|
-
|
|
127
123
|
excavate_extracted_web_parameter = False
|
|
128
124
|
used_recycled_parameter = False
|
|
129
125
|
|
|
@@ -139,17 +135,14 @@ class TestParamminer_Headers_extract(Paramminer_Headers):
|
|
|
139
135
|
|
|
140
136
|
|
|
141
137
|
class TestParamminer_Headers_extract_norecycle(TestParamminer_Headers_extract):
|
|
142
|
-
|
|
143
138
|
modules_overrides = ["httpx", "excavate"]
|
|
144
139
|
config_overrides = {}
|
|
145
140
|
|
|
146
141
|
async def setup_after_prep(self, module_test):
|
|
147
|
-
|
|
148
142
|
respond_args = {"response_data": self.headers_body}
|
|
149
143
|
module_test.set_expect_requests(respond_args=respond_args)
|
|
150
144
|
|
|
151
145
|
def check(self, module_test, events):
|
|
152
|
-
|
|
153
146
|
excavate_extracted_web_parameter = False
|
|
154
147
|
|
|
155
148
|
for e in events:
|
|
@@ -21,7 +21,6 @@ class TestPortscan(ModuleTestBase):
|
|
|
21
21
|
masscan_output_ping = """{ "ip": "8.8.8.8", "timestamp": "1719862594", "ports": [ {"port": 0, "proto": "icmp", "status": "open", "reason": "none", "ttl": 54} ] }"""
|
|
22
22
|
|
|
23
23
|
async def setup_after_prep(self, module_test):
|
|
24
|
-
|
|
25
24
|
from bbot.modules.base import BaseModule
|
|
26
25
|
|
|
27
26
|
class DummyModule(BaseModule):
|
|
@@ -123,7 +122,7 @@ class TestPortscan(ModuleTestBase):
|
|
|
123
122
|
assert 1 == len([e for e in events if e.type == "OPEN_TCP_PORT" and e.data == "asdf.evilcorp.net:80"])
|
|
124
123
|
assert 1 == len([e for e in events if e.type == "OPEN_TCP_PORT" and e.data == "dummy.asdf.evilcorp.net:80"])
|
|
125
124
|
assert 1 == len([e for e in events if e.type == "OPEN_TCP_PORT" and e.data == "dummy.evilcorp.com:631"])
|
|
126
|
-
assert not any(
|
|
125
|
+
assert not any(e for e in events if e.type == "OPEN_TCP_PORT" and e.host == "dummy.www.evilcorp.com")
|
|
127
126
|
|
|
128
127
|
|
|
129
128
|
class TestPortscanPingFirst(TestPortscan):
|
|
@@ -137,7 +136,7 @@ class TestPortscanPingFirst(TestPortscan):
|
|
|
137
136
|
assert self.ping_runs == 1
|
|
138
137
|
open_port_events = [e for e in events if e.type == "OPEN_TCP_PORT"]
|
|
139
138
|
assert len(open_port_events) == 3
|
|
140
|
-
assert
|
|
139
|
+
assert {e.data for e in open_port_events} == {"8.8.8.8:443", "evilcorp.com:443", "www.evilcorp.com:443"}
|
|
141
140
|
|
|
142
141
|
|
|
143
142
|
class TestPortscanPingOnly(TestPortscan):
|
|
@@ -155,4 +154,4 @@ class TestPortscanPingOnly(TestPortscan):
|
|
|
155
154
|
assert len(open_port_events) == 0
|
|
156
155
|
ip_events = [e for e in events if e.type == "IP_ADDRESS"]
|
|
157
156
|
assert len(ip_events) == 1
|
|
158
|
-
assert
|
|
157
|
+
assert {e.data for e in ip_events} == {"8.8.8.8"}
|
|
@@ -48,7 +48,7 @@ class TestPostgres(ModuleTestBase):
|
|
|
48
48
|
await asyncio.sleep(1)
|
|
49
49
|
|
|
50
50
|
if process.returncode != 0:
|
|
51
|
-
self.log.error(
|
|
51
|
+
self.log.error("Failed to start PostgreSQL server")
|
|
52
52
|
|
|
53
53
|
async def check(self, module_test, events):
|
|
54
54
|
import asyncpg
|
|
@@ -11,7 +11,7 @@ class TestRapidDNS(ModuleTestBase):
|
|
|
11
11
|
async def setup_after_prep(self, module_test):
|
|
12
12
|
module_test.module.abort_if = lambda e: False
|
|
13
13
|
module_test.httpx_mock.add_response(
|
|
14
|
-
url=
|
|
14
|
+
url="https://rapiddns.io/subdomain/blacklanternsecurity.com?full=1#result", text=self.web_body
|
|
15
15
|
)
|
|
16
16
|
|
|
17
17
|
def check(self, module_test, events):
|
|
@@ -45,10 +45,10 @@ class TestRapidDNSAbortThreshold1(TestRapidDNS):
|
|
|
45
45
|
|
|
46
46
|
def check(self, module_test, events):
|
|
47
47
|
assert module_test.module.api_failure_abort_threshold == 10
|
|
48
|
-
assert module_test.module.errored
|
|
48
|
+
assert module_test.module.errored is False
|
|
49
49
|
assert module_test.module._api_request_failures == 3
|
|
50
50
|
assert module_test.module.api_retries == 3
|
|
51
|
-
assert
|
|
51
|
+
assert {e.data for e in events if e.type == "DNS_NAME"} == {"blacklanternsecurity.com"}
|
|
52
52
|
assert self.url_count == {
|
|
53
53
|
"https://rapiddns.io/subdomain/blacklanternsecurity.com?full=1#result": 3,
|
|
54
54
|
}
|
|
@@ -59,10 +59,10 @@ class TestRapidDNSAbortThreshold2(TestRapidDNSAbortThreshold1):
|
|
|
59
59
|
|
|
60
60
|
def check(self, module_test, events):
|
|
61
61
|
assert module_test.module.api_failure_abort_threshold == 10
|
|
62
|
-
assert module_test.module.errored
|
|
62
|
+
assert module_test.module.errored is False
|
|
63
63
|
assert module_test.module._api_request_failures == 6
|
|
64
64
|
assert module_test.module.api_retries == 3
|
|
65
|
-
assert
|
|
65
|
+
assert {e.data for e in events if e.type == "DNS_NAME"} == {"blacklanternsecurity.com", "evilcorp.com"}
|
|
66
66
|
assert self.url_count == {
|
|
67
67
|
"https://rapiddns.io/subdomain/blacklanternsecurity.com?full=1#result": 3,
|
|
68
68
|
"https://rapiddns.io/subdomain/evilcorp.com?full=1#result": 3,
|
|
@@ -74,10 +74,10 @@ class TestRapidDNSAbortThreshold3(TestRapidDNSAbortThreshold1):
|
|
|
74
74
|
|
|
75
75
|
def check(self, module_test, events):
|
|
76
76
|
assert module_test.module.api_failure_abort_threshold == 10
|
|
77
|
-
assert module_test.module.errored
|
|
77
|
+
assert module_test.module.errored is False
|
|
78
78
|
assert module_test.module._api_request_failures == 9
|
|
79
79
|
assert module_test.module.api_retries == 3
|
|
80
|
-
assert
|
|
80
|
+
assert {e.data for e in events if e.type == "DNS_NAME"} == {
|
|
81
81
|
"blacklanternsecurity.com",
|
|
82
82
|
"evilcorp.com",
|
|
83
83
|
"evilcorp.net",
|
|
@@ -94,10 +94,10 @@ class TestRapidDNSAbortThreshold4(TestRapidDNSAbortThreshold1):
|
|
|
94
94
|
|
|
95
95
|
def check(self, module_test, events):
|
|
96
96
|
assert module_test.module.api_failure_abort_threshold == 10
|
|
97
|
-
assert module_test.module.errored
|
|
97
|
+
assert module_test.module.errored is True
|
|
98
98
|
assert module_test.module._api_request_failures == 10
|
|
99
99
|
assert module_test.module.api_retries == 3
|
|
100
|
-
assert
|
|
100
|
+
assert {e.data for e in events if e.type == "DNS_NAME"} == {
|
|
101
101
|
"blacklanternsecurity.com",
|
|
102
102
|
"evilcorp.com",
|
|
103
103
|
"evilcorp.net",
|
|
@@ -136,11 +136,11 @@ class TestSitedossier(ModuleTestBase):
|
|
|
136
136
|
}
|
|
137
137
|
)
|
|
138
138
|
module_test.httpx_mock.add_response(
|
|
139
|
-
url=
|
|
139
|
+
url="http://www.sitedossier.com/parentdomain/evilcorp.com",
|
|
140
140
|
text=page1,
|
|
141
141
|
)
|
|
142
142
|
module_test.httpx_mock.add_response(
|
|
143
|
-
url=
|
|
143
|
+
url="http://www.sitedossier.com/parentdomain/evilcorp.com/101",
|
|
144
144
|
text=page2,
|
|
145
145
|
)
|
|
146
146
|
|
|
@@ -39,7 +39,7 @@ class TestSmuggler(ModuleTestBase):
|
|
|
39
39
|
old_run_live = module_test.scan.helpers.run_live
|
|
40
40
|
|
|
41
41
|
async def smuggler_mock_run_live(*command, **kwargs):
|
|
42
|
-
if
|
|
42
|
+
if "smuggler" not in command[0][1]:
|
|
43
43
|
async for l in old_run_live(*command, **kwargs):
|
|
44
44
|
yield l
|
|
45
45
|
else:
|
|
@@ -62,10 +62,8 @@ class TestSpeculate_OpenPorts(ModuleTestBase):
|
|
|
62
62
|
for e in module_test.scan.modules["dummy"].events:
|
|
63
63
|
events_data.add(e.data)
|
|
64
64
|
assert all(
|
|
65
|
-
|
|
66
|
-
x in events_data
|
|
65
|
+
x in events_data
|
|
67
66
|
for x in ("evilcorp.com:80", "evilcorp.com:443", "asdf.evilcorp.com:80", "asdf.evilcorp.com:443")
|
|
68
|
-
]
|
|
69
67
|
)
|
|
70
68
|
|
|
71
69
|
|
|
@@ -79,8 +77,6 @@ class TestSpeculate_OpenPorts_Portscanner(TestSpeculate_OpenPorts):
|
|
|
79
77
|
for e in module_test.scan.modules["dummy"].events:
|
|
80
78
|
events_data.add(e.data)
|
|
81
79
|
assert not any(
|
|
82
|
-
|
|
83
|
-
x in events_data
|
|
80
|
+
x in events_data
|
|
84
81
|
for x in ("evilcorp.com:80", "evilcorp.com:443", "asdf.evilcorp.com:80", "asdf.evilcorp.com:443")
|
|
85
|
-
]
|
|
86
82
|
)
|
|
@@ -52,7 +52,7 @@ class TestSplunk(ModuleTestBase):
|
|
|
52
52
|
module_test.httpx_mock.add_response()
|
|
53
53
|
|
|
54
54
|
def check(self, module_test, events):
|
|
55
|
-
assert self.got_event
|
|
56
|
-
assert self.headers_correct
|
|
57
|
-
assert self.method_correct
|
|
58
|
-
assert self.url_correct
|
|
55
|
+
assert self.got_event is True
|
|
56
|
+
assert self.headers_correct is True
|
|
57
|
+
assert self.method_correct is True
|
|
58
|
+
assert self.url_correct is True
|
|
@@ -4,7 +4,7 @@ from .base import ModuleTestBase
|
|
|
4
4
|
class TestSubdomainCenter(ModuleTestBase):
|
|
5
5
|
async def setup_after_prep(self, module_test):
|
|
6
6
|
module_test.httpx_mock.add_response(
|
|
7
|
-
url=
|
|
7
|
+
url="https://api.subdomain.center/?domain=blacklanternsecurity.com",
|
|
8
8
|
json=["asdf.blacklanternsecurity.com", "zzzz.blacklanternsecurity.com"],
|
|
9
9
|
)
|
|
10
10
|
|
|
@@ -6,7 +6,7 @@ class TestSubdomains(ModuleTestBase):
|
|
|
6
6
|
|
|
7
7
|
async def setup_after_prep(self, module_test):
|
|
8
8
|
module_test.httpx_mock.add_response(
|
|
9
|
-
url=
|
|
9
|
+
url="https://api.subdomain.center/?domain=blacklanternsecurity.com",
|
|
10
10
|
json=["asdfasdf.blacklanternsecurity.com", "zzzzzzzz.blacklanternsecurity.com"],
|
|
11
11
|
)
|
|
12
12
|
|
|
@@ -1144,7 +1144,7 @@ class TestTrufflehog(ModuleTestBase):
|
|
|
1144
1144
|
assert content == self.file_content, "File content doesn't match"
|
|
1145
1145
|
filesystem_events = [e.parent for e in vuln_events]
|
|
1146
1146
|
assert len(filesystem_events) == 4
|
|
1147
|
-
assert all(
|
|
1147
|
+
assert all(e.type == "FILESYSTEM" for e in filesystem_events)
|
|
1148
1148
|
assert 1 == len(
|
|
1149
1149
|
[
|
|
1150
1150
|
e
|
|
@@ -1206,7 +1206,7 @@ class TestTrufflehog_NonVerified(TestTrufflehog):
|
|
|
1206
1206
|
assert content == self.file_content, "File content doesn't match"
|
|
1207
1207
|
filesystem_events = [e.parent for e in finding_events]
|
|
1208
1208
|
assert len(filesystem_events) == 4
|
|
1209
|
-
assert all(
|
|
1209
|
+
assert all(e.type == "FILESYSTEM" for e in filesystem_events)
|
|
1210
1210
|
assert 1 == len(
|
|
1211
1211
|
[
|
|
1212
1212
|
e
|
|
@@ -4,7 +4,7 @@ from .base import ModuleTestBase
|
|
|
4
4
|
class TestWayback(ModuleTestBase):
|
|
5
5
|
async def setup_after_prep(self, module_test):
|
|
6
6
|
module_test.httpx_mock.add_response(
|
|
7
|
-
url=
|
|
7
|
+
url="http://web.archive.org/cdx/search/cdx?url=blacklanternsecurity.com&matchType=domain&output=json&fl=original&collapse=original",
|
|
8
8
|
json=[["original"], ["http://asdf.blacklanternsecurity.com"]],
|
|
9
9
|
)
|
|
10
10
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: bbot
|
|
3
|
-
Version: 2.3.0.
|
|
3
|
+
Version: 2.3.0.5382rc0
|
|
4
4
|
Summary: OSINT automation for hackers.
|
|
5
5
|
Home-page: https://github.com/blacklanternsecurity/bbot
|
|
6
6
|
License: GPL-3.0
|
|
@@ -54,7 +54,7 @@ Description-Content-Type: text/markdown
|
|
|
54
54
|
|
|
55
55
|
[](https://github.com/blacklanternsecurity/bbot)
|
|
56
56
|
|
|
57
|
-
[](https://www.python.org) [](https://github.com/blacklanternsecurity/bbot/blob/dev/LICENSE) [](https://www.reconvillage.org/talks) [](https://pepy.tech/project/bbot) [](https://www.python.org) [](https://github.com/blacklanternsecurity/bbot/blob/dev/LICENSE) [](https://www.reconvillage.org/talks) [](https://pepy.tech/project/bbot) [](https://github.com/astral-sh/ruff) [](https://github.com/blacklanternsecurity/bbot/actions?query=workflow%3A"tests") [](https://codecov.io/gh/blacklanternsecurity/bbot) [](https://discord.com/invite/PZqkgxu5SA)
|
|
58
58
|
|
|
59
59
|
### **BEE·bot** is a multipurpose scanner inspired by [Spiderfoot](https://github.com/smicallef/spiderfoot), built to automate your **Recon**, **Bug Bounties**, and **ASM**!
|
|
60
60
|
|