bbot 2.3.0.5376rc0__py3-none-any.whl → 2.3.0.5384rc0__py3-none-any.whl

bbot/modules/iis_shortnames.py

@@ -39,7 +39,7 @@ class iis_shortnames(BaseModule):
         test_url = f"{target}*~1*/a.aspx"
 
         for method in ["GET", "POST", "OPTIONS", "DEBUG", "HEAD", "TRACE"]:
-            kwargs = dict(method=method, allow_redirects=False, timeout=10)
+            kwargs = {"method": method, "allow_redirects": False, "timeout": 10}
             confirmations = 0
             iterations = 5  # one failed detection is tolerated, as long as its not the first run
             while iterations > 0:
@@ -128,7 +128,7 @@ class iis_shortnames(BaseModule):
         suffix = "/a.aspx"
 
         urls_and_kwargs = []
-        kwargs = dict(method=method, allow_redirects=False, retries=2, timeout=10)
+        kwargs = {"method": method, "allow_redirects": False, "retries": 2, "timeout": 10}
         for c in valid_chars:
             for file_part in ("stem", "ext"):
                 payload = encode_all(f"*{c}*~1*")
@@ -160,7 +160,7 @@ class iis_shortnames(BaseModule):
         url_hint_list = []
         found_results = False
 
-        cl = ext_char_list if extension_mode == True else char_list
+        cl = ext_char_list if extension_mode is True else char_list
 
         urls_and_kwargs = []
 
@@ -169,7 +169,7 @@ class iis_shortnames(BaseModule):
             wildcard = "*" if extension_mode else "*~1*"
             payload = encode_all(f"{prefix}{c}{wildcard}")
             url = f"{target}{payload}{suffix}"
-            kwargs = dict(method=method)
+            kwargs = {"method": method}
             urls_and_kwargs.append((url, kwargs, c))
 
         async for url, kwargs, c, response in self.helpers.request_custom_batch(urls_and_kwargs):
@@ -209,7 +209,7 @@ class iis_shortnames(BaseModule):
                         extension_mode,
                         node_count=node_count,
                     )
-        if len(prefix) > 0 and found_results == False:
+        if len(prefix) > 0 and found_results is False:
             url_hint_list.append(f"{prefix}")
             self.verbose(f"Found new (possibly partial) URL_HINT: {prefix} from node {target}")
         return url_hint_list
@@ -234,7 +234,7 @@ class iis_shortnames(BaseModule):
                 {"severity": "LOW", "host": str(event.host), "url": normalized_url, "description": description},
                 "VULNERABILITY",
                 event,
-                context=f"{{module}} detected low {{event.type}}: IIS shortname enumeration",
+                context="{module} detected low {event.type}: IIS shortname enumeration",
             )
             if not self.config.get("detect_only"):
                 for detection in detections:

bbot/modules/internal/cloudcheck.py

@@ -15,7 +15,7 @@ class CloudCheck(BaseInterceptModule):
 
     def make_dummy_modules(self):
         self.dummy_modules = {}
-        for provider_name, provider in self.helpers.cloud.providers.items():
+        for provider_name in self.helpers.cloud.providers.keys():
             module = self.scan._make_dummy_module(f"cloud_{provider_name}", _type="scan")
             module.default_discovery_context = "{module} derived {event.type}: {event.host}"
             self.dummy_modules[provider_name] = module
@@ -56,9 +56,9 @@ class CloudCheck(BaseInterceptModule):
         # loop through each provider
         for provider in self.helpers.cloud.providers.values():
             provider_name = provider.name.lower()
-            base_kwargs = dict(
-                parent=event, tags=[f"{provider.provider_type}-{provider_name}"], _provider=provider_name
-            )
+            base_kwargs = {
+                "parent": event, "tags": [f"{provider.provider_type}-{provider_name}"], "_provider": provider_name
+            }
             # loop through the provider's regex signatures, if any
             for event_type, sigs in provider.signatures.items():
                 if event_type != "STORAGE_BUCKET":
@@ -74,7 +74,7 @@ class CloudCheck(BaseInterceptModule):
                             if match:
                                 matches.append(match.groups())
                     for match in matches:
-                        if not match in found:
+                        if match not in found:
                             found.add(match)
 
                             _kwargs = dict(base_kwargs)

bbot/modules/internal/dnsresolve.py

@@ -131,9 +131,9 @@ class DNSResolve(BaseInterceptModule):
             event.host, rdtypes=rdtypes, raw_dns_records=event.raw_dns_records
         )
         for rdtype, (is_wildcard, wildcard_host) in wildcard_rdtypes.items():
-            if is_wildcard == False:
+            if is_wildcard is False:
                 continue
-            elif is_wildcard == True:
+            elif is_wildcard is True:
                 event.add_tag("wildcard")
                 wildcard_tag = "wildcard"
             else:
@@ -142,16 +142,16 @@ class DNSResolve(BaseInterceptModule):
             event.add_tag(f"{rdtype}-{wildcard_tag}")
 
         # wildcard event modification (www.evilcorp.com --> _wildcard.evilcorp.com)
-        if wildcard_rdtypes and not "target" in event.tags:
+        if wildcard_rdtypes and "target" not in event.tags:
             # these are the rdtypes that have wildcards
             wildcard_rdtypes_set = set(wildcard_rdtypes)
             # consider the event a full wildcard if all its records are wildcards
             event_is_wildcard = False
             if wildcard_rdtypes_set:
-                event_is_wildcard = all(r[0] == True for r in wildcard_rdtypes.values())
+                event_is_wildcard = all(r[0] is True for r in wildcard_rdtypes.values())
 
             if event_is_wildcard:
-                if event.type in ("DNS_NAME",) and not "_wildcard" in event.data.split("."):
+                if event.type in ("DNS_NAME",) and "_wildcard" not in event.data.split("."):
                     wildcard_parent = self.helpers.parent_domain(event.host)
                     for rdtype, (_is_wildcard, _parent_domain) in wildcard_rdtypes.items():
                         if _is_wildcard:
@@ -273,7 +273,7 @@ class DNSResolve(BaseInterceptModule):
         # tag event with errors
         for rdtype, errors in dns_errors.items():
             # only consider it an error if there weren't any results for that rdtype
-            if errors and not rdtype in event.dns_children:
+            if errors and rdtype not in event.dns_children:
                 event.add_tag(f"{rdtype}-error")
 
     def get_dns_parent(self, event):
@@ -307,7 +307,7 @@ class DNSResolve(BaseInterceptModule):
     def emit_raw_records(self):
         if self._emit_raw_records is None:
             watching_raw_records = any(
-                ["RAW_DNS_RECORD" in m.get_watched_events() for m in self.scan.modules.values()]
+                "RAW_DNS_RECORD" in m.get_watched_events() for m in self.scan.modules.values()
             )
             omitted_event_types = self.scan.config.get("omit_event_types", [])
             omit_raw_records = "RAW_DNS_RECORD" in omitted_event_types

bbot/modules/internal/excavate.py

@@ -153,7 +153,7 @@ class ExcavateRule:
         yara_results = {}
         for h in r.strings:
             yara_results[h.identifier.lstrip("$")] = sorted(
-                set([i.matched_data.decode("utf-8", errors="ignore") for i in h.instances])
+                {i.matched_data.decode("utf-8", errors="ignore") for i in h.instances}
             )
         await self.process(yara_results, event, yara_rule_settings, discovery_context)
 
@@ -180,7 +180,7 @@ class ExcavateRule:
         Returns:
         None
         """
-        for identifier, results in yara_results.items():
+        for results in yara_results.values():
             for result in results:
                 event_data = {"description": f"{discovery_context} {yara_rule_settings.description}"}
                 if yara_rule_settings.emit_match:
@@ -314,7 +314,7 @@ class excavate(BaseInternalModule, BaseInterceptModule):
 
     _module_threads = 8
 
-    parameter_blacklist = set(
+    parameter_blacklist = {
         p.lower()
         for p in [
             "__VIEWSTATE",
@@ -329,7 +329,7 @@ class excavate(BaseInternalModule, BaseInterceptModule):
             "JSESSIONID",
             "PHPSESSID",
         ]
-    )
+    }
 
     yara_rule_name_regex = re.compile(r"rule\s(\w+)\s{")
     yara_rule_regex = re.compile(r"(?s)((?:rule\s+\w+\s*{[^{}]*(?:{[^{}]*}[^{}]*)*[^{}]*(?:/\S*?}[^/]*?/)*)*})")
@@ -634,7 +634,7 @@ class excavate(BaseInternalModule, BaseInterceptModule):
         scheme_blacklist = ["javascript", "mailto", "tel", "data", "vbscript", "about", "file"]
 
         async def process(self, yara_results, event, yara_rule_settings, discovery_context):
-            for identifier, results in yara_results.items():
+            for results in yara_results.values():
                 for url_str in results:
                     scheme = url_str.split("://")[0]
                     if scheme in self.scheme_blacklist:

bbot/modules/internal/speculate.py

@@ -45,10 +45,10 @@ class speculate(BaseInternalModule):
 
     async def setup(self):
         scan_modules = [m for m in self.scan.modules.values() if m._type == "scan"]
-        self.open_port_consumers = any(["OPEN_TCP_PORT" in m.watched_events for m in scan_modules])
+        self.open_port_consumers = any("OPEN_TCP_PORT" in m.watched_events for m in scan_modules)
         # only consider active portscanners (still speculate if only passive ones are enabled)
         self.portscanner_enabled = any(
-            ["portscan" in m.flags and "active" in m.flags for m in self.scan.modules.values()]
+            "portscan" in m.flags and "active" in m.flags for m in self.scan.modules.values()
         )
         self.emit_open_ports = self.open_port_consumers and not self.portscanner_enabled
         self.range_to_ip = True
@@ -71,7 +71,7 @@ class speculate(BaseInternalModule):
                 self.hugewarning(
                     f"Selected target ({target_len:,} hosts) is too large, skipping IP_RANGE --> IP_ADDRESS speculation"
                 )
-                self.hugewarning(f'Enabling the "portscan" module is highly recommended')
+                self.hugewarning('Enabling the "portscan" module is highly recommended')
             self.range_to_ip = False
 
         return True
@@ -126,7 +126,7 @@ class speculate(BaseInternalModule):
             parent = self.helpers.parent_domain(event.host_original)
             if parent != event.data:
                 await self.emit_event(
-                    parent, "DNS_NAME", parent=event, context=f"speculated parent {{event.type}}: {{event.data}}"
+                    parent, "DNS_NAME", parent=event, context="speculated parent {event.type}: {event.data}"
                 )
 
         # URL --> OPEN_TCP_PORT

bbot/modules/ipneighbor.py

@@ -31,7 +31,7 @@ class ipneighbor(BaseModule):
         netmask = main_ip.max_prefixlen - min(main_ip.max_prefixlen, self.num_bits)
         network = ipaddress.ip_network(f"{main_ip}/{netmask}", strict=False)
         subnet_hash = hash(network)
-        if not subnet_hash in self.processed:
+        if subnet_hash not in self.processed:
             self.processed.add(subnet_hash)
             for ip in network:
                 if ip != main_ip:

bbot/modules/jadx.py

@@ -43,7 +43,7 @@ class jadx(BaseModule):
 
     async def filter_event(self, event):
         if "file" in event.tags:
-            if not event.data["magic_description"].lower() in self.allowed_file_types:
+            if event.data["magic_description"].lower() not in self.allowed_file_types:
                 return False, f"Jadx is not able to decompile this file type: {event.data['magic_description']}"
         else:
             return False, "Event is not a file"

bbot/modules/newsletters.py

@@ -46,11 +46,11 @@ class newsletters(BaseModule):
                 body = _event.data["body"]
                 soup = self.helpers.beautifulsoup(body, "html.parser")
                 if soup is False:
-                    self.debug(f"BeautifulSoup returned False")
+                    self.debug("BeautifulSoup returned False")
                     return
                 result = self.find_type(soup)
                 if result:
-                    description = f"Found a Newsletter Submission Form that could be used for email bombing attacks"
+                    description = "Found a Newsletter Submission Form that could be used for email bombing attacks"
                     data = {"host": str(_event.host), "description": description, "url": _event.data["url"]}
                     await self.emit_event(
                         data,

bbot/modules/output/asset_inventory.py

@@ -91,15 +91,15 @@ class asset_inventory(CSV):
             self.assets[hostkey].absorb_event(event)
 
     async def report(self):
-        stats = dict()
-        totals = dict()
+        stats = {}
+        totals = {}
 
         def increment_stat(stat, value):
             try:
                 totals[stat] += 1
             except KeyError:
                 totals[stat] = 1
-            if not stat in stats:
+            if stat not in stats:
                 stats[stat] = {}
             try:
                 stats[stat][value] += 1
@@ -263,13 +263,13 @@ class Asset:
         if not self.recheck:
             # ports
             ports = [i.strip() for i in row.get("Open Ports", "").split(",")]
-            self.ports.update(set(i for i in ports if i and is_port(i)))
+            self.ports.update({i for i in ports if i and is_port(i)})
             # findings
             findings = [i.strip() for i in row.get("Findings", "").splitlines()]
-            self.findings.update(set(i for i in findings if i))
+            self.findings.update({i for i in findings if i})
             # technologies
             technologies = [i.strip() for i in row.get("Technologies", "").splitlines()]
-            self.technologies.update(set(i for i in technologies if i))
+            self.technologies.update({i for i in technologies if i})
             # risk rating
             risk_rating = row.get("Risk Rating", "").strip()
             if risk_rating and risk_rating.isdigit() and int(risk_rating) > self.risk_rating:

bbot/modules/output/base.py

@@ -24,7 +24,7 @@ class BaseOutputModule(BaseModule):
         if event.type in ("FINISHED",):
             return True, "its type is FINISHED"
         if self.errored:
-            return False, f"module is in error state"
+            return False, "module is in error state"
         # exclude non-watched types
         if not any(t in self.get_watched_events() for t in ("*", event.type)):
             return False, "its type is not in watched_events"

bbot/modules/output/csv.py

@@ -64,7 +64,7 @@ class CSV(BaseOutputModule):
                 ),
                 "Source Module": str(getattr(event, "module_sequence", "")),
                 "Scope Distance": str(getattr(event, "scope_distance", "")),
-                "Event Tags": ",".join(sorted(list(getattr(event, "tags", [])))),
+                "Event Tags": ",".join(sorted(getattr(event, "tags", []))),
                 "Discovery Path": " --> ".join(discovery_path),
             }
         )

bbot/modules/output/stdout.py

@@ -20,7 +20,7 @@ class Stdout(BaseOutputModule):
 
     async def setup(self):
         self.text_format = self.config.get("format", "text").strip().lower()
-        if not self.text_format in self.format_choices:
+        if self.text_format not in self.format_choices:
             return (
                 False,
                 f'Invalid text format choice, "{self.text_format}" (choices: {",".join(self.format_choices)})',
@@ -33,7 +33,7 @@ class Stdout(BaseOutputModule):
 
     async def filter_event(self, event):
         if self.accept_event_types:
-            if not event.type in self.accept_event_types:
+            if event.type not in self.accept_event_types:
                 return False, f'Event type "{event.type}" is not in the allowed event_types'
         return True
 

bbot/modules/paramminer_headers.py

@@ -89,11 +89,11 @@ class paramminer_headers(BaseModule):
         if not wordlist:
             wordlist = f"{self.helpers.wordlist_dir}/{self.default_wordlist}"
         self.debug(f"Using wordlist: [{wordlist}]")
-        self.wl = set(
+        self.wl = {
             h.strip().lower()
             for h in self.helpers.read_file(await self.helpers.wordlist(wordlist))
             if len(h) > 0 and "%" not in h
-        )
+        }
 
         # check against the boring list (if the option is set)
         if self.config.get("skip_boring_words", True):
@@ -238,7 +238,7 @@ class paramminer_headers(BaseModule):
         return await compare_helper.compare(url, headers=test_headers, check_reflection=(len(header_list) == 1))
 
     async def finish(self):
-        untested_matches = sorted(list(self.extracted_words_master.copy()))
+        untested_matches = sorted(self.extracted_words_master.copy())
         for url, (event, batch_size) in list(self.event_dict.items()):
             try:
                 compare_helper = self.helpers.http_compare(url)

bbot/modules/portscan.py

@@ -99,7 +99,7 @@ class portscan(BaseModule):
             return False, "Masscan failed to run"
         returncode = getattr(ipv6_result, "returncode", 0)
         if returncode and "failed to detect IPv6 address" in ipv6_result.stderr:
-            self.warning(f"It looks like you are not set up for IPv6. IPv6 targets will not be scanned.")
+            self.warning("It looks like you are not set up for IPv6. IPv6 targets will not be scanned.")
             self.ipv6_support = False
         return True
 
@@ -109,7 +109,7 @@ class portscan(BaseModule):
             self.scanned_initial_targets = True
             events = set(events)
             events.update(
-                set([e for e in self.scan.target.seeds.events if e.type in ("DNS_NAME", "IP_ADDRESS", "IP_RANGE")])
+                {e for e in self.scan.target.seeds.events if e.type in ("DNS_NAME", "IP_ADDRESS", "IP_RANGE")}
             )
 
         # ping scan
@@ -334,7 +334,7 @@ class portscan(BaseModule):
         if "FAIL" in s:
             self.warning(s)
             self.warning(
-                f'Masscan failed to detect interface. Recommend passing "adapter_ip", "adapter_mac", and "router_mac" config options to portscan module.'
+                'Masscan failed to detect interface. Recommend passing "adapter_ip", "adapter_mac", and "router_mac" config options to portscan module.'
             )
         else:
             self.verbose(s)

bbot/modules/report/asn.py

@@ -38,7 +38,7 @@ class asn(BaseReportModule):
 
     async def handle_event(self, event):
         host = event.host
-        if self.cache_get(host) == False:
+        if self.cache_get(host) is False:
             asns, source = await self.get_asn(host)
             if not asns:
                 self.cache_put(self.unknown_asn)
@@ -96,7 +96,7 @@ class asn(BaseReportModule):
         for p in self.helpers.ip_network_parents(ip):
             try:
                 self.asn_counts[p] += 1
-                if ret == False:
+                if ret is False:
                     ret = p
             except KeyError:
                 continue
@@ -112,7 +112,7 @@ class asn(BaseReportModule):
             for i, source in enumerate(list(self.sources)):
                 get_asn_fn = getattr(self, f"get_asn_{source}")
                 res = await get_asn_fn(ip)
-                if res == False:
+                if res is False:
                     # demote the current source to lowest priority since it just failed
                     self.sources.append(self.sources.pop(i))
                     self.verbose(f"Failed to contact {source}, retrying")
@@ -125,7 +125,7 @@ class asn(BaseReportModule):
         url = f"https://stat.ripe.net/data/network-info/data.json?resource={ip}"
         response = await self.get_url(url, "ASN")
         asns = []
-        if response == False:
+        if response is False:
             return False
         data = response.get("data", {})
         if not data:
@@ -138,7 +138,7 @@ class asn(BaseReportModule):
             asn_numbers = []
         for number in asn_numbers:
             asn = await self.get_asn_metadata_ripe(number)
-            if asn == False:
+            if asn is False:
                 return False
             asn["subnet"] = prefix
             asns.append(asn)
@@ -155,7 +155,7 @@ class asn(BaseReportModule):
             }
             url = f"https://stat.ripe.net/data/whois/data.json?resource={asn_number}"
             response = await self.get_url(url, "ASN Metadata", cache=True)
-            if response == False:
+            if response is False:
                 return False
             data = response.get("data", {})
             if not data:
@@ -187,7 +187,7 @@ class asn(BaseReportModule):
         data = await self.get_url(url, "ASN")
         asns = []
         asns_tried = set()
-        if data == False:
+        if data is False:
             return False
         data = data.get("data", {})
         prefixes = data.get("prefixes", [])
@@ -201,13 +201,13 @@ class asn(BaseReportModule):
             description = details.get("description") or prefix.get("description") or ""
             country = details.get("country_code") or prefix.get("country_code") or ""
             emails = []
-            if not asn in asns_tried:
+            if asn not in asns_tried:
                 emails = await self.get_emails_bgpview(asn)
-                if emails == False:
+                if emails is False:
                     return False
                 asns_tried.add(asn)
             asns.append(
-                dict(asn=asn, subnet=subnet, name=name, description=description, country=country, emails=emails)
+                {"asn": asn, "subnet": subnet, "name": name, "description": description, "country": country, "emails": emails}
             )
         if not asns:
             self.debug(f'No results for "{ip}"')
@@ -217,7 +217,7 @@ class asn(BaseReportModule):
         contacts = []
         url = f"https://api.bgpview.io/asn/{asn}"
         data = await self.get_url(url, "ASN metadata", cache=True)
-        if data == False:
+        if data is False:
             return False
         data = data.get("data", {})
         if not data:

bbot/modules/robots.py

@@ -33,14 +33,14 @@ class robots(BaseModule):
                 for l in lines:
                     if len(l) > 0:
                         split_l = l.split(": ")
-                        if (split_l[0].lower() == "allow" and self.config.get("include_allow") == True) or (
-                            split_l[0].lower() == "disallow" and self.config.get("include_disallow") == True
+                        if (split_l[0].lower() == "allow" and self.config.get("include_allow") is True) or (
+                            split_l[0].lower() == "disallow" and self.config.get("include_disallow") is True
                         ):
                             unverified_url = f"{host}{split_l[1].lstrip('/')}".replace(
                                 "*", self.helpers.rand_string(4)
                             )
 
-                        elif split_l[0].lower() == "sitemap" and self.config.get("include_sitemap") == True:
+                        elif split_l[0].lower() == "sitemap" and self.config.get("include_sitemap") is True:
                             unverified_url = split_l[1]
                         else:
                             continue

bbot/modules/securitytxt.py

@@ -121,7 +121,7 @@ class securitytxt(BaseModule):
                         start, end = match.span()
                         found_url = v[start:end]
 
-                        if found_url != url and self._urls == True:
+                        if found_url != url and self._urls is True:
                             await self.emit_event(found_url, "URL_UNVERIFIED", parent=event, tags=tags)
 
 

bbot/modules/sitedossier.py

@@ -52,5 +52,5 @@ class sitedossier(subdomain_enum):
                     results.add(hostname)
                     yield hostname
             if '<a href="/parentdomain/' not in response.text:
-                self.debug(f"Next page not found")
+                self.debug("Next page not found")
                 break

bbot/modules/social.py

@@ -45,7 +45,7 @@ class social(BaseModule):
                 url = f"https://{url}"
                 event_data = {"platform": platform, "url": url, "profile_name": profile_name}
                 # only emit if the same event isn't already in the parent chain
-                if not any([e.type == "SOCIAL" and e.data == event_data for e in event.get_parents()]):
+                if not any(e.type == "SOCIAL" and e.data == event_data for e in event.get_parents()):
                     social_event = self.make_event(
                         event_data,
                         "SOCIAL",

bbot/modules/subdomainradar.py

@@ -46,7 +46,7 @@ class SubdomainRadar(subdomain_enum_apikey):
             try:
                 j = response.json()
             except Exception:
-                return False, f"Failed to get enumerators: failed to parse response as JSON"
+                return False, "Failed to get enumerators: failed to parse response as JSON"
             for group in j:
                 group_name = group.get("name", "").strip().lower()
                 if group_name:

bbot/modules/telerik.py

@@ -174,7 +174,7 @@ class telerik(BaseModule):
             result, _ = await self.test_detector(event.data, webresource)
             if result:
                 if "RadAsyncUpload handler is registered succesfully" in result.text:
-                    self.debug(f"Detected Telerik instance (Telerik.Web.UI.WebResource.axd?type=rau)")
+                    self.debug("Detected Telerik instance (Telerik.Web.UI.WebResource.axd?type=rau)")
 
                     probe_data = {
                         "rauPostData": (
@@ -216,7 +216,7 @@ class telerik(BaseModule):
                         event,
                         context=f"{{module}} scanned {event.data} and identified {{event.type}}: Telerik RAU AXD Handler",
                     )
-                    if self.config.get("exploit_RAU_crypto") == True:
+                    if self.config.get("exploit_RAU_crypto") is True:
                         hostname = urlparse(event.data).netloc
                         if hostname not in self.RAUConfirmed:
                             self.RAUConfirmed.append(hostname)
@@ -270,7 +270,7 @@ class telerik(BaseModule):
                 else:
                     if "Cannot deserialize dialog parameters" in response.text:
                         self.debug(f"Detected Telerik UI instance ({dh})")
-                        description = f"Telerik DialogHandler detected"
+                        description = "Telerik DialogHandler detected"
                         await self.emit_event(
                             {"host": str(event.host), "url": f"{event.data}{dh}", "description": description},
                             "FINDING",
@@ -289,8 +289,8 @@ class telerik(BaseModule):
                 self.debug(validate_result)
                 validate_status_code = getattr(validate_result, "status_code", 0)
                 if validate_status_code not in (0, 500):
-                    self.debug(f"Detected Telerik UI instance (Telerik.Web.UI.SpellCheckHandler.axd)")
-                    description = f"Telerik SpellCheckHandler detected"
+                    self.debug("Detected Telerik UI instance (Telerik.Web.UI.SpellCheckHandler.axd)")
+                    description = "Telerik SpellCheckHandler detected"
                     await self.emit_event(
                         {
                             "host": str(event.host),
@@ -334,7 +334,7 @@ class telerik(BaseModule):
                         },
                         "FINDING",
                         event,
-                        context=f"{{module}} searched HTTP_RESPONSE and identified {{event.type}}: Telerik ChartImage AXD Handler",
+                        context="{module} searched HTTP_RESPONSE and identified {event.type}: Telerik ChartImage AXD Handler",
                     )
                 elif '"_serializedConfiguration":"' in resp_body:
                     await self.emit_event(
@@ -345,7 +345,7 @@ class telerik(BaseModule):
                         },
                         "FINDING",
                         event,
-                        context=f"{{module}} searched HTTP_RESPONSE and identified {{event.type}}: Telerik AsyncUpload",
+                        context="{module} searched HTTP_RESPONSE and identified {event.type}: Telerik AsyncUpload",
                     )
 
         # Check for RAD Controls in URL

bbot/modules/templates/bucket.py

@@ -159,7 +159,7 @@ class bucket_template(BaseModule):
         valid = self.cloud_helper.is_valid_bucket_name(bucket_name)
         if valid and not self.helpers.is_ip(bucket_name):
             bucket_hash = hash(bucket_name)
-            if not bucket_hash in self.buckets_tried:
+            if bucket_hash not in self.buckets_tried:
                 self.buckets_tried.add(bucket_hash)
                 return True
         return False

bbot/modules/templates/github.py

@@ -38,7 +38,7 @@ class github(BaseModule):
         self.api_key = api_keys
         try:
             await self.ping()
-            self.hugesuccess(f"API is ready")
+            self.hugesuccess("API is ready")
             return True
         except Exception as e:
             self.trace(traceback.format_exc())

bbot/modules/templates/shodan.py

@@ -28,7 +28,7 @@ class shodan(subdomain_enum):
         self.api_key = api_keys
         try:
             await self.ping()
-            self.hugesuccess(f"API is ready")
+            self.hugesuccess("API is ready")
             return True
         except Exception as e:
             self.trace(traceback.format_exc())

bbot/modules/templates/subdomain_enum.py

@@ -155,7 +155,7 @@ class subdomain_enum(BaseModule):
     async def _is_wildcard(self, query):
         rdtypes = ("A", "AAAA", "CNAME")
         if self.helpers.is_dns_name(query):
-            for domain, wildcard_rdtypes in (await self.helpers.is_wildcard_domain(query, rdtypes=rdtypes)).items():
+            for wildcard_rdtypes in (await self.helpers.is_wildcard_domain(query, rdtypes=rdtypes)).values():
                 if any(t in wildcard_rdtypes for t in rdtypes):
                     return True
         return False

bbot/modules/templates/webhook.py

@@ -60,7 +60,7 @@ class WebhookOutputModule(BaseOutputModule):
     async def filter_event(self, event):
         if event.type == "VULNERABILITY":
             severity = event.data.get("severity", "UNKNOWN")
-            if not severity in self.allowed_severities:
+            if severity not in self.allowed_severities:
                 return False, f"{severity} is below min_severity threshold"
         return True
 

bbot/modules/trufflehog.py

@@ -51,7 +51,7 @@ class trufflehog(BaseModule):
         self.github_token = ""
         if self.deleted_forks:
             self.warning(
-                f"Deleted forks is enabled. Scanning for deleted forks is slooooooowwwww. For a smaller repository, this process can take 20 minutes. For a larger repository, it could take hours."
+                "Deleted forks is enabled. Scanning for deleted forks is slooooooowwwww. For a smaller repository, this process can take 20 minutes. For a larger repository, it could take hours."
             )
             for module_name in ("github", "github_codesearch", "github_org", "git_clone"):
                 module_config = self.scan.config.get("modules", {}).get(module_name, {})