bbot 2.3.0.5399rc0__py3-none-any.whl → 2.3.0.5404rc0__py3-none-any.whl

bbot/__init__.py

@@ -1,4 +1,4 @@
 # version placeholder (replaced by poetry-dynamic-versioning)
-__version__ = "v2.3.0.5399rc"
+__version__ = "v2.3.0.5404rc"
 
 from .scanner import Scanner, Preset

bbot/modules/dnstlsrpt.py

@@ -70,7 +70,7 @@ class dnstlsrpt(BaseModule):
             return False, "event is wildcard"
 
         # there's no value in inspecting service records
-        if service_record(event.host) == True:
+        if service_record(event.host) is True:
             return False, "service record detected"
 
         return True

bbot/modules/dotnetnuke.py

@@ -31,7 +31,7 @@ class dotnetnuke(BaseModule):
         self.interactsh_subdomain_tags = {}
         self.interactsh_instance = None
 
-        if self.scan.config.get("interactsh_disable", False) == False:
+        if self.scan.config.get("interactsh_disable", False) is False:
             try:
                 self.interactsh_instance = self.helpers.interactsh()
                 self.interactsh_domain = await self.interactsh_instance.register(callback=self.interactsh_callback)
@@ -93,7 +93,7 @@ class dotnetnuke(BaseModule):
                     detected = True
                     break
 
-        if detected == True:
+        if detected is True:
             # DNNPersonalization Deserialization Detection
             for probe_url in [f'{event.data["url"]}/__', f'{event.data["url"]}/', f'{event.data["url"]}']:
                 result = await self.helpers.request(probe_url, cookies=self.exploit_probe)

bbot/modules/internal/dnsresolve.py

@@ -73,6 +73,7 @@ class DNSResolve(BaseInterceptModule):
         if blacklisted:
             return False, "it has a blacklisted DNS record"
 
+        # DNS resolution for hosts that aren't IPs
         if not event_is_ip:
             # if the event is within our dns search distance, resolve the rest of our records
             if main_host_event.scope_distance < self._dns_search_distance:
@@ -82,9 +83,9 @@ class DNSResolve(BaseInterceptModule):
                     event_data_changed = await self.handle_wildcard_event(main_host_event)
                     if event_data_changed:
                         # since data has changed, we check again whether it's a duplicate
-                        if self.scan.ingress_module.is_incoming_duplicate(event, add=True):
+                        if event.type == "DNS_NAME" and self.scan.ingress_module.is_incoming_duplicate(event, add=True):
                             if not event._graph_important:
-                                return False, "event was already emitted by its module"
+                                return False, "it's a DNS wildcard, and its module already emitted a similar wildcard event"
                             else:
                                 self.debug(
                                     f"Event {event} was already emitted by its module, but it's graph-important so it gets a pass"

bbot/modules/internal/excavate.py

@@ -471,7 +471,7 @@ class excavate(BaseInternalModule, BaseInterceptModule):
                 self.parameterExtractorCallbackDict[r.__name__] = r
                 regexes_component_list.append(f"${r.__name__} = {r.discovery_regex}")
             regexes_component = " ".join(regexes_component_list)
-            self.yara_rules[f"parameter_extraction"] = (
+            self.yara_rules["parameter_extraction"] = (
                 rf'rule parameter_extraction {{meta: description = "contains POST form" strings: {regexes_component} condition: any of them}}'
             )
 
@@ -503,7 +503,7 @@ class excavate(BaseInternalModule, BaseInterceptModule):
                             )
 
                             if self.excavate.helpers.validate_parameter(parameter_name, parameter_type):
-                                if self.excavate.in_bl(parameter_name) == False:
+                                if self.excavate.in_bl(parameter_name) is False:
                                     parsed_url = urlparse(url)
                                     description = f"HTTP Extracted Parameter [{parameter_name}] ({parameterExtractorSubModule.name} Submodule)"
                                     data = {
@@ -579,7 +579,7 @@ class excavate(BaseInternalModule, BaseInterceptModule):
             for signature_name, signature in self.signatures.items():
                 signature_component_list.append(rf"${signature_name} = {signature}")
             signature_component = " ".join(signature_component_list)
-            self.yara_rules[f"error_detection"] = (
+            self.yara_rules["error_detection"] = (
                 f'rule error_detection {{meta: description = "contains a verbose error message" strings: {signature_component} condition: any of them}}'
             )
 
@@ -608,7 +608,7 @@ class excavate(BaseInternalModule, BaseInterceptModule):
             for regex_name, regex in self.regexes.items():
                 regexes_component_list.append(rf"${regex_name} = /\b{regex.pattern}/ nocase")
             regexes_component = " ".join(regexes_component_list)
-            self.yara_rules[f"serialization_detection"] = (
+            self.yara_rules["serialization_detection"] = (
                 f'rule serialization_detection {{meta: description = "contains a possible serialized object" strings: {regexes_component} condition: any of them}}'
             )
 
@@ -656,7 +656,8 @@ class excavate(BaseInternalModule, BaseInterceptModule):
                         continue
                     if parsed_url.scheme in ["http", "https"]:
                         continue
-                    abort_if = lambda e: e.scope_distance > 0
+                    def abort_if(e):
+                        return e.scope_distance > 0
                     finding_data = {"host": str(host), "description": f"Non-HTTP URI: {parsed_url.geturl()}"}
                     await self.report(finding_data, event, yara_rule_settings, discovery_context, abort_if=abort_if)
                     protocol_data = {"protocol": parsed_url.scheme, "host": str(host)}
@@ -769,7 +770,7 @@ class excavate(BaseInternalModule, BaseInterceptModule):
         def __init__(self, excavate):
             super().__init__(excavate)
             if excavate.scan.dns_yara_rules_uncompiled:
-                self.yara_rules[f"hostname_extraction"] = excavate.scan.dns_yara_rules_uncompiled
+                self.yara_rules["hostname_extraction"] = excavate.scan.dns_yara_rules_uncompiled
 
         async def process(self, yara_results, event, yara_rule_settings, discovery_context):
             for identifier in yara_results.keys():
@@ -817,7 +818,7 @@ class excavate(BaseInternalModule, BaseInterceptModule):
         self.parameter_extraction = bool(modules_WEB_PARAMETER)
 
         self.retain_querystring = False
-        if self.config.get("retain_querystring", False) == True:
+        if self.config.get("retain_querystring", False) is True:
             self.retain_querystring = True
 
         for module in self.scan.modules.values():
@@ -847,7 +848,7 @@ class excavate(BaseInternalModule, BaseInterceptModule):
                     rules_content = f.read()
                 self.debug(f"Successfully loaded custom yara rules file [{self.custom_yara_rules}]")
             else:
-                self.debug(f"Custom yara rules file is NOT a file. Will attempt to treat it as rule content")
+                self.debug("Custom yara rules file is NOT a file. Will attempt to treat it as rule content")
                 rules_content = self.custom_yara_rules
 
             self.debug(f"Final combined yara rule contents: {rules_content}")
@@ -860,7 +861,7 @@ class excavate(BaseInternalModule, BaseInterceptModule):
 
                 rule_match = await self.helpers.re.search(self.yara_rule_name_regex, rule_content)
                 if not rule_match:
-                    return False, f"Custom Yara formatted incorrectly: could not find rule name"
+                    return False, "Custom Yara formatted incorrectly: could not find rule name"
 
                 rule_name = rule_match.groups(1)[0]
                 c = CustomExtractor(self)
@@ -936,8 +937,8 @@ class excavate(BaseInternalModule, BaseInterceptModule):
         if event.type == "HTTP_RESPONSE":
             # Harvest GET parameters from URL, if it came directly from the target, and parameter extraction is enabled
             if (
-                self.parameter_extraction == True
-                and self.url_querystring_remove == False
+                self.parameter_extraction is True
+                and self.url_querystring_remove is False
                 and str(event.parent.parent.module) == "TARGET"
             ):
                 self.debug(f"Processing target URL [{urlunparse(event.parsed_url)}] for GET parameters")
@@ -949,7 +950,7 @@ class excavate(BaseInternalModule, BaseInterceptModule):
                     regex_name,
                     additional_params,
                 ) in extract_params_url(event.parsed_url):
-                    if self.in_bl(parameter_name) == False:
+                    if self.in_bl(parameter_name) is False:
                         description = f"HTTP Extracted Parameter [{parameter_name}] (Target URL)"
                         data = {
                             "host": parsed_url.hostname,
@@ -985,7 +986,7 @@ class excavate(BaseInternalModule, BaseInterceptModule):
                             cookie_name = header_value.split("=")[0]
                             cookie_value = header_value.split("=")[1].split(";")[0]
 
-                            if self.in_bl(cookie_value) == False:
+                            if self.in_bl(cookie_value) is False:
                                 self.assigned_cookies[cookie_name] = cookie_value
                                 description = f"Set-Cookie Assigned Cookie [{cookie_name}]"
                                 data = {
@@ -1029,7 +1030,7 @@ class excavate(BaseInternalModule, BaseInterceptModule):
                                     regex_name,
                                     additional_params,
                                 ) in extract_params_location(header_value, event.parsed_url):
-                                    if self.in_bl(parameter_name) == False:
+                                    if self.in_bl(parameter_name) is False:
                                         description = f"HTTP Extracted Parameter [{parameter_name}] (Location Header)"
                                         data = {
                                             "host": parsed_url.hostname,

bbot/modules/paramminer_headers.py

@@ -172,7 +172,7 @@ class paramminer_headers(BaseModule):
                 self.debug(f"Error initializing compare helper: {e}")
                 return
             batch_size = await self.count_test(url)
-            if batch_size == None or batch_size <= 0:
+            if batch_size is None or batch_size <= 0:
                 self.debug(f"Failed to get baseline max {self.compare_mode} count, aborting")
                 return
             self.debug(f"Resolved batch_size at {str(batch_size)}")
@@ -195,11 +195,11 @@ class paramminer_headers(BaseModule):
         baseline = await self.helpers.request(url)
         if baseline is None:
             return
-        if str(baseline.status_code)[0] in ("4", "5"):
+        if str(baseline.status_code)[0] in {"4", "5"}:
             return
         for count, args, kwargs in self.gen_count_args(url):
             r = await self.helpers.request(*args, **kwargs)
-            if r is not None and not (str(r.status_code)[0] in ("4", "5")):
+            if r is not None and str(r.status_code)[0] not in {"4", "5"}:
                 return count
 
     def gen_count_args(self, url):
@@ -222,7 +222,7 @@ class paramminer_headers(BaseModule):
         elif len(group) > 1 or (len(group) == 1 and len(reasons) == 0):
             for group_slice in self.helpers.split_list(group):
                 match, reasons, reflection, subject_response = await self.check_batch(compare_helper, url, group_slice)
-                if match == False:
+                if match is False:
                     async for r in self.binary_search(compare_helper, url, group_slice, reasons, reflection):
                         yield r
         else:

{bbot-2.3.0.5399rc0.dist-info → bbot-2.3.0.5404rc0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: bbot
-Version: 2.3.0.5399rc0
+Version: 2.3.0.5404rc0
 Summary: OSINT automation for hackers.
 Home-page: https://github.com/blacklanternsecurity/bbot
 License: GPL-3.0

{bbot-2.3.0.5399rc0.dist-info → bbot-2.3.0.5404rc0.dist-info}/RECORD

@@ -1,4 +1,4 @@
-bbot/__init__.py,sha256=2hCc7goae7xxFSqjYWHKoXYZIyQBErClPshRYR9xrkQ,130
+bbot/__init__.py,sha256=-cLt53eqldL4aPsPc2YgOHGI6b7vEurC-gMjbWuRB1s,130
 bbot/cli.py,sha256=xPTXsZr8FGmI3N6e3gjo9i9E2u-Ih2Sr4MQU6RTxnj8,10434
 bbot/core/__init__.py,sha256=l255GJE_DvUnWvrRb0J5lG-iMztJ8zVvoweDOfegGtI,46
 bbot/core/config/__init__.py,sha256=zYNw2Me6tsEr8hOOkLb4BQ97GB7Kis2k--G81S8vofU,342
@@ -93,10 +93,10 @@ bbot/modules/dnsbrute_mutations.py,sha256=bOJidK_oKZe87u8e9t0mEFnyuBi93UiNsQvpZY
 bbot/modules/dnscaa.py,sha256=pyaLqHrdsVhqtd1JBZVjKKcuYT_ywUbFYkrnfXcGD5s,5014
 bbot/modules/dnscommonsrv.py,sha256=gEErfSur7Odkaif4CbXYx3OZ3FQrQESyiMGPbcDKSIg,1538
 bbot/modules/dnsdumpster.py,sha256=bqUqyvRJVtoTXbDxTZ-kgPNq4dCE9xv_msBIn_Nj5IM,3251
-bbot/modules/dnstlsrpt.py,sha256=LW-8NTfUlYAlSlDrDBcELTe4LTrAI412J03xQfAL93Y,6427
+bbot/modules/dnstlsrpt.py,sha256=ntNKVDXDgDVWr1A20ShNT5HFBhXsVEM5aUIEU_0c9HU,6427
 bbot/modules/docker_pull.py,sha256=T_xObzExDTZF-_HfgZSfrU199QgCME3rYmkVs1HigXQ,9070
 bbot/modules/dockerhub.py,sha256=yHKxV-uVubAUvYrIXizSZoLUiPKArTH2mCh5FjY4sas,3486
-bbot/modules/dotnetnuke.py,sha256=qS1lzAmvWlDYrm1ODufIBvIS20oTr7m7m3xU-a5PGUA,10537
+bbot/modules/dotnetnuke.py,sha256=rw_EchDg49VyQj5JiUh0AqUqtsuqLrhc-nwrybdzhZ8,10537
 bbot/modules/emailformat.py,sha256=RLPJW-xitYB-VT4Lp08qVzFkXx_kMyV_035JT_Yf4fM,1082
 bbot/modules/extractous.py,sha256=_9tJsQRqhYIaPFmMByc2NiyvPhcPgs-KGQ8-XhtkSyc,4546
 bbot/modules/ffuf_shortnames.py,sha256=9Kh0kJsw7XXpXmCkiB5eAhG4h9rSo8Y-mB3p0EDa_l0,12624
@@ -122,8 +122,8 @@ bbot/modules/internal/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3h
 bbot/modules/internal/aggregate.py,sha256=csWYIt2fUp9K_CRxP3bndUMIjpNIh8rmBubp5Fr1-nc,395
 bbot/modules/internal/base.py,sha256=BXO4Hc7XKaAOaLzolF3krJX1KibPxtek2GTQUgnCHk0,387
 bbot/modules/internal/cloudcheck.py,sha256=WVW5gQQhnJmTb1_wl4MjM_HUNQIKS8kIQFNKdaAGJiY,4754
-bbot/modules/internal/dnsresolve.py,sha256=BJFuKFO8JykvKaXq2x9dbIUCbME4SFJPyhiZhnrFiKQ,15219
-bbot/modules/internal/excavate.py,sha256=2O09KYw2IIz9NQN6iN_2SXm8Iq6v_pEK0twcsE9FL38,51506
+bbot/modules/internal/dnsresolve.py,sha256=EhZ9KI-cC4P0uIn09Qy7kpPhWU2seeOt-uYLsHqrcO4,15336
+bbot/modules/internal/excavate.py,sha256=18173N5g9xUZKwAPrvR6Y9Vm3WK_174s9YYBvSnqeZo,51527
 bbot/modules/internal/speculate.py,sha256=1UX5YKCfUnJ4EV8suHSAdq1Y2decEjIV88LQ8-VQcRQ,9260
 bbot/modules/internetdb.py,sha256=Edg0Z84dH8dPTZMd7RlzvYBYNq8JHs_ns_ldnFxwRKo,5415
 bbot/modules/ip2location.py,sha256=yGivX9fzvwvLpnqmYCP2a8SPjTarzrZxfRluog-nkME,2628
@@ -159,7 +159,7 @@ bbot/modules/output/web_report.py,sha256=lZ0FqRZ7Jz1lljI9JMhH9gjtWLaTCSpSnAKQGAc
 bbot/modules/output/websocket.py,sha256=sDTtHU-Ey_tvS0gMi6PVPV9L4qAmGyWeccxAKfEWCac,2278
 bbot/modules/paramminer_cookies.py,sha256=q1PzftHQpCHLz81_VgLZsO6moia7ZtnU32igfcySi2w,1816
 bbot/modules/paramminer_getparams.py,sha256=_j6rgaqV5wGJoa8p5-KKbe2YsVGUtmWIanCVtFiF97Y,1893
-bbot/modules/paramminer_headers.py,sha256=sTHqyfCU46BFOIaArzabiNnegoeQDkaVe42MjyNdEDM,10291
+bbot/modules/paramminer_headers.py,sha256=v5H_feo1FwdEUHzVN72HvSftbf931CH1WInJzi5m3LY,10289
 bbot/modules/passivetotal.py,sha256=uGT6c_CUxBNInmClsTg8afIYA2ZykKYYCgjkyzujfHg,1653
 bbot/modules/pgp.py,sha256=Xu2M9WEIlwTm5-Lv29g7BblI05tD9Dl0XsYSeY6UURs,2065
 bbot/modules/portscan.py,sha256=YdUMPurlDuXFfeS56z2Ab12U3NXBMH71isW86jgeKW0,14650
@@ -414,8 +414,8 @@ bbot/wordlists/raft-small-extensions-lowercase_CLEANED.txt,sha256=ZSIVebs7ptMvHx
 bbot/wordlists/top_open_ports_nmap.txt,sha256=LmdFYkfapSxn1pVuQC2LkOIY2hMLgG-Xts7DVtYzweM,42727
 bbot/wordlists/valid_url_schemes.txt,sha256=0B_VAr9Dv7aYhwi6JSBDU-3M76vNtzN0qEC_RNLo7HE,3310
 bbot/wordlists/wordninja_dns.txt.gz,sha256=DYHvvfW0TvzrVwyprqODAk4tGOxv5ezNmCPSdPuDUnQ,570241
-bbot-2.3.0.5399rc0.dist-info/LICENSE,sha256=GzeCzK17hhQQDNow0_r0L8OfLpeTKQjFQwBQU7ZUymg,32473
-bbot-2.3.0.5399rc0.dist-info/METADATA,sha256=tg5jroNAERAI90LP8m4pS1HLWPKb6viYfcOhaUB4OuA,17949
-bbot-2.3.0.5399rc0.dist-info/WHEEL,sha256=Nq82e9rUAnEjt98J6MlVmMCZb-t9cYE2Ir1kpBmnWfs,88
-bbot-2.3.0.5399rc0.dist-info/entry_points.txt,sha256=cWjvcU_lLrzzJgjcjF7yeGuRA_eDS8pQ-kmPUAyOBfo,38
-bbot-2.3.0.5399rc0.dist-info/RECORD,,
+bbot-2.3.0.5404rc0.dist-info/LICENSE,sha256=GzeCzK17hhQQDNow0_r0L8OfLpeTKQjFQwBQU7ZUymg,32473
+bbot-2.3.0.5404rc0.dist-info/METADATA,sha256=oZRtFdalyEuSwLkG3CV8YudjhxKSQxNlhWvTYEYmd9U,17949
+bbot-2.3.0.5404rc0.dist-info/WHEEL,sha256=Nq82e9rUAnEjt98J6MlVmMCZb-t9cYE2Ir1kpBmnWfs,88
+bbot-2.3.0.5404rc0.dist-info/entry_points.txt,sha256=cWjvcU_lLrzzJgjcjF7yeGuRA_eDS8pQ-kmPUAyOBfo,38
+bbot-2.3.0.5404rc0.dist-info/RECORD,,