bbot 2.3.0.5546rc0__py3-none-any.whl → 2.3.1.5815rc0__py3-none-any.whl

bbot/modules/generic_ssrf.py

@@ -37,10 +37,10 @@ ssrf_params = [
 class BaseSubmodule:
     technique_description = "base technique description"
     severity = "INFO"
-    paths = None
+    paths = []
 
-    def __init__(self, parent_module):
-        self.parent_module = parent_module
+    def __init__(self, generic_ssrf):
+        self.generic_ssrf = generic_ssrf
         self.test_paths = self.create_paths()
 
     def set_base_url(self, event):
@@ -51,30 +51,30 @@ class BaseSubmodule:
 
     async def test(self, event):
         base_url = self.set_base_url(event)
-
-        for test_path in self.test_paths:
-            subdomain_tag = self.parent_module.helpers.rand_string(4)
-            test_path_prepared = test_path.replace(
-                "SSRF_CANARY", f"{subdomain_tag}.{self.parent_module.interactsh_domain}"
-            )
-            test_url = f"{base_url}{test_path_prepared}"
-            self.parent_module.debug(f"Sending request to URL: {test_url}")
-            r = await self.parent_module.helpers.curl(url=test_url)
-            if r:
-                self.process(event, r, subdomain_tag)
+        for test_path_result in self.test_paths:
+            for lower in [True, False]:
+                test_path = test_path_result[0]
+                if lower:
+                    test_path = test_path.lower()
+                subdomain_tag = test_path_result[1]
+                test_url = f"{base_url}{test_path}"
+                self.generic_ssrf.debug(f"Sending request to URL: {test_url}")
+                r = await self.generic_ssrf.helpers.curl(url=test_url)
+                if r:
+                    self.process(event, r, subdomain_tag)
 
     def process(self, event, r, subdomain_tag):
-        response_token = self.parent_module.interactsh_domain.split(".")[0][::-1]
+        response_token = self.generic_ssrf.interactsh_domain.split(".")[0][::-1]
         if response_token in r:
-            read_response = True
+            echoed_response = True
         else:
-            read_response = False
+            echoed_response = False
 
-        self.parent_module.interactsh_subdomain_tags[subdomain_tag] = (
+        self.generic_ssrf.interactsh_subdomain_tags[subdomain_tag] = (
             event,
             self.technique_description,
             self.severity,
-            read_response,
+            echoed_response,
         )
 
 
@@ -86,15 +86,15 @@ class Generic_SSRF(BaseSubmodule):
         return event.data
 
     def create_paths(self):
-        query_string = ""
-        for param in ssrf_params:
-            query_string += f"{param}=http://SSRF_CANARY&"
-
-        query_string_lower = ""
+        test_paths = []
         for param in ssrf_params:
-            query_string_lower += f"{param.lower()}=http://SSRF_CANARY&"
-
-        return [f"?{query_string.rstrip('&')}", f"?{query_string_lower.rstrip('&')}"]
+            query_string = ""
+            subdomain_tag = self.generic_ssrf.helpers.rand_string(4)
+            ssrf_canary = f"{subdomain_tag}.{self.generic_ssrf.interactsh_domain}"
+            self.generic_ssrf.parameter_subdomain_tags_map[subdomain_tag] = param
+            query_string += f"{param}=http://{ssrf_canary}&"
+            test_paths.append((f"?{query_string.rstrip('&')}", subdomain_tag))
+        return test_paths
 
 
 class Generic_SSRF_POST(BaseSubmodule):
@@ -107,21 +107,22 @@ class Generic_SSRF_POST(BaseSubmodule):
     async def test(self, event):
         test_url = f"{event.data}"
 
-        subdomain_tag = self.parent_module.helpers.rand_string(4, digits=False)
         post_data = {}
         for param in ssrf_params:
-            post_data[param] = f"http://{subdomain_tag}.{self.parent_module.interactsh_domain}"
+            subdomain_tag = self.generic_ssrf.helpers.rand_string(4, digits=False)
+            self.generic_ssrf.parameter_subdomain_tags_map[subdomain_tag] = param
+            post_data[param] = f"http://{subdomain_tag}.{self.generic_ssrf.interactsh_domain}"
 
-        subdomain_tag_lower = self.parent_module.helpers.rand_string(4, digits=False)
+        subdomain_tag_lower = self.generic_ssrf.helpers.rand_string(4, digits=False)
         post_data_lower = {
-            k.lower(): f"http://{subdomain_tag_lower}.{self.parent_module.interactsh_domain}"
+            k.lower(): f"http://{subdomain_tag_lower}.{self.generic_ssrf.interactsh_domain}"
             for k, v in post_data.items()
         }
 
         post_data_list = [(subdomain_tag, post_data), (subdomain_tag_lower, post_data_lower)]
 
         for tag, pd in post_data_list:
-            r = await self.parent_module.helpers.curl(url=test_url, method="POST", post_data=pd)
+            r = await self.generic_ssrf.helpers.curl(url=test_url, method="POST", post_data=pd)
             self.process(event, r, tag)
 
 
@@ -131,17 +132,17 @@ class Generic_XXE(BaseSubmodule):
     paths = None
 
     async def test(self, event):
-        rand_entity = self.parent_module.helpers.rand_string(4, digits=False)
-        subdomain_tag = self.parent_module.helpers.rand_string(4, digits=False)
+        rand_entity = self.generic_ssrf.helpers.rand_string(4, digits=False)
+        subdomain_tag = self.generic_ssrf.helpers.rand_string(4, digits=False)
 
         post_body = f"""<?xml version="1.0" encoding="ISO-8859-1"?>
 <!DOCTYPE foo [
 <!ELEMENT foo ANY >
-<!ENTITY {rand_entity} SYSTEM "http://{subdomain_tag}.{self.parent_module.interactsh_domain}" >
+<!ENTITY {rand_entity} SYSTEM "http://{subdomain_tag}.{self.generic_ssrf.interactsh_domain}" >
 ]>
 <foo>&{rand_entity};</foo>"""
         test_url = event.parsed_url.geturl()
-        r = await self.parent_module.helpers.curl(
+        r = await self.generic_ssrf.helpers.curl(
             url=test_url, method="POST", raw_body=post_body, headers={"Content-type": "application/xml"}
         )
         if r:
@@ -160,6 +161,7 @@ class generic_ssrf(BaseModule):
     async def setup(self):
         self.submodules = {}
         self.interactsh_subdomain_tags = {}
+        self.parameter_subdomain_tags_map = {}
         self.severity = None
         self.generic_only = self.config.get("generic_only", False)
 
@@ -190,22 +192,34 @@ class generic_ssrf(BaseModule):
 
     async def interactsh_callback(self, r):
         full_id = r.get("full-id", None)
+        subdomain_tag = full_id.split(".")[0]
+
         if full_id:
             if "." in full_id:
-                match = self.interactsh_subdomain_tags.get(full_id.split(".")[0])
+                match = self.interactsh_subdomain_tags.get(subdomain_tag)
                 if not match:
                     return
                 matched_event = match[0]
                 matched_technique = match[1]
                 matched_severity = match[2]
-                matched_read_response = str(match[3])
+                matched_echoed_response = str(match[3])
+
+                # Check if any SSRF parameter is in the DNS request
+                triggering_param = self.parameter_subdomain_tags_map.get(subdomain_tag, None)
+                description = f"Out-of-band interaction: [{matched_technique}]"
+                if triggering_param:
+                    self.debug(f"Found triggering parameter: {triggering_param}")
+                    description += f" [Triggering Parameter: {triggering_param}]"
+                description += f" [{r.get('protocol').upper()}] Echoed Response: {matched_echoed_response}"
+
+                self.debug(f"Emitting event with description: {description}")  # Debug the final description
 
                 await self.emit_event(
                     {
                         "severity": matched_severity,
                         "host": str(matched_event.host),
                         "url": matched_event.data,
-                        "description": f"Out-of-band interaction: [{matched_technique}] [{r.get('protocol').upper()}] Read Response: {matched_read_response}",
+                        "description": description,
                     },
                     "VULNERABILITY",
                     matched_event,
@@ -227,7 +241,7 @@ class generic_ssrf(BaseModule):
 
     async def finish(self):
         if self.scan.config.get("interactsh_disable", False) is False:
-            await self.helpers.sleep(5)
+            await self.helpers.sleep(2)
             try:
                 for r in await self.interactsh_instance.poll():
                     await self.interactsh_callback(r)

bbot/modules/github_codesearch.py

@@ -42,7 +42,7 @@ class github_codesearch(github, subdomain_enum):
     async def query(self, query):
         repos = {}
         url = f"{self.base_url}/search/code?per_page=100&type=Code&q={self.helpers.quote(query)}&page=" + "{page}"
-        agen = self.api_page_iter(url, headers=self.headers, json=False)
+        agen = self.api_page_iter(url, headers=self.headers, _json=False)
         num_results = 0
         try:
             async for r in agen:
@@ -78,7 +78,7 @@ class github_codesearch(github, subdomain_enum):
                 if num_results >= self.limit:
                     break
         finally:
-            agen.aclose()
+            await agen.aclose()
         return repos
 
     def raw_url(self, url):

bbot/modules/github_org.py

@@ -24,6 +24,10 @@ class github_org(github):
         self.include_member_repos = self.config.get("include_member_repos", False)
         return await super().setup()
 
+    def _api_response_is_success(self, r):
+        # we allow 404s because they're normal
+        return r.is_success or getattr(r, "status_code", 0) == 404
+
     async def filter_event(self, event):
         if event.type == "SOCIAL":
             if event.data.get("platform", "") != "github":
@@ -104,7 +108,7 @@ class github_org(github):
     async def query_org_repos(self, query):
         repos = []
         url = f"{self.base_url}/orgs/{self.helpers.quote(query)}/repos?per_page=100&page=" + "{page}"
-        agen = self.api_page_iter(url, json=False)
+        agen = self.api_page_iter(url, _json=False)
         try:
             async for r in agen:
                 if r is None:
@@ -126,13 +130,13 @@ class github_org(github):
                     html_url = item.get("html_url", "")
                     repos.append(html_url)
         finally:
-            agen.aclose()
+            await agen.aclose()
         return repos
 
     async def query_org_members(self, query):
         members = []
         url = f"{self.base_url}/orgs/{self.helpers.quote(query)}/members?per_page=100&page=" + "{page}"
-        agen = self.api_page_iter(url, json=False)
+        agen = self.api_page_iter(url, _json=False)
         try:
             async for r in agen:
                 if r is None:
@@ -154,13 +158,13 @@ class github_org(github):
                     login = item.get("login", "")
                     members.append(login)
         finally:
-            agen.aclose()
+            await agen.aclose()
         return members
 
     async def query_user_repos(self, query):
         repos = []
         url = f"{self.base_url}/users/{self.helpers.quote(query)}/repos?per_page=100&page=" + "{page}"
-        agen = self.api_page_iter(url, json=False)
+        agen = self.api_page_iter(url, _json=False)
         try:
             async for r in agen:
                 if r is None:
@@ -182,7 +186,7 @@ class github_org(github):
                     html_url = item.get("html_url", "")
                     repos.append(html_url)
         finally:
-            agen.aclose()
+            await agen.aclose()
         return repos
 
     async def validate_org(self, org):
@@ -198,18 +202,10 @@ class github_org(github):
             return is_org, in_scope
         if status_code == 200:
             is_org = True
-        try:
-            json = r.json()
-        except Exception as e:
-            self.warning(f"Failed to decode JSON for {r.url} (HTTP status: {status_code}): {e}")
-            return is_org, in_scope
-        for k, v in json.items():
-            if (
-                isinstance(v, str)
-                and (self.helpers.is_dns_name(v) and "." in v or self.helpers.is_url(v) or self.helpers.is_email(v))
-                and self.scan.in_scope(v)
-            ):
-                self.verbose(f'Found in-scope key "{k}": "{v}" for {org}, it appears to be in-scope')
-                in_scope = True
-                break
+        in_scope_hosts = await self.scan.extract_in_scope_hostnames(getattr(r, "text", ""))
+        if in_scope_hosts:
+            self.verbose(
+                f'Found in-scope hostname(s): "{in_scope_hosts}" for github org: {org}, it appears to be in-scope'
+            )
+            in_scope = True
         return is_org, in_scope

bbot/modules/github_workflows.py

@@ -30,6 +30,10 @@ class github_workflows(github):
         self.helpers.mkdir(self.output_dir)
         return await super().setup()
 
+    def _api_response_is_success(self, r):
+        # we allow 404s because they're normal
+        return r.is_success or getattr(r, "status_code", 0) == 404
+
     async def filter_event(self, event):
         if event.type == "CODE_REPOSITORY":
             if "git" not in event.tags and "github" not in event.data.get("url", ""):
@@ -88,7 +92,7 @@ class github_workflows(github):
     async def get_workflows(self, owner, repo):
         workflows = []
         url = f"{self.base_url}/repos/{owner}/{repo}/actions/workflows?per_page=100&page=" + "{page}"
-        agen = self.api_page_iter(url, json=False)
+        agen = self.api_page_iter(url, _json=False)
         try:
             async for r in agen:
                 if r is None:
@@ -109,7 +113,7 @@ class github_workflows(github):
                 for item in j:
                     workflows.append(item)
         finally:
-            agen.aclose()
+            await agen.aclose()
         return workflows
 
     async def get_workflow_runs(self, owner, repo, workflow_id):

bbot/modules/gowitness.py

@@ -1,3 +1,4 @@
+import os
 import asyncio
 import aiosqlite
 import multiprocessing
@@ -71,6 +72,11 @@ class gowitness(BaseModule):
         if custom_chrome_path.is_file():
             self.chrome_path = custom_chrome_path
 
+        # fix ubuntu-specific sandbox bug
+        chrome_devel_sandbox = self.helpers.tools_dir / "chrome-linux" / "chrome_sandbox"
+        if chrome_devel_sandbox.is_file():
+            os.environ["CHROME_DEVEL_SANDBOX"] = str(chrome_devel_sandbox)
+
         # make sure we have a working chrome install
         chrome_test_pass = False
         for binary in ("chrome", "chromium", "chromium-browser", custom_chrome_path):

bbot/modules/hunt.py

@@ -101,7 +101,7 @@ hunt_param_dict = {
     ],
     "SQL Injection": [
         "id",
-        "" "select",
+        "select",
         "report",
         "role",
         "update",

bbot/modules/hunterio.py

@@ -61,5 +61,5 @@ class hunterio(subdomain_enum_apikey):
                     break
                 emails += new_emails
         finally:
-            agen.aclose()
+            await agen.aclose()
         return emails

bbot/modules/iis_shortnames.py

@@ -22,10 +22,11 @@ class iis_shortnames(BaseModule):
         "created_date": "2022-04-15",
         "author": "@liquidsec",
     }
-    options = {"detect_only": True, "max_node_count": 50}
+    options = {"detect_only": True, "max_node_count": 50, "speculate_magic_urls": True}
     options_desc = {
         "detect_only": "Only detect the vulnerability and do not run the shortname scanner",
         "max_node_count": "Limit how many nodes to attempt to resolve on any given recursion branch",
+        "speculate_magic_urls": "Attempt to discover iis 'magic' special folders",
     }
     in_scope_only = True
 
@@ -131,7 +132,10 @@ class iis_shortnames(BaseModule):
         kwargs = {"method": method, "allow_redirects": False, "retries": 2, "timeout": 10}
         for c in valid_chars:
             for file_part in ("stem", "ext"):
-                payload = encode_all(f"*{c}*~1*")
+                if file_part == "stem":
+                    payload = encode_all(f"*{c}*~1*")
+                elif file_part == "ext":
+                    payload = encode_all(f"*~1*{c}*")
                 url = f"{target}{payload}{suffix}"
                 urls_and_kwargs.append((url, kwargs, (c, file_part)))
 
@@ -236,6 +240,15 @@ class iis_shortnames(BaseModule):
                 event,
                 context="{module} detected low {event.type}: IIS shortname enumeration",
             )
+
+            if self.config.get("speculate_magic_urls") and "iis-magic-url" not in event.tags:
+                magic_url_bin = f"{normalized_url}bin::$INDEX_ALLOCATION/"
+                self.debug(f"making IIS magic URL: {magic_url_bin}")
+                magic_url_event = self.make_event(
+                    magic_url_bin, "URL", parent=event, tags=["iis-magic-url", "status-403"]
+                )
+                await self.scan.modules["iis_shortnames"].incoming_event_queue.put(magic_url_event)
+
             if not self.config.get("detect_only"):
                 for detection in detections:
                     safety_counter = safety_counter_obj()
@@ -245,7 +258,6 @@ class iis_shortnames(BaseModule):
 
                     if valid_method_confirmed:
                         break
-
                     confirmed_chars, confirmed_exts = await self.solve_valid_chars(
                         method, normalized_url, affirmative_status_code
                     )
@@ -261,8 +273,8 @@ class iis_shortnames(BaseModule):
                     else:
                         continue
 
-                    self.debug(f"Confirmed character list: {','.join(confirmed_chars)}")
-                    self.debug(f"Confirmed character list: {','.join(confirmed_exts)}")
+                    self.verbose(f"Confirmed character list: {','.join(confirmed_chars)}")
+                    self.verbose(f"Confirmed ext character list: {','.join(confirmed_exts)}")
                     try:
                         file_name_hints = list(
                             set(
@@ -321,14 +333,18 @@ class iis_shortnames(BaseModule):
 
                     for url_hint in url_hint_list:
                         if "." in url_hint:
-                            hint_type = "shortname-file"
+                            hint_type = "shortname-endpoint"
                         else:
                             hint_type = "shortname-directory"
+
+                        tags = [hint_type]
+                        if "iis-magic-url" in event.tags:
+                            tags.append("iis-magic-url")
                         await self.emit_event(
                             f"{normalized_url}/{url_hint}",
                             "URL_HINT",
                             event,
-                            tags=[hint_type],
+                            tags=tags,
                             context=f"{{module}} enumerated shortnames at {normalized_url} and found {{event.type}}: {url_hint}",
                         )
 

bbot/modules/internal/excavate.py

@@ -1,6 +1,7 @@
 import yara
 import json
 import html
+import time
 import inspect
 import regex as re
 from pathlib import Path
@@ -776,8 +777,7 @@ class excavate(BaseInternalModule, BaseInterceptModule):
 
         def __init__(self, excavate):
             super().__init__(excavate)
-            if excavate.scan.dns_yara_rules_uncompiled:
-                self.yara_rules["hostname_extraction"] = excavate.scan.dns_yara_rules_uncompiled
+            self.yara_rules.update(excavate.scan.dns_yara_rules_uncompiled)
 
         async def process(self, yara_results, event, yara_rule_settings, discovery_context):
             for identifier in yara_results.keys():
@@ -882,10 +882,12 @@ class excavate(BaseInternalModule, BaseInterceptModule):
         yara.set_config(max_match_data=yara_max_match_data)
         yara_rules_combined = "\n".join(self.yara_rules_dict.values())
         try:
-            self.info(f"Compiling {len(self.yara_rules_dict):,} YARA rules")
+            start = time.time()
+            self.verbose(f"Compiling {len(self.yara_rules_dict):,} YARA rules")
             for rule_name, rule_content in self.yara_rules_dict.items():
                 self.debug(f"  - {rule_name}")
             self.yara_rules = yara.compile(source=yara_rules_combined)
+            self.verbose(f"{len(self.yara_rules_dict):,} YARA rules compiled in {time.time() - start:.2f} seconds")
         except yara.SyntaxError as e:
             self.debug(yara_rules_combined)
             return False, f"Yara Rules failed to compile with error: [{e}]"

bbot/modules/internal/unarchive.py

@@ -0,0 +1,82 @@
+from pathlib import Path
+from bbot.modules.internal.base import BaseInternalModule
+from bbot.core.helpers.libmagic import get_magic_info, get_compression
+
+
+class unarchive(BaseInternalModule):
+    watched_events = ["FILESYSTEM"]
+    produced_events = ["FILESYSTEM"]
+    flags = ["passive", "safe"]
+    meta = {
+        "description": "Extract different types of files into folders on the filesystem",
+        "created_date": "2024-12-08",
+        "author": "@domwhewell-sage",
+    }
+
+    async def setup(self):
+        self.ignore_compressions = ["application/java-archive", "application/vnd.android.package-archive"]
+        self.compression_methods = {
+            "zip": ["7z", "x", '-p""', "-aoa", "{filename}", "-o{extract_dir}/"],
+            "bzip2": ["tar", "--overwrite", "-xvjf", "{filename}", "-C", "{extract_dir}/"],
+            "xz": ["tar", "--overwrite", "-xvJf", "{filename}", "-C", "{extract_dir}/"],
+            "7z": ["7z", "x", '-p""', "-aoa", "{filename}", "-o{extract_dir}/"],
+            # "rar": ["7z", "x", '-p""', "-aoa", "{filename}", "-o{extract_dir}/"],
+            # "lzma": ["7z", "x", '-p""', "-aoa", "{filename}", "-o{extract_dir}/"],
+            "tar": ["tar", "--overwrite", "-xvf", "{filename}", "-C", "{extract_dir}/"],
+            "gzip": ["tar", "--overwrite", "-xvzf", "{filename}", "-C", "{extract_dir}/"],
+        }
+        return True
+
+    async def filter_event(self, event):
+        if "file" in event.tags:
+            if event.data["magic_mime_type"] in self.ignore_compressions:
+                return False, f"Ignoring file type: {event.data['magic_mime_type']}, {event.data['path']}"
+            if "compression" in event.data:
+                if not event.data["compression"] in self.compression_methods:
+                    return (
+                        False,
+                        f"Extract unable to handle file type: {event.data['compression']}, {event.data['path']}",
+                    )
+            else:
+                return False, f"Event is not a compressed file: {event.data['path']}"
+        else:
+            return False, "Event is not a file"
+        return True
+
+    async def handle_event(self, event):
+        path = Path(event.data["path"])
+        output_dir = path.parent / path.name.replace(".", "_")
+
+        # Use the appropriate extraction method based on the file type
+        self.info(f"Extracting {path} to {output_dir}")
+        success = await self.extract_file(path, output_dir)
+
+        # If the extraction was successful, emit the event
+        if success:
+            await self.emit_event(
+                {"path": str(output_dir)},
+                "FILESYSTEM",
+                tags=["folder", "unarchived-folder"],
+                parent=event,
+                context=f'extracted "{path}" to: {output_dir}',
+            )
+        else:
+            output_dir.rmdir()
+
+    async def extract_file(self, path, output_dir):
+        extension, mime_type, description, confidence = get_magic_info(path)
+        compression_format = get_compression(mime_type)
+        cmd_list = self.compression_methods.get(compression_format, [])
+        if cmd_list:
+            if not output_dir.exists():
+                self.helpers.mkdir(output_dir)
+            command = [s.format(filename=path, extract_dir=output_dir) for s in cmd_list]
+            try:
+                await self.run_process(command, check=True)
+                for item in output_dir.iterdir():
+                    if item.is_file():
+                        await self.extract_file(item, output_dir / item.stem)
+            except Exception as e:
+                self.warning(f"Error extracting {path}. Error: {e}")
+                return False
+            return True

bbot/modules/jadx.py

@@ -6,7 +6,7 @@ from bbot.modules.internal.base import BaseModule
 class jadx(BaseModule):
     watched_events = ["FILESYSTEM"]
     produced_events = ["FILESYSTEM"]
-    flags = ["passive", "safe"]
+    flags = ["passive", "safe", "code-enum"]
     meta = {
         "description": "Decompile APKs and XAPKs using JADX",
         "created_date": "2024-11-04",
@@ -60,7 +60,7 @@ class jadx(BaseModule):
             await self.emit_event(
                 {"path": str(output_dir)},
                 "FILESYSTEM",
-                tags="folder",
+                tags=["folder", "unarchived-folder"],
                 parent=event,
                 context=f'extracted "{path}" to: {output_dir}',
             )

bbot/modules/output/asset_inventory.py

@@ -154,7 +154,7 @@ class asset_inventory(CSV):
                 stats_sorted = sorted(stats[header].items(), key=lambda x: x[-1], reverse=True)
                 total = totals[header]
                 for k, v in stats_sorted:
-                    table.append([str(k), f"{v:,}/{total} ({v/total*100:.1f}%)"])
+                    table.append([str(k), f"{v:,}/{total} ({v / total * 100:.1f}%)"])
                 self.log_table(table, table_header, table_name=f"asset-inventory-{header}")
 
         if self._file is not None:

bbot/modules/output/base.py

@@ -14,7 +14,7 @@ class BaseOutputModule(BaseModule):
         event_type = f"[{event.type}]"
         event_tags = ""
         if getattr(event, "tags", []):
-            event_tags = f'\t({", ".join(sorted(getattr(event, "tags", [])))})'
+            event_tags = f"\t({', '.join(sorted(getattr(event, 'tags', [])))})"
         event_str = f"{event_type:<20}\t{event.data_human}\t{event.module_sequence}{event_tags}"
         return event_str
 

bbot/modules/output/discord.py

@@ -8,9 +8,10 @@ class Discord(WebhookOutputModule):
         "created_date": "2023-08-14",
         "author": "@TheTechromancer",
     }
-    options = {"webhook_url": "", "event_types": ["VULNERABILITY", "FINDING"], "min_severity": "LOW"}
+    options = {"webhook_url": "", "event_types": ["VULNERABILITY", "FINDING"], "min_severity": "LOW", "retries": 10}
     options_desc = {
         "webhook_url": "Discord webhook URL",
         "event_types": "Types of events to send",
         "min_severity": "Only allow VULNERABILITY events of this severity or higher",
+        "retries": "Number of times to retry sending the message before skipping the event",
     }

bbot/modules/output/slack.py

@@ -10,11 +10,12 @@ class Slack(WebhookOutputModule):
         "created_date": "2023-08-14",
         "author": "@TheTechromancer",
     }
-    options = {"webhook_url": "", "event_types": ["VULNERABILITY", "FINDING"], "min_severity": "LOW"}
+    options = {"webhook_url": "", "event_types": ["VULNERABILITY", "FINDING"], "min_severity": "LOW", "retries": 10}
     options_desc = {
         "webhook_url": "Discord webhook URL",
         "event_types": "Types of events to send",
         "min_severity": "Only allow VULNERABILITY events of this severity or higher",
+        "retries": "Number of times to retry sending the message before skipping the event",
     }
     content_key = "text"