bbot 2.3.1.5815rc0__tar.gz → 2.3.1.5820rc0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of bbot might be problematic. Click here for more details.

Files changed (428) hide show
  1. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/PKG-INFO +1 -1
  2. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/__init__.py +1 -1
  3. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/telerik.py +57 -32
  4. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/trufflehog.py +1 -1
  5. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/web/dotnet-audit.yml +1 -0
  6. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_telerik.py +57 -2
  7. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/pyproject.toml +1 -1
  8. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/LICENSE +0 -0
  9. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/README.md +0 -0
  10. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/cli.py +0 -0
  11. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/__init__.py +0 -0
  12. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/config/__init__.py +0 -0
  13. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/config/files.py +0 -0
  14. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/config/logger.py +0 -0
  15. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/core.py +0 -0
  16. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/engine.py +0 -0
  17. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/event/__init__.py +0 -0
  18. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/event/base.py +0 -0
  19. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/event/helpers.py +0 -0
  20. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/flags.py +0 -0
  21. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/__init__.py +0 -0
  22. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/async_helpers.py +0 -0
  23. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/bloom.py +0 -0
  24. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/cache.py +0 -0
  25. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/command.py +0 -0
  26. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/depsinstaller/__init__.py +0 -0
  27. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/depsinstaller/installer.py +0 -0
  28. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/depsinstaller/sudo_askpass.py +0 -0
  29. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/diff.py +0 -0
  30. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/dns/__init__.py +0 -0
  31. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/dns/brute.py +0 -0
  32. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/dns/dns.py +0 -0
  33. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/dns/engine.py +0 -0
  34. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/dns/helpers.py +0 -0
  35. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/dns/mock.py +0 -0
  36. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/files.py +0 -0
  37. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/helper.py +0 -0
  38. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/interactsh.py +0 -0
  39. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/libmagic.py +0 -0
  40. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/misc.py +0 -0
  41. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/names_generator.py +0 -0
  42. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/ntlm.py +0 -0
  43. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/process.py +0 -0
  44. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/ratelimiter.py +0 -0
  45. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/regex.py +0 -0
  46. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/regexes.py +0 -0
  47. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/url.py +0 -0
  48. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/validators.py +0 -0
  49. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/web/__init__.py +0 -0
  50. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/web/client.py +0 -0
  51. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/web/engine.py +0 -0
  52. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/web/ssl_context.py +0 -0
  53. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/web/web.py +0 -0
  54. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/helpers/wordcloud.py +0 -0
  55. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/modules.py +0 -0
  56. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/multiprocess.py +0 -0
  57. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/core/shared_deps.py +0 -0
  58. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/db/sql/models.py +0 -0
  59. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/defaults.yml +0 -0
  60. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/errors.py +0 -0
  61. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/logger.py +0 -0
  62. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/__init__.py +0 -0
  63. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/ajaxpro.py +0 -0
  64. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/anubisdb.py +0 -0
  65. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/apkpure.py +0 -0
  66. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/azure_realm.py +0 -0
  67. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/azure_tenant.py +0 -0
  68. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/baddns.py +0 -0
  69. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/baddns_direct.py +0 -0
  70. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/baddns_zone.py +0 -0
  71. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/badsecrets.py +0 -0
  72. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/base.py +0 -0
  73. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/bevigil.py +0 -0
  74. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/binaryedge.py +0 -0
  75. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/bucket_amazon.py +0 -0
  76. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/bucket_azure.py +0 -0
  77. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/bucket_digitalocean.py +0 -0
  78. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/bucket_file_enum.py +0 -0
  79. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/bucket_firebase.py +0 -0
  80. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/bucket_google.py +0 -0
  81. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/bufferoverrun.py +0 -0
  82. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/builtwith.py +0 -0
  83. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/bypass403.py +0 -0
  84. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/c99.py +0 -0
  85. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/censys.py +0 -0
  86. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/certspotter.py +0 -0
  87. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/chaos.py +0 -0
  88. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/code_repository.py +0 -0
  89. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/credshed.py +0 -0
  90. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/crt.py +0 -0
  91. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/deadly/dastardly.py +0 -0
  92. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/deadly/ffuf.py +0 -0
  93. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/deadly/nuclei.py +0 -0
  94. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/deadly/vhost.py +0 -0
  95. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/dehashed.py +0 -0
  96. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/digitorus.py +0 -0
  97. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/dnsbimi.py +0 -0
  98. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/dnsbrute.py +0 -0
  99. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/dnsbrute_mutations.py +0 -0
  100. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/dnscaa.py +0 -0
  101. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/dnscommonsrv.py +0 -0
  102. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/dnsdumpster.py +0 -0
  103. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/dnstlsrpt.py +0 -0
  104. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/docker_pull.py +0 -0
  105. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/dockerhub.py +0 -0
  106. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/dotnetnuke.py +0 -0
  107. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/emailformat.py +0 -0
  108. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/extractous.py +0 -0
  109. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/ffuf_shortnames.py +0 -0
  110. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/filedownload.py +0 -0
  111. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/fingerprintx.py +0 -0
  112. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/fullhunt.py +0 -0
  113. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/generic_ssrf.py +0 -0
  114. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/git.py +0 -0
  115. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/git_clone.py +0 -0
  116. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/github_codesearch.py +0 -0
  117. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/github_org.py +0 -0
  118. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/github_workflows.py +0 -0
  119. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/gitlab.py +0 -0
  120. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/google_playstore.py +0 -0
  121. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/gowitness.py +0 -0
  122. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/hackertarget.py +0 -0
  123. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/host_header.py +0 -0
  124. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/httpx.py +0 -0
  125. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/hunt.py +0 -0
  126. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/hunterio.py +0 -0
  127. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/iis_shortnames.py +0 -0
  128. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/internal/__init__.py +0 -0
  129. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/internal/aggregate.py +0 -0
  130. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/internal/base.py +0 -0
  131. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/internal/cloudcheck.py +0 -0
  132. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/internal/dnsresolve.py +0 -0
  133. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/internal/excavate.py +0 -0
  134. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/internal/speculate.py +0 -0
  135. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/internal/unarchive.py +0 -0
  136. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/internetdb.py +0 -0
  137. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/ip2location.py +0 -0
  138. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/ipneighbor.py +0 -0
  139. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/ipstack.py +0 -0
  140. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/jadx.py +0 -0
  141. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/leakix.py +0 -0
  142. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/myssl.py +0 -0
  143. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/newsletters.py +0 -0
  144. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/ntlm.py +0 -0
  145. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/oauth.py +0 -0
  146. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/otx.py +0 -0
  147. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/__init__.py +0 -0
  148. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/asset_inventory.py +0 -0
  149. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/base.py +0 -0
  150. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/csv.py +0 -0
  151. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/discord.py +0 -0
  152. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/emails.py +0 -0
  153. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/http.py +0 -0
  154. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/json.py +0 -0
  155. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/mysql.py +0 -0
  156. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/neo4j.py +0 -0
  157. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/nmap_xml.py +0 -0
  158. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/postgres.py +0 -0
  159. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/python.py +0 -0
  160. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/slack.py +0 -0
  161. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/splunk.py +0 -0
  162. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/sqlite.py +0 -0
  163. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/stdout.py +0 -0
  164. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/subdomains.py +0 -0
  165. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/teams.py +0 -0
  166. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/txt.py +0 -0
  167. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/web_parameters.py +0 -0
  168. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/web_report.py +0 -0
  169. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/output/websocket.py +0 -0
  170. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/paramminer_cookies.py +0 -0
  171. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/paramminer_getparams.py +0 -0
  172. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/paramminer_headers.py +0 -0
  173. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/passivetotal.py +0 -0
  174. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/pgp.py +0 -0
  175. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/portfilter.py +0 -0
  176. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/portscan.py +0 -0
  177. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/postman.py +0 -0
  178. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/postman_download.py +0 -0
  179. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/rapiddns.py +0 -0
  180. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/report/affiliates.py +0 -0
  181. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/report/asn.py +0 -0
  182. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/report/base.py +0 -0
  183. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/robots.py +0 -0
  184. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/securitytrails.py +0 -0
  185. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/securitytxt.py +0 -0
  186. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/shodan_dns.py +0 -0
  187. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/sitedossier.py +0 -0
  188. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/skymem.py +0 -0
  189. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/smuggler.py +0 -0
  190. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/social.py +0 -0
  191. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/sslcert.py +0 -0
  192. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/subdomaincenter.py +0 -0
  193. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/subdomainradar.py +0 -0
  194. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/templates/bucket.py +0 -0
  195. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/templates/github.py +0 -0
  196. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/templates/postman.py +0 -0
  197. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/templates/shodan.py +0 -0
  198. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/templates/sql.py +0 -0
  199. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/templates/subdomain_enum.py +0 -0
  200. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/templates/webhook.py +0 -0
  201. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/trickest.py +0 -0
  202. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/url_manipulation.py +0 -0
  203. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/urlscan.py +0 -0
  204. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/viewdns.py +0 -0
  205. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/virustotal.py +0 -0
  206. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/wafw00f.py +0 -0
  207. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/wappalyzer.py +0 -0
  208. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/wayback.py +0 -0
  209. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/wpscan.py +0 -0
  210. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/zoomeye.py +0 -0
  211. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/baddns-intense.yml +0 -0
  212. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/cloud-enum.yml +0 -0
  213. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/code-enum.yml +0 -0
  214. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/email-enum.yml +0 -0
  215. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/fast.yml +0 -0
  216. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/kitchen-sink.yml +0 -0
  217. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/nuclei/nuclei-budget.yml +0 -0
  218. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/nuclei/nuclei-intense.yml +0 -0
  219. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/nuclei/nuclei-technology.yml +0 -0
  220. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/nuclei/nuclei.yml +0 -0
  221. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/spider-intense.yml +0 -0
  222. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/spider.yml +0 -0
  223. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/subdomain-enum.yml +0 -0
  224. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/web/dirbust-heavy.yml +0 -0
  225. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/web/dirbust-light.yml +0 -0
  226. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/web/iis-shortnames.yml +0 -0
  227. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/web/paramminer.yml +0 -0
  228. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/web-basic.yml +0 -0
  229. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/web-screenshots.yml +0 -0
  230. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/web-thorough.yml +0 -0
  231. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/scanner/__init__.py +0 -0
  232. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/scanner/dispatcher.py +0 -0
  233. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/scanner/manager.py +0 -0
  234. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/scanner/preset/__init__.py +0 -0
  235. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/scanner/preset/args.py +0 -0
  236. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/scanner/preset/conditions.py +0 -0
  237. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/scanner/preset/environ.py +0 -0
  238. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/scanner/preset/path.py +0 -0
  239. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/scanner/preset/preset.py +0 -0
  240. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/scanner/scanner.py +0 -0
  241. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/scanner/stats.py +0 -0
  242. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/scanner/target.py +0 -0
  243. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/scripts/docs.py +0 -0
  244. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/__init__.py +0 -0
  245. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/bbot_fixtures.py +0 -0
  246. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/conftest.py +0 -0
  247. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/coverage.cfg +0 -0
  248. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/fastapi_test.py +0 -0
  249. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/owasp_mastg.apk +0 -0
  250. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/run_tests.sh +0 -0
  251. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test.conf +0 -0
  252. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_output.ndjson +0 -0
  253. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/__init__.py +0 -0
  254. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test__module__tests.py +0 -0
  255. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_bbot_fastapi.py +0 -0
  256. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_bloom_filter.py +0 -0
  257. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_cli.py +0 -0
  258. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_command.py +0 -0
  259. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_config.py +0 -0
  260. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_depsinstaller.py +0 -0
  261. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_dns.py +0 -0
  262. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_docs.py +0 -0
  263. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_engine.py +0 -0
  264. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_events.py +0 -0
  265. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_files.py +0 -0
  266. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_helpers.py +0 -0
  267. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_manager_deduplication.py +0 -0
  268. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_manager_scope_accuracy.py +0 -0
  269. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_modules_basic.py +0 -0
  270. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_presets.py +0 -0
  271. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_python_api.py +0 -0
  272. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_regexes.py +0 -0
  273. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_scan.py +0 -0
  274. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_scope.py +0 -0
  275. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_target.py +0 -0
  276. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_1/test_web.py +0 -0
  277. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/__init__.py +0 -0
  278. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/__init__.py +0 -0
  279. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/base.py +0 -0
  280. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_affiliates.py +0 -0
  281. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_aggregate.py +0 -0
  282. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_ajaxpro.py +0 -0
  283. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_anubisdb.py +0 -0
  284. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_apkpure.py +0 -0
  285. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_asn.py +0 -0
  286. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_asset_inventory.py +0 -0
  287. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_azure_realm.py +0 -0
  288. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_azure_tenant.py +0 -0
  289. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_baddns.py +0 -0
  290. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_baddns_direct.py +0 -0
  291. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_baddns_zone.py +0 -0
  292. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_badsecrets.py +0 -0
  293. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_bevigil.py +0 -0
  294. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_binaryedge.py +0 -0
  295. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_bucket_amazon.py +0 -0
  296. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_bucket_azure.py +0 -0
  297. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_bucket_digitalocean.py +0 -0
  298. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_bucket_file_enum.py +0 -0
  299. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_bucket_firebase.py +0 -0
  300. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_bucket_google.py +0 -0
  301. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_bufferoverrun.py +0 -0
  302. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_builtwith.py +0 -0
  303. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_bypass403.py +0 -0
  304. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_c99.py +0 -0
  305. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_censys.py +0 -0
  306. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_certspotter.py +0 -0
  307. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_chaos.py +0 -0
  308. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_cloudcheck.py +0 -0
  309. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_code_repository.py +0 -0
  310. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_credshed.py +0 -0
  311. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_crt.py +0 -0
  312. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_csv.py +0 -0
  313. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_dastardly.py +0 -0
  314. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_dehashed.py +0 -0
  315. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_digitorus.py +0 -0
  316. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_discord.py +0 -0
  317. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_dnsbimi.py +0 -0
  318. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_dnsbrute.py +0 -0
  319. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_dnsbrute_mutations.py +0 -0
  320. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_dnscaa.py +0 -0
  321. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_dnscommonsrv.py +0 -0
  322. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_dnsdumpster.py +0 -0
  323. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_dnsresolve.py +0 -0
  324. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_dnstlsrpt.py +0 -0
  325. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_docker_pull.py +0 -0
  326. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_dockerhub.py +0 -0
  327. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_dotnetnuke.py +0 -0
  328. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_emailformat.py +0 -0
  329. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_emails.py +0 -0
  330. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_excavate.py +0 -0
  331. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_extractous.py +0 -0
  332. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_ffuf.py +0 -0
  333. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_ffuf_shortnames.py +0 -0
  334. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_filedownload.py +0 -0
  335. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_fingerprintx.py +0 -0
  336. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_fullhunt.py +0 -0
  337. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_generic_ssrf.py +0 -0
  338. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_git.py +0 -0
  339. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_git_clone.py +0 -0
  340. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_github_codesearch.py +0 -0
  341. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_github_org.py +0 -0
  342. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_github_workflows.py +0 -0
  343. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_gitlab.py +0 -0
  344. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_google_playstore.py +0 -0
  345. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_gowitness.py +0 -0
  346. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_hackertarget.py +0 -0
  347. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_host_header.py +0 -0
  348. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_http.py +0 -0
  349. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_httpx.py +0 -0
  350. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_hunt.py +0 -0
  351. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_hunterio.py +0 -0
  352. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_iis_shortnames.py +0 -0
  353. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_internetdb.py +0 -0
  354. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_ip2location.py +0 -0
  355. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_ipneighbor.py +0 -0
  356. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_ipstack.py +0 -0
  357. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_jadx.py +0 -0
  358. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_json.py +0 -0
  359. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_leakix.py +0 -0
  360. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_mysql.py +0 -0
  361. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_myssl.py +0 -0
  362. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_neo4j.py +0 -0
  363. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_newsletters.py +0 -0
  364. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_nmap_xml.py +0 -0
  365. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_ntlm.py +0 -0
  366. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_nuclei.py +0 -0
  367. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_oauth.py +0 -0
  368. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_otx.py +0 -0
  369. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_paramminer_cookies.py +0 -0
  370. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_paramminer_getparams.py +0 -0
  371. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_paramminer_headers.py +0 -0
  372. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_passivetotal.py +0 -0
  373. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_pgp.py +0 -0
  374. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_portfilter.py +0 -0
  375. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_portscan.py +0 -0
  376. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_postgres.py +0 -0
  377. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_postman.py +0 -0
  378. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_postman_download.py +0 -0
  379. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_python.py +0 -0
  380. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_rapiddns.py +0 -0
  381. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_robots.py +0 -0
  382. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_securitytrails.py +0 -0
  383. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_securitytxt.py +0 -0
  384. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_shodan_dns.py +0 -0
  385. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_sitedossier.py +0 -0
  386. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_skymem.py +0 -0
  387. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_slack.py +0 -0
  388. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_smuggler.py +0 -0
  389. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_social.py +0 -0
  390. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_speculate.py +0 -0
  391. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_splunk.py +0 -0
  392. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_sqlite.py +0 -0
  393. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_sslcert.py +0 -0
  394. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_stdout.py +0 -0
  395. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_subdomaincenter.py +0 -0
  396. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_subdomainradar.py +0 -0
  397. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_subdomains.py +0 -0
  398. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_teams.py +0 -0
  399. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_trickest.py +0 -0
  400. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_trufflehog.py +0 -0
  401. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_txt.py +0 -0
  402. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_unarchive.py +0 -0
  403. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_url_manipulation.py +0 -0
  404. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_urlscan.py +0 -0
  405. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_vhost.py +0 -0
  406. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_viewdns.py +0 -0
  407. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_virustotal.py +0 -0
  408. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_wafw00f.py +0 -0
  409. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_wappalyzer.py +0 -0
  410. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_wayback.py +0 -0
  411. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_web_parameters.py +0 -0
  412. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_web_report.py +0 -0
  413. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_websocket.py +0 -0
  414. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_wpscan.py +0 -0
  415. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_zoomeye.py +0 -0
  416. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/template_tests/__init__.py +0 -0
  417. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/template_tests/test_template_subdomain_enum.py +0 -0
  418. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/testsslcert.pem +0 -0
  419. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/testsslkey.pem +0 -0
  420. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/wordlists/devops_mutations.txt +0 -0
  421. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/wordlists/ms_on_prem_subdomains.txt +0 -0
  422. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/wordlists/nameservers.txt +0 -0
  423. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/wordlists/paramminer_headers.txt +0 -0
  424. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/wordlists/paramminer_parameters.txt +0 -0
  425. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/wordlists/raft-small-extensions-lowercase_CLEANED.txt +0 -0
  426. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/wordlists/top_open_ports_nmap.txt +0 -0
  427. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/wordlists/valid_url_schemes.txt +0 -0
  428. {bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/wordlists/wordninja_dns.txt.gz +0 -0
{bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.3
2
2
  Name: bbot
3
- Version: 2.3.1.5815rc0
3
+ Version: 2.3.1.5820rc0
4
4
  Summary: OSINT automation for hackers.
5
5
  License: GPL-3.0
6
6
  Keywords: python,cli,automation,osint,threat-intel,intelligence,neo4j,scanner,python-library,hacking,recursion,pentesting,recon,command-line-tool,bugbounty,subdomains,security-tools,subdomain-scanner,osint-framework,attack-surface,subdomain-enumeration,osint-tool
{bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/__init__.py RENAMED
@@ -1,4 +1,4 @@
1
1
  # version placeholder (replaced by poetry-dynamic-versioning)
2
- __version__ = "v2.3.1.5815rc"
2
+ __version__ = "v2.3.1.5820rc"
3
3
 
4
4
  from .scanner import Scanner, Preset
{bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/telerik.py RENAMED
@@ -5,6 +5,21 @@ from bbot.modules.base import BaseModule
5
5
 
6
6
 
7
7
  class telerik(BaseModule):
8
+ """
9
+ Test for endpoints associated with Telerik.Web.UI.dll
10
+
11
+ Telerik.Web.UI.WebResource.axd (CVE-2017-11317)
12
+ Telerik.Web.UI.DialogHandler.aspx (CVE-2017-9248)
13
+ Telerik.Web.UI.SpellCheckHandler.axd (associated with CVE-2017-9248)
14
+ ChartImage.axd (CVE-2019-19790)
15
+
16
+ For the Telerik Report Server vulnerability (CVE-2024-4358) Use the Nuclei Template: (https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-4358.yaml)
17
+
18
+ With exploit_RAU_crypto enabled, the module will attempt to exploit CVE-2017-11317. THIS WILL UPLOAD A (benign) FILE IF SUCCESSFUL.
19
+
20
+ Will dedupe to host by default (running against first received URL). With include_subdirs enabled, will run against every directory.
21
+ """
22
+
8
23
  watched_events = ["URL", "HTTP_RESPONSE"]
9
24
  produced_events = ["VULNERABILITY", "FINDING"]
10
25
  flags = ["active", "aggressive", "web-thorough"]
@@ -139,8 +154,11 @@ class telerik(BaseModule):
139
154
 
140
155
  RAUConfirmed = []
141
156
 
142
- options = {"exploit_RAU_crypto": False}
143
- options_desc = {"exploit_RAU_crypto": "Attempt to confirm any RAU AXD detections are vulnerable"}
157
+ options = {"exploit_RAU_crypto": False, "include_subdirs": False}
158
+ options_desc = {
159
+ "exploit_RAU_crypto": "Attempt to confirm any RAU AXD detections are vulnerable",
160
+ "include_subdirs": "Include subdirectories in the scan (off by default)", # will create many finding events if used in conjunction with web spider or ffuf
161
+ }
144
162
 
145
163
  in_scope_only = True
146
164
 
@@ -162,19 +180,33 @@ class telerik(BaseModule):
162
180
 
163
181
  _module_threads = 5
164
182
 
183
+ @staticmethod
184
+ def normalize_url(url):
185
+ return str(url.rstrip("/") + "/").lower()
186
+
165
187
  def _incoming_dedup_hash(self, event):
166
188
  if event.type == "URL":
167
- return hash(event.host)
168
- else:
169
- return hash(event.data["url"])
189
+ if self.config.get("include_subdirs") is True:
190
+ return hash(f"{event.type}{self.normalize_url(event.data)}")
191
+ else:
192
+ return hash(f"{event.type}{event.netloc}")
193
+ else: # HTTP_RESPONSE
194
+ return hash(f"{event.type}{event.data['url']}")
170
195
 
171
196
  async def handle_event(self, event):
172
197
  if event.type == "URL":
198
+ if self.config.get("include_subdirs"):
199
+ base_url = self.normalize_url(event.data) # Use the entire URL including subdirectories
200
+
201
+ else:
202
+ base_url = f"{event.parsed_url.scheme}://{event.parsed_url.netloc}/" # path will be omitted
203
+
204
+ # Check for RAU AXD Handler
173
205
  webresource = "Telerik.Web.UI.WebResource.axd?type=rau"
174
- result, _ = await self.test_detector(event.data, webresource)
206
+ result, _ = await self.test_detector(base_url, webresource)
175
207
  if result:
176
208
  if "RadAsyncUpload handler is registered successfully" in result.text:
177
- self.debug("Detected Telerik instance (Telerik.Web.UI.WebResource.axd?type=rau)")
209
+ self.verbose("Detected Telerik instance (Telerik.Web.UI.WebResource.axd?type=rau)")
178
210
 
179
211
  probe_data = {
180
212
  "rauPostData": (
@@ -211,15 +243,14 @@ class telerik(BaseModule):
211
243
 
212
244
  description = f"Telerik RAU AXD Handler detected. Verbose Errors Enabled: [{str(verbose_errors)}] Version Guess: [{version}]"
213
245
  await self.emit_event(
214
- {"host": str(event.host), "url": f"{event.data}{webresource}", "description": description},
246
+ {"host": str(event.host), "url": f"{base_url}{webresource}", "description": description},
215
247
  "FINDING",
216
248
  event,
217
- context=f"{{module}} scanned {event.data} and identified {{event.type}}: Telerik RAU AXD Handler",
249
+ context=f"{{module}} scanned {base_url} and identified {{event.type}}: Telerik RAU AXD Handler",
218
250
  )
219
251
  if self.config.get("exploit_RAU_crypto") is True:
220
- hostname = urlparse(event.data).netloc
221
- if hostname not in self.RAUConfirmed:
222
- self.RAUConfirmed.append(hostname)
252
+ if base_url not in self.RAUConfirmed:
253
+ self.RAUConfirmed.append(base_url)
223
254
  root_tool_path = self.scan.helpers.tools_dir / "telerik"
224
255
  self.debug(root_tool_path)
225
256
 
@@ -242,17 +273,17 @@ class telerik(BaseModule):
242
273
  "severity": "CRITICAL",
243
274
  "description": description,
244
275
  "host": str(event.host),
245
- "url": f"{event.data}{webresource}",
276
+ "url": f"{base_url}{webresource}",
246
277
  },
247
278
  "VULNERABILITY",
248
279
  event,
249
- context=f"{{module}} scanned {event.data} and identified critical {{event.type}}: {description}",
280
+ context=f"{{module}} scanned {base_url} and identified critical {{event.type}}: {description}",
250
281
  )
251
282
  break
252
283
 
253
284
  urls = {}
254
285
  for dh in self.DialogHandlerUrls:
255
- url = self.create_url(event.data, f"{dh}?dp=1")
286
+ url = self.create_url(base_url, f"{dh}?dp=1")
256
287
  urls[url] = dh
257
288
 
258
289
  gen = self.helpers.request_batch(list(urls))
@@ -265,14 +296,14 @@ class telerik(BaseModule):
265
296
  # tolerate some random errors
266
297
  if fail_count < 2:
267
298
  continue
268
- self.debug(f"Cancelling run against {event.data} due to failed request")
299
+ self.debug(f"Cancelling run against {base_url} due to failed request")
269
300
  await gen.aclose()
270
301
  else:
271
302
  if "Cannot deserialize dialog parameters" in response.text:
272
303
  self.debug(f"Detected Telerik UI instance ({dh})")
273
304
  description = "Telerik DialogHandler detected"
274
305
  await self.emit_event(
275
- {"host": str(event.host), "url": f"{event.data}{dh}", "description": description},
306
+ {"host": str(event.host), "url": f"{base_url}{dh}", "description": description},
276
307
  "FINDING",
277
308
  event,
278
309
  )
@@ -280,12 +311,12 @@ class telerik(BaseModule):
280
311
  await gen.aclose()
281
312
 
282
313
  spellcheckhandler = "Telerik.Web.UI.SpellCheckHandler.axd"
283
- result, _ = await self.test_detector(event.data, spellcheckhandler)
314
+ result, _ = await self.test_detector(base_url, spellcheckhandler)
284
315
  status_code = getattr(result, "status_code", 0)
285
316
  # The standard behavior for the spellcheck handler without parameters is a 500
286
317
  if status_code == 500:
287
318
  # Sometimes webapps will just return 500 for everything, so rule out the false positive
288
- validate_result, _ = await self.test_detector(event.data, self.helpers.rand_string())
319
+ validate_result, _ = await self.test_detector(base_url, self.helpers.rand_string())
289
320
  self.debug(validate_result)
290
321
  validate_status_code = getattr(validate_result, "status_code", 0)
291
322
  if validate_status_code not in (0, 500):
@@ -294,31 +325,31 @@ class telerik(BaseModule):
294
325
  await self.emit_event(
295
326
  {
296
327
  "host": str(event.host),
297
- "url": f"{event.data}{spellcheckhandler}",
328
+ "url": f"{base_url}{spellcheckhandler}",
298
329
  "description": description,
299
330
  },
300
331
  "FINDING",
301
332
  event,
302
- context=f"{{module}} scanned {event.data} and identified {{event.type}}: Telerik SpellCheckHandler",
333
+ context=f"{{module}} scanned {base_url} and identified {{event.type}}: Telerik SpellCheckHandler",
303
334
  )
304
335
 
305
336
  chartimagehandler = "ChartImage.axd?ImageName=bqYXJAqm315eEd6b%2bY4%2bGqZpe7a1kY0e89gfXli%2bjFw%3d"
306
- result, _ = await self.test_detector(event.data, chartimagehandler)
337
+ result, _ = await self.test_detector(base_url, chartimagehandler)
307
338
  status_code = getattr(result, "status_code", 0)
308
339
  if status_code == 200:
309
340
  chartimagehandler_error = "ChartImage.axd?ImageName="
310
- result_error, _ = await self.test_detector(event.data, chartimagehandler_error)
341
+ result_error, _ = await self.test_detector(base_url, chartimagehandler_error)
311
342
  error_status_code = getattr(result_error, "status_code", 0)
312
343
  if error_status_code not in (0, 200):
313
344
  await self.emit_event(
314
345
  {
315
346
  "host": str(event.host),
316
- "url": f"{event.data}{chartimagehandler}",
347
+ "url": f"{base_url}{chartimagehandler}",
317
348
  "description": "Telerik ChartImage AXD Handler Detected",
318
349
  },
319
350
  "FINDING",
320
351
  event,
321
- context=f"{{module}} scanned {event.data} and identified {{event.type}}: Telerik ChartImage AXD Handler",
352
+ context=f"{{module}} scanned {base_url} and identified {{event.type}}: Telerik ChartImage AXD Handler",
322
353
  )
323
354
 
324
355
  elif event.type == "HTTP_RESPONSE":
@@ -348,14 +379,8 @@ class telerik(BaseModule):
348
379
  context="{module} searched HTTP_RESPONSE and identified {event.type}: Telerik AsyncUpload",
349
380
  )
350
381
 
351
- # Check for RAD Controls in URL
352
-
353
382
  def create_url(self, baseurl, detector):
354
- if not baseurl.endswith("/"):
355
- url = f"{baseurl}/{detector}"
356
- else:
357
- url = f"{baseurl}{detector}"
358
- return url
383
+ return f"{baseurl}{detector}"
359
384
 
360
385
  async def test_detector(self, baseurl, detector):
361
386
  result = None
{bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/modules/trufflehog.py RENAMED
@@ -13,7 +13,7 @@ class trufflehog(BaseModule):
13
13
  }
14
14
 
15
15
  options = {
16
- "version": "3.88.2",
16
+ "version": "3.88.3",
17
17
  "config": "",
18
18
  "only_verified": True,
19
19
  "concurrency": 8,
{bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/presets/web/dotnet-audit.yml RENAMED
@@ -19,3 +19,4 @@ config:
19
19
  extensions: asp,aspx,ashx,asmx,ascx
20
20
  telerik:
21
21
  exploit_RAU_crypto: True
22
+ include_subdirs: True # Run against every directory, not the default first received URL per-host
{bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/test/test_step_2/module_tests/test_module_telerik.py RENAMED
@@ -1,5 +1,5 @@
1
1
  import re
2
- from .base import ModuleTestBase
2
+ from .base import ModuleTestBase, tempwordlist
3
3
 
4
4
 
5
5
  class TestTelerik(ModuleTestBase):
@@ -28,7 +28,7 @@ class TestTelerik(ModuleTestBase):
28
28
  }
29
29
  module_test.set_expect_requests(expect_args=expect_args, respond_args=respond_args)
30
30
 
31
- # Simulate DialogHandler detection
31
+ # Simulate SpellCheckHandler detection
32
32
  expect_args = {"method": "GET", "uri": "/Telerik.Web.UI.SpellCheckHandler.axd"}
33
33
  respond_args = {"status": 500}
34
34
  module_test.set_expect_requests(expect_args=expect_args, respond_args=respond_args)
@@ -114,3 +114,58 @@ class TestTelerik(ModuleTestBase):
114
114
  assert telerik_dialoghandler_detection, "Telerik dialoghandler detection failed"
115
115
  assert telerik_chartimage_detection, "Telerik chartimage detection failed"
116
116
  assert telerik_http_response_parameters_detection, "Telerik SerializedParameters detection failed"
117
+
118
+
119
+ class TestTelerikDialogHandler_includesubdirs(TestTelerik):
120
+ targets = ["http://127.0.0.1:8888/", "http://127.0.0.1:8888/temp/"]
121
+ config_overrides = {
122
+ "modules": {
123
+ "telerik": {
124
+ "include_subdirs": True,
125
+ },
126
+ }
127
+ }
128
+ modules_overrides = ["httpx", "telerik"]
129
+
130
+ async def setup_before_prep(self, module_test):
131
+ # Simulate NO SpellCheckHandler detection (not testing for that with this test)
132
+ expect_args = {"method": "GET", "uri": "/Telerik.Web.UI.SpellCheckHandler.axd"}
133
+ respond_args = {"status": 404}
134
+ module_test.set_expect_requests(expect_args=expect_args, respond_args=respond_args)
135
+
136
+ # Simulate DialogHandler detection
137
+ expect_args = {"method": "GET", "uri": "/App_Master/Telerik.Web.UI.DialogHandler.aspx"}
138
+ respond_args = {
139
+ "response_data": '<input type="hidden" name="dialogParametersHolder" id="dialogParametersHolder" /><div style=\'color:red\'>Cannot deserialize dialog parameters. Please refresh the editor page.</div><div>Error Message:Invalid length for a Base-64 char array or string.</div></form></body></html>'
140
+ }
141
+ module_test.set_expect_requests(expect_args=expect_args, respond_args=respond_args)
142
+
143
+ # Simulate DialogHandler detection (in /temp)
144
+ expect_args = {"method": "GET", "uri": "/temp/App_Master/Telerik.Web.UI.DialogHandler.aspx"}
145
+ respond_args = {
146
+ "response_data": '<input type="hidden" name="dialogParametersHolder" id="dialogParametersHolder" /><div style=\'color:red\'>Cannot deserialize dialog parameters. Please refresh the editor page.</div><div>Error Message:Invalid length for a Base-64 char array or string.</div></form></body></html>'
147
+ }
148
+ module_test.set_expect_requests(expect_args=expect_args, respond_args=respond_args)
149
+
150
+ # Simulate /temp directory detection
151
+ expect_args = {"method": "GET", "uri": "/temp/"}
152
+ respond_args = {"response_data": "Temporary directory found"}
153
+ module_test.set_expect_requests(expect_args=expect_args, respond_args=respond_args)
154
+
155
+ # Fallback
156
+ expect_args = {"method": "GET", "uri": "/"}
157
+ respond_args = {"response_data": "alive"}
158
+ module_test.set_expect_requests(expect_args=expect_args, respond_args=respond_args)
159
+
160
+ async def setup_after_prep(self, module_test):
161
+ module_test.scan.modules["telerik"].telerikVersions = ["2014.2.724", "2014.3.1024", "2015.1.204"]
162
+ module_test.scan.modules["telerik"].DialogHandlerUrls = [
163
+ "App_Master/Telerik.Web.UI.DialogHandler.aspx",
164
+ ]
165
+
166
+ def check(self, module_test, events):
167
+ # Check if the expected requests were made
168
+ finding_count = sum(
169
+ 1 for e in events if e.type == "FINDING" and "Telerik DialogHandler detected" in e.data["description"]
170
+ )
171
+ assert finding_count == 2, "Expected 2 FINDING events (root and /temp), got {finding_count}"
{bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/pyproject.toml RENAMED
@@ -1,6 +1,6 @@
1
1
  [tool.poetry]
2
2
  name = "bbot"
3
- version = "v2.3.1.5815rc"
3
+ version = "v2.3.1.5820rc"
4
4
  description = "OSINT automation for hackers."
5
5
  authors = [
6
6
  "TheTechromancer",
{bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/LICENSE RENAMED
File without changes
{bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/README.md RENAMED
File without changes
{bbot-2.3.1.5815rc0 → bbot-2.3.1.5820rc0}/bbot/cli.py RENAMED
File without changes