bbot 2.4.2.6590rc0__py3-none-any.whl → 2.4.2.6596rc0__py3-none-any.whl

bbot/__init__.py

@@ -1,5 +1,5 @@
 # version placeholder (replaced by poetry-dynamic-versioning)
-__version__ = "v2.4.2.6590rc"
+__version__ = "v2.4.2.6596rc"
 
 from .scanner import Scanner, Preset
 

bbot/presets/web/lightfuzz-xss.yml

@@ -1,4 +1,5 @@
 description: Discover web parameters and lightly fuzz them, limited to just GET-based xss vulnerabilities. This is an example of a custom lightfuzz preset, selectively enabling a single lightfuzz module.
+
 modules:
   - httpx
   - lightfuzz

bbot/scanner/preset/path.py

@@ -6,6 +6,7 @@ from bbot.errors import *
 log = logging.getLogger("bbot.presets.path")
 
 DEFAULT_PRESET_PATH = Path(__file__).parent.parent.parent / "presets"
+DEFAULT_PRESET_PATH = DEFAULT_PRESET_PATH.expanduser().resolve()
 
 
 class PresetPath:
@@ -17,7 +18,7 @@ class PresetPath:
         self.paths = [DEFAULT_PRESET_PATH]
 
     def find(self, filename):
-        filename_path = Path(filename).resolve()
+        filename_path = Path(filename).expanduser().resolve()
         extension = filename_path.suffix.lower()
         file_candidates = set()
         extension_candidates = {".yaml", ".yml"}
@@ -29,16 +30,12 @@ class PresetPath:
             file_candidates.add(f"{filename_path.stem}{ext}")
         file_candidates = sorted(file_candidates)
         file_candidates_str = ",".join([str(s) for s in file_candidates])
-        paths_to_search = self.paths
         if "/" in str(filename):
-            if filename_path.parent not in paths_to_search:
-                paths_to_search.append(filename_path.parent)
-        log.debug(
-            f"Searching for preset in {[str(p) for p in paths_to_search]}, file candidates: {file_candidates_str}"
-        )
-        for path in paths_to_search:
+            self.add_path(filename_path.parent)
+        log.debug(f"Searching for {file_candidates_str} in {[str(p) for p in self.paths]}")
+        for path in self.paths:
             for candidate in file_candidates:
-                for file in path.rglob(candidate):
+                for file in path.rglob(f"**/{candidate}"):
                     if file.is_file():
                         log.verbose(f'Found preset matching "{filename}" at {file}')
                         self.add_path(file.parent)
@@ -51,14 +48,19 @@ class PresetPath:
         return ":".join([str(s) for s in self.paths])
 
     def add_path(self, path):
-        path = Path(path).resolve()
+        path = Path(path).expanduser().resolve()
+        # skip if already in paths
         if path in self.paths:
             return
+        # skip if path is a subdirectory of any path in paths
         if any(path.is_relative_to(p) for p in self.paths):
             return
+        # skip if path is not a directory
         if not path.is_dir():
             log.debug(f'Path "{path.resolve()}" is not a directory')
             return
+        # preemptively remove any paths that are subdirectories of the new path
+        self.paths = [p for p in self.paths if not p.is_relative_to(path)]
         self.paths.append(path)
 
     def __iter__(self):

bbot/scanner/preset/preset.py

@@ -308,7 +308,7 @@ class Preset(metaclass=BasePreset):
 
     @property
     def preset_dir(self):
-        return self.bbot_home / "presets"
+        return (self.bbot_home / "presets").expanduser().resolve()
 
     @property
     def default_output_modules(self):
@@ -413,30 +413,32 @@ class Preset(metaclass=BasePreset):
         self.log_debug("Getting baked")
         # create a copy of self
         baked_preset = copy(self)
-        baked_preset.scan = scan
+
         # copy core
         baked_preset.core = self.core.copy()
-        # copy module loader
-        baked_preset._module_loader = self.module_loader.copy()
-        # prepare os environment
-        os_environ = baked_preset.environ.prepare()
-        # find and replace preloaded modules with os environ
-        # this is different from the config variable substitution because it modifies
-        #  the preloaded modules, i.e. their ansible playbooks
-        baked_preset.module_loader.find_and_replace(**os_environ)
-        # update os environ
-        os.environ.clear()
-        os.environ.update(os_environ)
 
-        # validate flags, config options
-        baked_preset.validate()
+        if scan is not None:
+            baked_preset.scan = scan
+            # copy module loader
+            baked_preset._module_loader = self.module_loader.copy()
+            # prepare os environment
+            os_environ = baked_preset.environ.prepare()
+            # find and replace preloaded modules with os environ
+            # this is different from the config variable substitution because it modifies
+            #  the preloaded modules, i.e. their ansible playbooks
+            baked_preset.module_loader.find_and_replace(**os_environ)
+            # update os environ
+            os.environ.clear()
+            os.environ.update(os_environ)
+
+            # assign baked preset to our scan
+            scan.preset = baked_preset
 
         # validate log level options
         baked_preset.apply_log_level(apply_core=scan is not None)
 
-        # assign baked preset to our scan
-        if scan is not None:
-            scan.preset = baked_preset
+        # validate flags, config options
+        baked_preset.validate()
 
         # now that our requirements / exclusions are validated, we can start enabling modules
         # enable scan modules
@@ -483,15 +485,19 @@ class Preset(metaclass=BasePreset):
         from bbot.scanner.target import BBOTTarget
 
         baked_preset._target = BBOTTarget(
-            *list(self._seeds), whitelist=self._whitelist, blacklist=self._blacklist, strict_scope=self.strict_scope
+            *list(self._seeds),
+            whitelist=self._whitelist,
+            blacklist=self._blacklist,
+            strict_scope=self.strict_scope,
         )
 
-        # evaluate conditions
-        if baked_preset.conditions:
-            from .conditions import ConditionEvaluator
+        if scan is not None:
+            # evaluate conditions
+            if baked_preset.conditions:
+                from .conditions import ConditionEvaluator
 
-            evaluator = ConditionEvaluator(baked_preset)
-            evaluator.evaluate()
+                evaluator = ConditionEvaluator(baked_preset)
+                evaluator.evaluate()
 
         self._baked = True
         return baked_preset
@@ -562,6 +568,12 @@ class Preset(metaclass=BasePreset):
         return self.scope_config.get("strict", False)
 
     def apply_log_level(self, apply_core=False):
+        """
+        Apply the log level to the preset.
+
+        Args:
+            apply_core (bool, optional): If True, apply the log level to the core logger.
+        """
         # silent takes precedence
         if self.silent:
             self.verbose = False
@@ -920,20 +932,17 @@ class Preset(metaclass=BasePreset):
         """
         Recursively find all the presets and return them as a dictionary
         """
-        preset_dir = self.preset_dir
-        home_dir = Path.home()
-
         # first, add local preset dir to PRESET_PATH
         PRESET_PATH.add_path(self.preset_dir)
 
         # ensure local preset directory exists
-        mkdir(preset_dir)
+        mkdir(self.preset_dir)
 
         global DEFAULT_PRESETS
         if DEFAULT_PRESETS is None:
             presets = {}
-            for ext in ("yml", "yaml"):
-                for preset_path in PRESET_PATH:
+            for preset_path in PRESET_PATH:
+                for ext in ("yml", "yaml"):
                     # for every yaml file
                     for original_filename in preset_path.rglob(f"**/*.{ext}"):
                         # not including symlinks
@@ -957,18 +966,14 @@ class Preset(metaclass=BasePreset):
 
                         local_preset = original_filename
                         # populate symlinks in local preset dir
-                        if not original_filename.is_relative_to(preset_dir):
+                        if not original_filename.is_relative_to(self.preset_dir):
                             relative_preset = original_filename.relative_to(preset_path)
-                            local_preset = preset_dir / relative_preset
+                            local_preset = self.preset_dir / relative_preset
                             mkdir(local_preset.parent, check_writable=False)
                             if not local_preset.exists():
                                 local_preset.symlink_to(original_filename)
 
-                        # collapse home directory into "~"
-                        if local_preset.is_relative_to(home_dir):
-                            local_preset = Path("~") / local_preset.relative_to(home_dir)
-
-                        presets[local_preset] = (loaded_preset, category, preset_path, original_filename)
+                        presets[local_preset.stem] = (loaded_preset, category, preset_path, original_filename)
 
             # sort by name
             DEFAULT_PRESETS = dict(sorted(presets.items(), key=lambda x: x[-1][0].name))

bbot/scripts/docs.py

@@ -198,15 +198,15 @@ def update_docs():
     update_md_files("BBOT PRESETS", bbot_presets_table)
 
     # BBOT presets
-    for yaml_file, (loaded_preset, category, preset_path, original_filename) in DEFAULT_PRESET.all_presets.items():
+    for _, (loaded_preset, category, preset_path, original_filename) in DEFAULT_PRESET.all_presets.items():
         preset_yaml = f"""
-```yaml title={yaml_file.name}
+```yaml title={preset_path.name}
 {loaded_preset._yaml_str}
 ```
 """
         preset_yaml_expandable = f"""
 <details>
-<summary><b><code>{yaml_file.name}</code></b></summary>
+<summary><b><code>{preset_path.name}</code></b></summary>
 
 ```yaml
 {loaded_preset._yaml_str}
@@ -218,11 +218,11 @@ def update_docs():
         update_md_files(f"BBOT {loaded_preset.name.upper()} PRESET EXPANDABLE", preset_yaml_expandable)
 
     content = []
-    for yaml_file, (loaded_preset, category, preset_path, original_filename) in DEFAULT_PRESET.all_presets.items():
+    for _, (loaded_preset, category, preset_path, original_filename) in DEFAULT_PRESET.all_presets.items():
         yaml_str = loaded_preset._yaml_str
         indent = " " * 4
         yaml_str = f"\n{indent}".join(yaml_str.splitlines())
-        filename = homedir_collapseuser(yaml_file)
+        filename = homedir_collapseuser(preset_path)
 
         num_modules = len(loaded_preset.scan_modules)
         modules = ", ".join(sorted([f"`{m}`" for m in loaded_preset.scan_modules]))

{bbot-2.4.2.6590rc0.dist-info → bbot-2.4.2.6596rc0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: bbot
-Version: 2.4.2.6590rc0
+Version: 2.4.2.6596rc0
 Summary: OSINT automation for hackers.
 License: GPL-3.0
 Keywords: python,cli,automation,osint,threat-intel,intelligence,neo4j,scanner,python-library,hacking,recursion,pentesting,recon,command-line-tool,bugbounty,subdomains,security-tools,subdomain-scanner,osint-framework,attack-surface,subdomain-enumeration,osint-tool

{bbot-2.4.2.6590rc0.dist-info → bbot-2.4.2.6596rc0.dist-info}/RECORD

@@ -1,4 +1,4 @@
-bbot/__init__.py,sha256=mI2Io-jdyc-O8pxTT_Lt7Mj9LUg-UjBRikUOBQOrAmo,163
+bbot/__init__.py,sha256=f_lWfZIjwByTjeR_K-ytNiRjidI-4UQrBdUUWh9BFdk,163
 bbot/cli.py,sha256=1QJbANVw9Q3GFM92H2QRV2ds5756ulm08CDZwzwPpeI,11888
 bbot/core/__init__.py,sha256=l255GJE_DvUnWvrRb0J5lG-iMztJ8zVvoweDOfegGtI,46
 bbot/core/config/__init__.py,sha256=zYNw2Me6tsEr8hOOkLb4BQ97GB7Kis2k--G81S8vofU,342
@@ -240,7 +240,7 @@ bbot/presets/web/lightfuzz-heavy.yml,sha256=a-f11tSUj5NhVQJNm2NJb4OqXV8oPnwnd1kb
 bbot/presets/web/lightfuzz-light.yml,sha256=pkjTa5ULeOhCgRYPAoJR-cVfyhErT3I1aqmWGHTIgBk,899
 bbot/presets/web/lightfuzz-medium.yml,sha256=e5dKHkiGbLMIw1fTC6lKGH4UpnWit1XtvVdIuFS8dY4,497
 bbot/presets/web/lightfuzz-superheavy.yml,sha256=c5x-EpK-xbg-qWxPXLLp3ysKFl1LRhJyl_SlkPVowxQ,857
-bbot/presets/web/lightfuzz-xss.yml,sha256=5dNAmzwkdCyLy-disLO9V-eCQ1mOMNiNdQWNjGE4NlQ,679
+bbot/presets/web/lightfuzz-xss.yml,sha256=LMe968_iKyQhnm1nPh6zXDeNyDum2_MPkLg7ukqr93A,680
 bbot/presets/web/paramminer.yml,sha256=8n-aDzufrZdtIlZwI0yh4-rQiwU1FPODYwmyra3l-1M,393
 bbot/presets/web-basic.yml,sha256=6YWSYclbuf9yr8-gILDpLvOUj5QjP4rlarm5_d5iBFw,79
 bbot/presets/web-screenshots.yml,sha256=Kh5yDh2kKLJPxO5A67VxKWzou6XU1Ct-NFZqYsa6Zh8,338
@@ -252,12 +252,12 @@ bbot/scanner/preset/__init__.py,sha256=If_YqKILIxjlaJvf8lFc5zQTHDkounLdC8x_72N-V
 bbot/scanner/preset/args.py,sha256=yADXhmmLWBODsEqw1NbEBh8UWltUEoB--2S7myHTwAQ,19212
 bbot/scanner/preset/conditions.py,sha256=hFL9cSIWGEsv2TfM5UGurf0c91cyaM8egb5IngBmIjA,1569
 bbot/scanner/preset/environ.py,sha256=9KbEOLWkUdoAf5Ez_2A1NNm6QduQElbnNnrPi6VDhZs,4731
-bbot/scanner/preset/path.py,sha256=Q29MO8cOEn690yW6bB08P72kbZ3C-H_TOEoXuwWnFM8,2274
-bbot/scanner/preset/preset.py,sha256=guntxt2RBX3bgXR4aFWOZwjGLHed66VJe-bXyaoTd08,40745
+bbot/scanner/preset/path.py,sha256=0BnhI3brWdkpE96ZOEQwfwhZoKMMnXx0uXPVdAg8spI,2500
+bbot/scanner/preset/preset.py,sha256=t9Aa3n3mpGVZ274z2hXaGsdpRZe0BSGuF3WTM6Dinj8,40817
 bbot/scanner/scanner.py,sha256=2slrxEfcBjSZgZ1jmQ34a4X6aMli80K85_eY8ti7zZQ,55471
 bbot/scanner/stats.py,sha256=re93sArKXZSiD0Owgqk2J3Kdvfm3RL4Y9Qy_VOcaVk8,3623
 bbot/scanner/target.py,sha256=lI0Tn5prQiPiJE3WW-ZLx_l6EFqzAVabtyL-nfXJ8cE,10636
-bbot/scripts/docs.py,sha256=ZLY9-O6OeEElzOUvTglO5EMkRv1s4aEuxJb2CthCVsI,10782
+bbot/scripts/docs.py,sha256=paB_n6yzuuglNsc90h_-XzudWavwIbM6l62OUoGjsww,10772
 bbot/test/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 bbot/test/bbot_fixtures.py,sha256=XrCQDLVe80BG3QTUDnXb0y-cWnBpJJoRh2Z3J3xJn_w,9961
 bbot/test/conftest.py,sha256=OacpJ98g00HqCoHpEnuzzMK47LkbZdJWr25Pm0SbTM0,11783
@@ -450,8 +450,8 @@ bbot/wordlists/raft-small-extensions-lowercase_CLEANED.txt,sha256=ZSIVebs7ptMvHx
 bbot/wordlists/top_open_ports_nmap.txt,sha256=LmdFYkfapSxn1pVuQC2LkOIY2hMLgG-Xts7DVtYzweM,42727
 bbot/wordlists/valid_url_schemes.txt,sha256=0B_VAr9Dv7aYhwi6JSBDU-3M76vNtzN0qEC_RNLo7HE,3310
 bbot/wordlists/wordninja_dns.txt.gz,sha256=DYHvvfW0TvzrVwyprqODAk4tGOxv5ezNmCPSdPuDUnQ,570241
-bbot-2.4.2.6590rc0.dist-info/LICENSE,sha256=GzeCzK17hhQQDNow0_r0L8OfLpeTKQjFQwBQU7ZUymg,32473
-bbot-2.4.2.6590rc0.dist-info/METADATA,sha256=fPojuean3_Dk8ZEd8YQ1V4FBfpyl6tZABs1jjqdbP_s,18308
-bbot-2.4.2.6590rc0.dist-info/WHEEL,sha256=fGIA9gx4Qxk2KDKeNJCbOEwSrmLtjWCwzBz351GyrPQ,88
-bbot-2.4.2.6590rc0.dist-info/entry_points.txt,sha256=cWjvcU_lLrzzJgjcjF7yeGuRA_eDS8pQ-kmPUAyOBfo,38
-bbot-2.4.2.6590rc0.dist-info/RECORD,,
+bbot-2.4.2.6596rc0.dist-info/LICENSE,sha256=GzeCzK17hhQQDNow0_r0L8OfLpeTKQjFQwBQU7ZUymg,32473
+bbot-2.4.2.6596rc0.dist-info/METADATA,sha256=OsjFtdUM6w_FKP6FlYNmAhgYlnQTc8bOKqvOOYv4HfE,18308
+bbot-2.4.2.6596rc0.dist-info/WHEEL,sha256=fGIA9gx4Qxk2KDKeNJCbOEwSrmLtjWCwzBz351GyrPQ,88
+bbot-2.4.2.6596rc0.dist-info/entry_points.txt,sha256=cWjvcU_lLrzzJgjcjF7yeGuRA_eDS8pQ-kmPUAyOBfo,38
+bbot-2.4.2.6596rc0.dist-info/RECORD,,