PyPI - bbot - Versions diffs - 2.5.0__py3-none-any.whl → 2.7.2.7424rc0__py3-none-any.whl - Mend

bbot 2.5.0py3-none-any.whl → 2.7.2.7424rc0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (144) hide show

bbot/__init__.py +1 -1
bbot/cli.py +22 -8
bbot/core/engine.py +1 -1
bbot/core/event/__init__.py +2 -2
bbot/core/event/base.py +138 -110
bbot/core/flags.py +1 -0
bbot/core/helpers/bloom.py +6 -7
bbot/core/helpers/command.py +5 -2
bbot/core/helpers/depsinstaller/installer.py +78 -7
bbot/core/helpers/dns/dns.py +0 -1
bbot/core/helpers/dns/engine.py +0 -2
bbot/core/helpers/files.py +2 -2
bbot/core/helpers/git.py +17 -0
bbot/core/helpers/helper.py +6 -5
bbot/core/helpers/misc.py +15 -28
bbot/core/helpers/names_generator.py +5 -0
bbot/core/helpers/ntlm.py +0 -2
bbot/core/helpers/regex.py +1 -1
bbot/core/helpers/regexes.py +25 -8
bbot/core/helpers/web/engine.py +1 -1
bbot/core/helpers/web/web.py +2 -1
bbot/core/modules.py +22 -60
bbot/core/shared_deps.py +38 -0
bbot/defaults.yml +4 -2
bbot/modules/apkpure.py +2 -2
bbot/modules/aspnet_bin_exposure.py +80 -0
bbot/modules/baddns.py +1 -1
bbot/modules/baddns_direct.py +1 -1
bbot/modules/baddns_zone.py +1 -1
bbot/modules/badsecrets.py +1 -1
bbot/modules/base.py +129 -40
bbot/modules/bucket_amazon.py +1 -1
bbot/modules/bucket_digitalocean.py +1 -1
bbot/modules/bucket_firebase.py +1 -1
bbot/modules/bucket_google.py +1 -1
bbot/modules/{bucket_azure.py → bucket_microsoft.py} +2 -2
bbot/modules/builtwith.py +4 -2
bbot/modules/c99.py +1 -1
bbot/modules/dnsbimi.py +1 -4
bbot/modules/dnsbrute.py +6 -1
bbot/modules/dnscommonsrv.py +1 -0
bbot/modules/dnsdumpster.py +35 -52
bbot/modules/dnstlsrpt.py +0 -6
bbot/modules/docker_pull.py +2 -2
bbot/modules/emailformat.py +17 -1
bbot/modules/ffuf.py +4 -1
bbot/modules/ffuf_shortnames.py +6 -3
bbot/modules/filedownload.py +8 -5
bbot/modules/fullhunt.py +1 -1
bbot/modules/git_clone.py +47 -22
bbot/modules/gitdumper.py +5 -15
bbot/modules/github_workflows.py +6 -5
bbot/modules/gitlab_com.py +31 -0
bbot/modules/gitlab_onprem.py +84 -0
bbot/modules/gowitness.py +60 -30
bbot/modules/graphql_introspection.py +145 -0
bbot/modules/httpx.py +2 -0
bbot/modules/hunt.py +10 -3
bbot/modules/iis_shortnames.py +16 -7
bbot/modules/internal/cloudcheck.py +65 -72
bbot/modules/internal/unarchive.py +9 -3
bbot/modules/lightfuzz/lightfuzz.py +6 -2
bbot/modules/lightfuzz/submodules/esi.py +42 -0
bbot/modules/{deadly/medusa.py → medusa.py} +4 -7
bbot/modules/nuclei.py +2 -2
bbot/modules/otx.py +9 -2
bbot/modules/output/base.py +3 -11
bbot/modules/paramminer_headers.py +10 -7
bbot/modules/passivetotal.py +1 -1
bbot/modules/portfilter.py +2 -0
bbot/modules/portscan.py +1 -1
bbot/modules/postman_download.py +2 -2
bbot/modules/retirejs.py +232 -0
bbot/modules/securitytxt.py +0 -3
bbot/modules/sslcert.py +2 -2
bbot/modules/subdomaincenter.py +1 -16
bbot/modules/telerik.py +7 -2
bbot/modules/templates/bucket.py +24 -4
bbot/modules/templates/gitlab.py +98 -0
bbot/modules/trufflehog.py +7 -4
bbot/modules/wafw00f.py +2 -2
bbot/presets/web/dotnet-audit.yml +1 -0
bbot/presets/web/lightfuzz-heavy.yml +1 -1
bbot/presets/web/lightfuzz-medium.yml +1 -1
bbot/presets/web/lightfuzz-superheavy.yml +1 -1
bbot/scanner/manager.py +44 -37
bbot/scanner/scanner.py +17 -4
bbot/scripts/benchmark_report.py +433 -0
bbot/test/benchmarks/__init__.py +2 -0
bbot/test/benchmarks/test_bloom_filter_benchmarks.py +105 -0
bbot/test/benchmarks/test_closest_match_benchmarks.py +76 -0
bbot/test/benchmarks/test_event_validation_benchmarks.py +438 -0
bbot/test/benchmarks/test_excavate_benchmarks.py +291 -0
bbot/test/benchmarks/test_ipaddress_benchmarks.py +143 -0
bbot/test/benchmarks/test_weighted_shuffle_benchmarks.py +70 -0
bbot/test/conftest.py +1 -1
bbot/test/test_step_1/test_bbot_fastapi.py +2 -2
bbot/test/test_step_1/test_events.py +22 -21
bbot/test/test_step_1/test_helpers.py +20 -0
bbot/test/test_step_1/test_manager_scope_accuracy.py +45 -0
bbot/test/test_step_1/test_modules_basic.py +40 -15
bbot/test/test_step_1/test_python_api.py +2 -2
bbot/test/test_step_1/test_regexes.py +21 -4
bbot/test/test_step_1/test_scan.py +7 -8
bbot/test/test_step_1/test_web.py +46 -0
bbot/test/test_step_2/module_tests/base.py +6 -1
bbot/test/test_step_2/module_tests/test_module_aspnet_bin_exposure.py +73 -0
bbot/test/test_step_2/module_tests/test_module_bucket_amazon.py +52 -18
bbot/test/test_step_2/module_tests/test_module_bucket_google.py +1 -1
bbot/test/test_step_2/module_tests/{test_module_bucket_azure.py → test_module_bucket_microsoft.py} +7 -5
bbot/test/test_step_2/module_tests/test_module_cloudcheck.py +19 -31
bbot/test/test_step_2/module_tests/test_module_dnsbimi.py +2 -1
bbot/test/test_step_2/module_tests/test_module_dnsdumpster.py +3 -5
bbot/test/test_step_2/module_tests/test_module_emailformat.py +1 -1
bbot/test/test_step_2/module_tests/test_module_emails.py +2 -2
bbot/test/test_step_2/module_tests/test_module_excavate.py +64 -5
bbot/test/test_step_2/module_tests/test_module_extractous.py +13 -1
bbot/test/test_step_2/module_tests/test_module_github_workflows.py +10 -1
bbot/test/test_step_2/module_tests/test_module_gitlab_com.py +66 -0
bbot/test/test_step_2/module_tests/{test_module_gitlab.py → test_module_gitlab_onprem.py} +4 -69
bbot/test/test_step_2/module_tests/test_module_gowitness.py +5 -5
bbot/test/test_step_2/module_tests/test_module_graphql_introspection.py +34 -0
bbot/test/test_step_2/module_tests/test_module_iis_shortnames.py +46 -1
bbot/test/test_step_2/module_tests/test_module_jadx.py +9 -0
bbot/test/test_step_2/module_tests/test_module_lightfuzz.py +71 -3
bbot/test/test_step_2/module_tests/test_module_nuclei.py +8 -6
bbot/test/test_step_2/module_tests/test_module_otx.py +3 -0
bbot/test/test_step_2/module_tests/test_module_portfilter.py +2 -0
bbot/test/test_step_2/module_tests/test_module_retirejs.py +161 -0
bbot/test/test_step_2/module_tests/test_module_telerik.py +1 -1
bbot/test/test_step_2/module_tests/test_module_trufflehog.py +10 -1
bbot/test/test_step_2/module_tests/test_module_unarchive.py +9 -0
{bbot-2.5.0.dist-info → bbot-2.7.2.7424rc0.dist-info}/METADATA +12 -9
{bbot-2.5.0.dist-info → bbot-2.7.2.7424rc0.dist-info}/RECORD +137 -124
{bbot-2.5.0.dist-info → bbot-2.7.2.7424rc0.dist-info}/WHEEL +1 -1
{bbot-2.5.0.dist-info → bbot-2.7.2.7424rc0.dist-info/licenses}/LICENSE +98 -58
bbot/modules/binaryedge.py +0 -42
bbot/modules/censys.py +0 -98
bbot/modules/gitlab.py +0 -141
bbot/modules/zoomeye.py +0 -77
bbot/test/test_step_2/module_tests/test_module_binaryedge.py +0 -33
bbot/test/test_step_2/module_tests/test_module_censys.py +0 -83
bbot/test/test_step_2/module_tests/test_module_zoomeye.py +0 -35
{bbot-2.5.0.dist-info → bbot-2.7.2.7424rc0.dist-info}/entry_points.txt +0 -0

bbot/modules/portscan.py CHANGED Viewed

@@ -144,7 +144,7 @@ class portscan(BaseModule):
                                 emitted_hosts.add(host)
         finally:
             for file in (stats_file, target_file):
-                file.unlink()
+                file.unlink(missing_ok=True)
     async def make_targets(self, events, scanned_tracker):
         """

bbot/modules/postman_download.py CHANGED Viewed

@@ -7,7 +7,7 @@ from bbot.modules.templates.postman import postman
 class postman_download(postman):
     watched_events = ["CODE_REPOSITORY"]
     produced_events = ["FILESYSTEM"]
-    flags = ["passive", "subdomain-enum", "safe", "code-enum"]
+    flags = ["passive", "subdomain-enum", "safe", "code-enum", "download"]
     meta = {
         "description": "Download workspaces, collections, requests from Postman",
         "created_date": "2024-09-07",
@@ -25,7 +25,7 @@ class postman_download(postman):
         if output_folder:
             self.output_dir = Path(output_folder) / "postman_workspaces"
         else:
-            self.output_dir = self.helpers.temp_dir / "postman_workspaces"
+            self.output_dir = self.scan.temp_dir / "postman_workspaces"
         self.helpers.mkdir(self.output_dir)
         return await super().setup()

bbot/modules/retirejs.py ADDED Viewed

@@ -0,0 +1,232 @@
+import json
+from enum import IntEnum
+from bbot.modules.base import BaseModule
+class RetireJSSeverity(IntEnum):
+    NONE = 0
+    LOW = 1
+    MEDIUM = 2
+    HIGH = 3
+    CRITICAL = 4
+    @classmethod
+    def from_string(cls, severity_str):
+        try:
+            return cls[severity_str.upper()]
+        except (KeyError, AttributeError):
+            return cls.NONE
+class retirejs(BaseModule):
+    watched_events = ["URL_UNVERIFIED"]
+    produced_events = ["FINDING"]
+    flags = ["active", "safe", "web-thorough"]
+    meta = {
+        "description": "Detect vulnerable/out-of-date JavaScript libraries",
+        "created_date": "2025-08-19",
+        "author": "@liquidsec",
+    }
+    options = {
+        "version": "5.3.0",
+        "node_version": "18.19.1",
+        "severity": "medium",
+    }
+    options_desc = {
+        "version": "retire.js version",
+        "node_version": "Node.js version to install locally",
+        "severity": "Minimum severity level to report (none, low, medium, high, critical)",
+    }
+    deps_ansible = [
+        # Download Node.js binary (Linux x64)
+        {
+            "name": "Download Node.js binary (Linux x64)",
+            "get_url": {
+                "url": "https://nodejs.org/dist/v#{BBOT_MODULES_RETIREJS_NODE_VERSION}/node-v#{BBOT_MODULES_RETIREJS_NODE_VERSION}-linux-x64.tar.xz",
+                "dest": "#{BBOT_TEMP}/node-v#{BBOT_MODULES_RETIREJS_NODE_VERSION}-linux-x64.tar.xz",
+                "mode": "0644",
+            },
+        },
+        # Extract Node.js binary (x64)
+        {
+            "name": "Extract Node.js binary (x64)",
+            "unarchive": {
+                "src": "#{BBOT_TEMP}/node-v#{BBOT_MODULES_RETIREJS_NODE_VERSION}-linux-x64.tar.xz",
+                "dest": "#{BBOT_TOOLS}",
+                "remote_src": True,
+            },
+        },
+        # Remove existing node directory if it exists
+        {
+            "name": "Remove existing node directory",
+            "file": {"path": "#{BBOT_TOOLS}/node", "state": "absent"},
+        },
+        # Rename extracted directory to 'node' (x64)
+        {
+            "name": "Rename Node.js directory (x64)",
+            "command": "mv #{BBOT_TOOLS}/node-v#{BBOT_MODULES_RETIREJS_NODE_VERSION}-linux-x64 #{BBOT_TOOLS}/node",
+        },
+        # Set permissions on entire Node.js bin directory
+        {
+            "name": "Set permissions on Node.js bin directory",
+            "file": {"path": "#{BBOT_TOOLS}/node/bin", "mode": "0755", "recurse": "yes"},
+        },
+        # Make Node.js binary executable
+        {
+            "name": "Make Node.js binary executable",
+            "file": {"path": "#{BBOT_TOOLS}/node/bin/node", "mode": "0755"},
+        },
+        # Remove existing retirejs directory if it exists
+        {
+            "name": "Remove existing retirejs directory",
+            "file": {"path": "#{BBOT_TOOLS}/retirejs", "state": "absent"},
+        },
+        # Create retire.js local directory
+        {
+            "name": "Create retire.js directory in BBOT_TOOLS",
+            "file": {"path": "#{BBOT_TOOLS}/retirejs", "state": "directory", "mode": "0755"},
+        },
+        # Install retire.js locally using local Node.js
+        {
+            "name": "Install retire.js locally",
+            "shell": "cd #{BBOT_TOOLS}/retirejs && #{BBOT_TOOLS}/node/bin/node #{BBOT_TOOLS}/node/lib/node_modules/npm/bin/npm-cli.js install --prefix . retire@#{BBOT_MODULES_RETIREJS_VERSION} --no-fund --no-audit --silent --no-optional",
+            "args": {"creates": "#{BBOT_TOOLS}/retirejs/node_modules/.bin/retire"},
+            "timeout": 600,
+            "ignore_errors": False,
+        },
+        # Make retire script executable
+        {
+            "name": "Make retire script executable",
+            "file": {"path": "#{BBOT_TOOLS}/retirejs/node_modules/.bin/retire", "mode": "0755"},
+        },
+        # Create retire cache directory
+        {
+            "name": "Create retire cache directory",
+            "file": {"path": "#{BBOT_CACHE}/retire_cache", "state": "directory", "mode": "0755"},
+        },
+    ]
+    accept_url_special = True
+    scope_distance_modifier = 1
+    _module_threads = 4
+    async def setup(self):
+        excavate_enabled = self.scan.config.get("excavate")
+        if not excavate_enabled:
+            return None, "retirejs will not function without excavate enabled"
+        # Validate severity level
+        valid_severities = ["none", "low", "medium", "high", "critical"]
+        configured_severity = self.config.get("severity", "medium").lower()
+        if configured_severity not in valid_severities:
+            return (
+                False,
+                f"Invalid severity level '{configured_severity}'. Valid options are: {', '.join(valid_severities)}",
+            )
+        self.repofile = await self.helpers.download(
+            "https://raw.githubusercontent.com/RetireJS/retire.js/master/repository/jsrepository-v4.json", cache_hrs=24
+        )
+        if not self.repofile:
+            return False, "failed to download retire.js repository file"
+        return True
+    async def handle_event(self, event):
+        js_file = await self.helpers.request(event.data)
+        if js_file:
+            js_file_body = js_file.text
+            if js_file_body:
+                js_file_body_saved = self.helpers.tempfile(js_file_body, pipe=False, extension="js")
+                results = await self.execute_retirejs(js_file_body_saved)
+                if not results:
+                    self.warning("no output from retire.js")
+                    return
+                results_json = json.loads(results)
+                if results_json.get("data"):
+                    for file_result in results_json["data"]:
+                        for component_result in file_result.get("results", []):
+                            component = component_result.get("component", "unknown")
+                            version = component_result.get("version", "unknown")
+                            vulnerabilities = component_result.get("vulnerabilities", [])
+                            for vuln in vulnerabilities:
+                                severity = vuln.get("severity", "unknown")
+                                # Filter by minimum severity level
+                                min_severity = RetireJSSeverity.from_string(self.config.get("severity", "medium"))
+                                vuln_severity = RetireJSSeverity.from_string(severity)
+                                if vuln_severity < min_severity:
+                                    self.debug(
+                                        f"Skipping vulnerability with severity '{severity}' (below minimum '{min_severity.name.lower()}')"
+                                    )
+                                    continue
+                                identifiers = vuln.get("identifiers", {})
+                                summary = identifiers.get("summary", "Unknown vulnerability")
+                                cves = identifiers.get("CVE", [])
+                                description_parts = [
+                                    f"Vulnerable JavaScript library detected: {component} v{version}",
+                                    f"Severity: {severity.upper()}",
+                                    f"Summary: {summary}",
+                                    f"JavaScript URL: {event.data}",
+                                ]
+                                if cves:
+                                    description_parts.append(f"CVE(s): {', '.join(cves)}")
+                                below_version = vuln.get("below", "")
+                                at_or_above = vuln.get("atOrAbove", "")
+                                if at_or_above and below_version:
+                                    description_parts.append(f"Affected versions: [{at_or_above} to {below_version})")
+                                elif below_version:
+                                    description_parts.append(f"Affected versions: [< {below_version}]")
+                                elif at_or_above:
+                                    description_parts.append(f"Affected versions: [>= {at_or_above}]")
+                                description = " ".join(description_parts)
+                                data = {
+                                    "description": description,
+                                    "severity": severity,
+                                    "component": component,
+                                    "url": event.parent.data["url"],
+                                }
+                                await self.emit_event(
+                                    data,
+                                    "FINDING",
+                                    parent=event,
+                                    context=f"{{module}} identified vulnerable JavaScript library {component} v{version} ({severity} severity)",
+                                )
+    async def filter_event(self, event):
+        url_extension = getattr(event, "url_extension", "")
+        if url_extension != "js":
+            return False, f"it is a {url_extension} URL but retirejs only accepts js URLs"
+        return True
+    async def execute_retirejs(self, js_file):
+        cache_dir = self.helpers.cache_dir / "retire_cache"
+        retire_dir = self.scan.helpers.tools_dir / "retirejs"
+        local_node_dir = self.scan.helpers.tools_dir / "node"
+        # Use the retire binary directly with our local Node.js
+        retire_binary_path = retire_dir / "node_modules" / ".bin" / "retire"
+        command = [
+            str(local_node_dir / "bin" / "node"),
+            str(retire_binary_path),
+            "--outputformat",
+            "json",
+            "--cachedir",
+            str(cache_dir),
+            "--path",
+            js_file,
+            "--jsrepo",
+            str(self.repofile),
+        ]
+        proxy = self.scan.web_config.get("http_proxy")
+        if proxy:
+            command.extend(["--proxy", proxy])
+        self.verbose(f"Running retire.js on {js_file}")
+        self.verbose(f"retire.js command: {command}")
+        result = await self.run_process(command)
+        return result.stdout

bbot/modules/securitytxt.py CHANGED Viewed

@@ -123,6 +123,3 @@ class securitytxt(BaseModule):
                         if found_url != url and self._urls is True:
                             await self.emit_event(found_url, "URL_UNVERIFIED", parent=event, tags=tags)
-# EOF

bbot/modules/sslcert.py CHANGED Viewed

@@ -20,7 +20,7 @@ class sslcert(BaseModule):
     options = {"timeout": 5.0, "skip_non_ssl": True}
     options_desc = {"timeout": "Socket connect timeout in seconds", "skip_non_ssl": "Don't try common non-SSL ports"}
     deps_apt = ["openssl"]
-    deps_pip = ["pyOpenSSL~=24.0.0"]
+    deps_pip = ["pyOpenSSL~=25.3.0"]
     _module_threads = 25
     scope_distance_modifier = 1
     _priority = 2
@@ -77,7 +77,7 @@ class sslcert(BaseModule):
                 dns_names = dns_names[:1] + [n for n in dns_names[1:] if self.scan.in_scope(n)]
             for event_type, results in (("DNS_NAME", set(dns_names)), ("EMAIL_ADDRESS", emails)):
                 for event_data in results:
-                    if event_data is not None and event_data != event:
+                    if event_data is not None and event_data != event.data:
                         self.debug(f"Discovered new {event_type} via SSL certificate parsing: [{event_data}]")
                         try:
                             ssl_event = self.make_event(event_data, event_type, parent=event, raise_error=True)

bbot/modules/subdomaincenter.py CHANGED Viewed

@@ -12,25 +12,10 @@ class subdomaincenter(subdomain_enum):
     }
     base_url = "https://api.subdomain.center"
-    retries = 2
-    async def sleep(self, time_to_wait):
-        self.info(f"Sleeping for {time_to_wait} seconds to avoid rate limit")
-        await self.helpers.sleep(time_to_wait)
     async def request_url(self, query):
         url = f"{self.base_url}/?domain={self.helpers.quote(query)}"
-        response = None
-        status_code = 0
-        for i, _ in enumerate(range(self.retries + 1)):
-            if i > 0:
-                self.verbose(f"Retry #{i} for {query} after response code {status_code}")
-            response = await self.helpers.request(url, timeout=self.http_timeout + 30)
-            status_code = getattr(response, "status_code", 0)
-            if status_code == 429:
-                await self.sleep(20)
-            else:
-                break
+        response = await self.api_request(url)
         return response
     async def parse_results(self, r, query):

bbot/modules/telerik.py CHANGED Viewed

@@ -161,7 +161,7 @@ class telerik(BaseModule):
     in_scope_only = True
-    deps_pip = ["pycryptodome~=3.17"]
+    deps_pip = ["pycryptodome~=3.23.0"]
     deps_ansible = [
         {"name": "Create telerik dir", "file": {"state": "directory", "path": "#{BBOT_TOOLS}/telerik/"}},
@@ -204,7 +204,7 @@ class telerik(BaseModule):
             webresource = "Telerik.Web.UI.WebResource.axd?type=rau"
             result, _ = await self.test_detector(base_url, webresource)
             if result:
-                if "RadAsyncUpload handler is registered successfully" in result.text:
+                if "RadAsyncUpload handler is registered succesfully" in result.text:
                     self.verbose("Detected Telerik instance (Telerik.Web.UI.WebResource.axd?type=rau)")
                     probe_data = {
@@ -263,6 +263,11 @@ class telerik(BaseModule):
                                     str(root_tool_path / "testfile.txt"),
                                     result.url,
                                 ]
+                                # Add proxy if set in the scan config
+                                if self.scan.http_proxy:
+                                    command.append(self.scan.http_proxy)
                                 output = await self.run_process(command)
                                 description = f"[CVE-2017-11317] [{str(version)}] {webresource}"
                                 if "fileInfo" in output.stdout:

bbot/modules/templates/bucket.py CHANGED Viewed

@@ -1,3 +1,6 @@
+import importlib
+import regex as re
+from functools import cached_property
 from bbot.modules.base import BaseModule
@@ -11,7 +14,7 @@ class bucket_template(BaseModule):
     }
     scope_distance_modifier = 3
-    cloud_helper_name = "amazon|google|digitalocean|etc"
+    cloudcheck_provider_name = "Amazon|Google|DigitalOcean|etc"
     delimiters = ("", ".", "-")
     base_domains = ["s3.amazonaws.com|digitaloceanspaces.com|etc"]
     regions = [None]
@@ -19,8 +22,14 @@ class bucket_template(BaseModule):
     async def setup(self):
         self.buckets_tried = set()
-        self.cloud_helper = self.helpers.cloud.providers[self.cloud_helper_name]
         self.permutations = self.config.get("permutations", False)
+        cloudcheck_import_path = "cloudcheck.providers"
+        try:
+            self.cloudcheck_provider = getattr(
+                importlib.import_module(cloudcheck_import_path), self.cloudcheck_provider_name
+            )
+        except (ImportError, AttributeError) as e:
+            return False, f"cloud helper at {cloudcheck_import_path} not found: {e}"
         return True
     async def filter_event(self, event):
@@ -33,7 +42,7 @@ class bucket_template(BaseModule):
         return True
     def filter_bucket(self, event):
-        if f"cloud-{self.cloud_helper_name}" not in event.tags:
+        if not any(t.endswith(f"-{self.cloudcheck_provider_name.lower()}") for t in event.tags):
             return False, "bucket belongs to a different cloud provider"
         return True, ""
@@ -156,7 +165,7 @@ class bucket_template(BaseModule):
         return (msg, tags)
     def valid_bucket_name(self, bucket_name):
-        valid = self.cloud_helper.is_valid_bucket_name(bucket_name)
+        valid = self.is_valid_bucket_name(bucket_name)
         if valid and not self.helpers.is_ip(bucket_name):
             bucket_hash = hash(bucket_name)
             if bucket_hash not in self.buckets_tried:
@@ -164,6 +173,17 @@ class bucket_template(BaseModule):
                 return True
         return False
+    def is_valid_bucket_name(self, bucket_name):
+        return any(regex.match(bucket_name) for regex in self.bucket_name_regexes)
+    @cached_property
+    def bucket_name_regexes(self):
+        return [re.compile(regex) for regex in self.cloudcheck_provider.regexes["STORAGE_BUCKET_NAME"]]
+    # @cached_property
+    # def bucket_hostname_regexes(self):
+    #     return [re.compile(regex) for regex in self.cloudcheck_provider.regexes["STORAGE_BUCKET_HOSTNAME"]]
     def build_url(self, bucket_name, base_domain, region):
         return f"https://{bucket_name}.{base_domain}/"

bbot/modules/templates/gitlab.py ADDED Viewed

@@ -0,0 +1,98 @@
+from bbot.modules.base import BaseModule
+class GitLabBaseModule(BaseModule):
+    """Common functionality for interacting with GitLab instances.
+    This template is intended to be inherited by two concrete modules:
+    1. ``gitlab_com``   – Handles public SaaS instances (gitlab.com / gitlab.org).
+    2. ``gitlab_onprem`` – Handles self-hosted, on-premises GitLab servers.
+    Both child modules share identical behaviour when talking to the GitLab
+    REST API; they only differ in which events they are willing to accept.
+    """
+    # domains owned by GitLab
+    saas_domains = ["gitlab.com", "gitlab.org"]
+    async def setup(self):
+        if self.options.get("api_key") is not None:
+            await self.require_api_key()
+        return True
+    async def handle_social(self, event):
+        """Enumerate projects belonging to a user or group profile."""
+        username = event.data.get("profile_name", "")
+        if not username:
+            return
+        base_url = self.get_base_url(event)
+        urls = [
+            # User-owned projects
+            self.helpers.urljoin(base_url, f"api/v4/users/{username}/projects?simple=true"),
+            # Group-owned projects
+            self.helpers.urljoin(base_url, f"api/v4/groups/{username}/projects?simple=true"),
+        ]
+        for url in urls:
+            await self.handle_projects_url(url, event)
+    async def handle_projects_url(self, projects_url, event):
+        for project in await self.gitlab_json_request(projects_url):
+            project_url = project.get("web_url", "")
+            if project_url:
+                code_event = self.make_event({"url": project_url}, "CODE_REPOSITORY", tags="git", parent=event)
+                await self.emit_event(
+                    code_event,
+                    context=f"{{module}} enumerated projects and found {{event.type}} at {project_url}",
+                )
+            namespace = project.get("namespace", {})
+            if namespace:
+                await self.handle_namespace(namespace, event)
+    async def handle_groups_url(self, groups_url, event):
+        for group in await self.gitlab_json_request(groups_url):
+            await self.handle_namespace(group, event)
+    async def gitlab_json_request(self, url):
+        """Helper that performs an HTTP request and safely returns JSON list."""
+        response = await self.api_request(url)
+        if response is not None:
+            try:
+                json_data = response.json()
+            except Exception:
+                return []
+            if json_data and isinstance(json_data, list):
+                return json_data
+        return []
+    async def handle_namespace(self, namespace, event):
+        namespace_name = namespace.get("path", "")
+        namespace_url = namespace.get("web_url", "")
+        namespace_path = namespace.get("full_path", "")
+        if not (namespace_name and namespace_url and namespace_path):
+            return
+        namespace_url = self.helpers.parse_url(namespace_url)._replace(path=f"/{namespace_path}").geturl()
+        social_event = self.make_event(
+            {
+                "platform": "gitlab",
+                "profile_name": namespace_path,
+                "url": namespace_url,
+            },
+            "SOCIAL",
+            parent=event,
+        )
+        await self.emit_event(
+            social_event,
+            context=f'{{module}} found GitLab namespace ({{event.type}}) "{namespace_name}" at {namespace_url}',
+        )
+    # ------------------------------------------------------------------
+    # Utility helpers
+    # ------------------------------------------------------------------
+    def get_base_url(self, event):
+        base_url = event.data.get("url", "")
+        if not base_url:
+            base_url = f"https://{event.host}"
+        return self.helpers.urlparse(base_url)._replace(path="/").geturl()

bbot/modules/trufflehog.py CHANGED Viewed

@@ -14,7 +14,7 @@ class trufflehog(BaseModule):
     }
     options = {
-        "version": "3.88.34",
+        "version": "3.90.8",
         "config": "",
         "only_verified": True,
         "concurrency": 8,
@@ -41,11 +41,14 @@ class trufflehog(BaseModule):
     scope_distance_modifier = 2
-    async def setup(self):
-        self.verified = self.config.get("only_verified", True)
+    async def setup_deps(self):
         self.config_file = self.config.get("config", "")
         if self.config_file:
             self.config_file = await self.helpers.wordlist(self.config_file)
+        return True
+    async def setup(self):
+        self.verified = self.config.get("only_verified", True)
         self.concurrency = int(self.config.get("concurrency", 8))
         self.deleted_forks = self.config.get("deleted_forks", False)
@@ -198,7 +201,7 @@ class trufflehog(BaseModule):
                     yield (decoder_name, detector_name, raw_result, rawv2_result, verified, source_metadata)
         finally:
-            stats_file.unlink()
+            stats_file.unlink(missing_ok=True)
     def log_trufflehog_status(self, path, line):
         try:

bbot/modules/wafw00f.py CHANGED Viewed

@@ -22,7 +22,7 @@ class wafw00f(BaseModule):
         "author": "@liquidsec",
     }
-    deps_pip = ["wafw00f~=2.2.0"]
+    deps_pip = ["wafw00f~=2.3.1"]
     options = {"generic_detect": True}
     options_desc = {"generic_detect": "When no specific WAF detections are made, try to perform a generic detect"}
@@ -42,7 +42,7 @@ class wafw00f(BaseModule):
     async def handle_event(self, event):
         url = f"{event.parsed_url.scheme}://{event.parsed_url.netloc}/"
         WW = await self.helpers.run_in_executor(wafw00f_main.WAFW00F, url, followredirect=False)
-        waf_detections = await self.helpers.run_in_executor(WW.identwaf)
+        waf_detections, url = await self.helpers.run_in_executor(WW.identwaf)
         if waf_detections:
             for waf in waf_detections:
                 await self.emit_event(

bbot/presets/web/dotnet-audit.yml CHANGED Viewed

@@ -12,6 +12,7 @@ modules:
   - telerik
   - ajaxpro
   - dotnetnuke
+  - aspnet_bin_exposure
 config:
   modules:

bbot/presets/web/lightfuzz-heavy.yml CHANGED Viewed

@@ -12,5 +12,5 @@ modules:
 config:
   modules:
     lightfuzz:
-      enabled_submodules: [cmdi,crypto,path,serial,sqli,ssti,xss]
+      enabled_submodules: [cmdi,crypto,path,serial,sqli,ssti,xss,esi]
       disable_post: False

bbot/presets/web/lightfuzz-medium.yml CHANGED Viewed

@@ -11,4 +11,4 @@ modules:
 config:
   modules:
     lightfuzz:
-      enabled_submodules: [cmdi,crypto,path,serial,sqli,ssti,xss]
+      enabled_submodules: [cmdi,crypto,path,serial,sqli,ssti,xss,esi]

bbot/presets/web/lightfuzz-superheavy.yml CHANGED Viewed

@@ -8,6 +8,6 @@ config:
   modules:
     lightfuzz:
       force_common_headers: True # Fuzz common headers like X-Forwarded-For even if they're not observed on the target
-      enabled_submodules: [cmdi,crypto,path,serial,sqli,ssti,xss]
+      enabled_submodules: [cmdi,crypto,path,serial,sqli,ssti,xss,esi]
     excavate:
       speculate_params: True # speculate potential parameters extracted from JSON/XML web responses

bbot 2.5.0__py3-none-any.whl → 2.7.2.7424rc0__py3-none-any.whl

bbot 2.5.0py3-none-any.whl → 2.7.2.7424rc0py3-none-any.whl