bbot 2.7.1.7175rc0__py3-none-any.whl → 2.7.1.7198rc0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of bbot might be problematic. Click here for more details.

Files changed (13) hide show
  1. bbot/__init__.py +1 -1
  2. bbot/modules/emailformat.py +17 -1
  3. bbot/test/test_step_2/module_tests/test_module_emailformat.py +1 -1
  4. bbot/test/test_step_2/module_tests/test_module_emails.py +2 -2
  5. {bbot-2.7.1.7175rc0.dist-info → bbot-2.7.1.7198rc0.dist-info}/METADATA +1 -1
  6. {bbot-2.7.1.7175rc0.dist-info → bbot-2.7.1.7198rc0.dist-info}/RECORD +9 -13
  7. bbot/modules/censys.py +0 -98
  8. bbot/modules/zoomeye.py +0 -77
  9. bbot/test/test_step_2/module_tests/test_module_censys.py +0 -83
  10. bbot/test/test_step_2/module_tests/test_module_zoomeye.py +0 -35
  11. {bbot-2.7.1.7175rc0.dist-info → bbot-2.7.1.7198rc0.dist-info}/WHEEL +0 -0
  12. {bbot-2.7.1.7175rc0.dist-info → bbot-2.7.1.7198rc0.dist-info}/entry_points.txt +0 -0
  13. {bbot-2.7.1.7175rc0.dist-info → bbot-2.7.1.7198rc0.dist-info}/licenses/LICENSE +0 -0
bbot/__init__.py CHANGED
@@ -1,5 +1,5 @@
1
1
  # version placeholder (replaced by poetry-dynamic-versioning)
2
- __version__ = "v2.7.1.7175rc"
2
+ __version__ = "v2.7.1.7198rc"
3
3
 
4
4
  from .scanner import Scanner, Preset
5
5
 
bbot/modules/emailformat.py CHANGED
@@ -15,13 +15,29 @@ class emailformat(BaseModule):
15
15
 
16
16
  base_url = "https://www.email-format.com"
17
17
 
18
+ async def setup(self):
19
+ self.cfemail_regex = self.helpers.re.compile(r'data-cfemail="([0-9a-z]+)"')
20
+ return True
21
+
18
22
  async def handle_event(self, event):
19
23
  _, query = self.helpers.split_domain(event.data)
20
24
  url = f"{self.base_url}/d/{self.helpers.quote(query)}/"
21
25
  r = await self.api_request(url)
22
26
  if not r:
23
27
  return
24
- for email in await self.helpers.re.extract_emails(r.text):
28
+
29
+ encrypted_emails = await self.helpers.re.findall(self.cfemail_regex, r.text)
30
+
31
+ for enc in encrypted_emails:
32
+ enc_len = len(enc)
33
+
34
+ if enc_len < 2 or enc_len % 2 != 0:
35
+ continue
36
+
37
+ key = int(enc[:2], 16)
38
+
39
+ email = "".join([chr(int(enc[i : i + 2], 16) ^ key) for i in range(2, enc_len, 2)]).lower()
40
+
25
41
  if email.endswith(query):
26
42
  await self.emit_event(
27
43
  email,
bbot/test/test_step_2/module_tests/test_module_emailformat.py CHANGED
@@ -5,7 +5,7 @@ class TestEmailFormat(ModuleTestBase):
5
5
  async def setup_before_prep(self, module_test):
6
6
  module_test.httpx_mock.add_response(
7
7
  url="https://www.email-format.com/d/blacklanternsecurity.com/",
8
- text="<p>info@blacklanternsecurity.com</a>",
8
+ text="""<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="0a63646c654a68666b6961666b647e6f7864796f697f78637e7324696567">[email&#160;protected]</a>""",
9
9
  )
10
10
 
11
11
  def check(self, module_test, events):
bbot/test/test_step_2/module_tests/test_module_emails.py CHANGED
@@ -1,13 +1,13 @@
1
1
  from .base import ModuleTestBase
2
2
 
3
3
 
4
- class TestEmais(ModuleTestBase):
4
+ class TestEmails(ModuleTestBase):
5
5
  modules_overrides = ["emails", "emailformat", "skymem"]
6
6
 
7
7
  async def setup_before_prep(self, module_test):
8
8
  module_test.httpx_mock.add_response(
9
9
  url="https://www.email-format.com/d/blacklanternsecurity.com/",
10
- text="<p>info@blacklanternsecurity.com</p>",
10
+ text="""<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="0a63646c654a68666b6961666b647e6f7864796f697f78637e7324696567">[email&#160;protected]</a>""",
11
11
  )
12
12
  module_test.httpx_mock.add_response(
13
13
  url="https://www.skymem.info/srch?q=blacklanternsecurity.com",
{bbot-2.7.1.7175rc0.dist-info → bbot-2.7.1.7198rc0.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: bbot
3
- Version: 2.7.1.7175rc0
3
+ Version: 2.7.1.7198rc0
4
4
  Summary: OSINT automation for hackers.
5
5
  License: GPL-3.0
6
6
  License-File: LICENSE
{bbot-2.7.1.7175rc0.dist-info → bbot-2.7.1.7198rc0.dist-info}/RECORD RENAMED
@@ -1,4 +1,4 @@
1
- bbot/__init__.py,sha256=LcrsSY4pZPKSBzGdq95TZlykjpDfIad5mlIzFvPE83g,163
1
+ bbot/__init__.py,sha256=pybipPOWcSe5kwo7vjCERBtFlrbHUP_U2k0dqXXCZPY,163
2
2
  bbot/cli.py,sha256=1QJbANVw9Q3GFM92H2QRV2ds5756ulm08CDZwzwPpeI,11888
3
3
  bbot/core/__init__.py,sha256=l255GJE_DvUnWvrRb0J5lG-iMztJ8zVvoweDOfegGtI,46
4
4
  bbot/core/config/__init__.py,sha256=zYNw2Me6tsEr8hOOkLb4BQ97GB7Kis2k--G81S8vofU,342
@@ -77,7 +77,6 @@ bbot/modules/bufferoverrun.py,sha256=VTNkT96Escy6Lyt0LCuyNPNp8wCHBtPM95WxPY7rxUk
77
77
  bbot/modules/builtwith.py,sha256=6ZQOc6vmSVc8LsdgsiuMWfDquGm5K0jxwsnL8MsKNWw,5381
78
78
  bbot/modules/bypass403.py,sha256=HyONgOYlZUET61FZ0QWE7zPGG-N6n0x_j9KUGw8kVxQ,6855
79
79
  bbot/modules/c99.py,sha256=l4HpFtKF09zUs5-yZIMmZU4oIUNro6aRcG6DlIeJ6Z0,1473
80
- bbot/modules/censys.py,sha256=PMf96B3vTwUF0uotitbNtGPgPIlKl1feyDzBJRn14D0,3336
81
80
  bbot/modules/certspotter.py,sha256=qdRGCkGyP07_cP9h2o_AEZwoiQPXtrC-Bel3vgh24x8,905
82
81
  bbot/modules/chaos.py,sha256=JyuwytwE3IRmNbw-uyJ0gCaTnywhhsHzTiZ3OJ15PAw,1573
83
82
  bbot/modules/code_repository.py,sha256=x70Z45VnNNMF8BPkHfGWZXsZXw_fStGB3y0-8jbP1Ns,2078
@@ -96,7 +95,7 @@ bbot/modules/dnstlsrpt.py,sha256=v8V72RBsawmDPrMrTcKXEyoFt9bgbfm-cpoPYgKEKLQ,623
96
95
  bbot/modules/docker_pull.py,sha256=zNQcQdS-JWM2-TbQ_iyjeGA9CKcpuXdeO5ucoJgzZNY,9189
97
96
  bbot/modules/dockerhub.py,sha256=JQkujjqvQRzQuvHjQ7JbFs_VlJj8dLRPRObAkBgUQhc,3493
98
97
  bbot/modules/dotnetnuke.py,sha256=zipcHyNYr2FEecStb1Yrm938ps01RvHV8NnyqAvnGGc,10537
99
- bbot/modules/emailformat.py,sha256=RLPJW-xitYB-VT4Lp08qVzFkXx_kMyV_035JT_Yf4fM,1082
98
+ bbot/modules/emailformat.py,sha256=Koi2aSng-FSRJVhpbFaclrqZxo4lQoPMcUMn_qXTfVE,1518
100
99
  bbot/modules/extractous.py,sha256=VSGKmHPAA_4r62jaN8Yqi3JcjehjxpI2lhe8i2j786s,4648
101
100
  bbot/modules/ffuf.py,sha256=94TJ5xvqKwH0JaWmC_t1dLTpRsO8HEy4lnbsu8LF_HY,14965
102
101
  bbot/modules/ffuf_shortnames.py,sha256=y5vnypLPN-KrjpmoG5zlqcX8VwfcLBpNg1yQI7bP9Hg,18737
@@ -220,7 +219,6 @@ bbot/modules/wafw00f.py,sha256=1Yh5_MF-W1r8LhDOkJ44z-S1PJ9x07UB9MrGFm9Eb7Y,2541
220
219
  bbot/modules/wappalyzer.py,sha256=ix0JnLEQ4wLfvYuzrOlQuupJZc3AiY8bnGs3ne-qCFA,2190
221
220
  bbot/modules/wayback.py,sha256=9cxd_HfHgLp4AChzA8C0Zjd6DIJ7c3NsJ02W2oLIXuU,3257
222
221
  bbot/modules/wpscan.py,sha256=FVqZpjV3GrejjiowiqdwIb8t_pPl9yMVRtsAMzC-heA,11606
223
- bbot/modules/zoomeye.py,sha256=DYrNAgvHY90HKui3LvEVHBw0M2cpkuzuyVqizBzp6T8,2755
224
222
  bbot/presets/baddns-intense.yml,sha256=FXiNnsf3IIms3UJtS2CwLk82Yp0IXm1OvRM61-CHrno,195
225
223
  bbot/presets/cloud-enum.yml,sha256=U1IuN_Vx4zFSvobQenXwSeEqFxRX28beS1Aek3hNUBg,121
226
224
  bbot/presets/code-enum.yml,sha256=fRThe5_vY8IqO5nZBC0y3JZwA6ynx81bBcIHBB6o9IU,83
@@ -332,7 +330,6 @@ bbot/test/test_step_2/module_tests/test_module_bufferoverrun.py,sha256=6pyJ0dbx8
332
330
  bbot/test/test_step_2/module_tests/test_module_builtwith.py,sha256=lMHyF4YXcIRoXMMaqiVaMilDcitnGggM67e0lbxA1Ic,5049
333
331
  bbot/test/test_step_2/module_tests/test_module_bypass403.py,sha256=IvYZ04K0zt27CT8oc59mLuIuPJxnylKeMulPyDCR9UI,3552
334
332
  bbot/test/test_step_2/module_tests/test_module_c99.py,sha256=F-46Kkwxe29xPZ-3kxCklPR_itOTKcL37uRpUh2F1C4,7405
335
- bbot/test/test_step_2/module_tests/test_module_censys.py,sha256=XTkPvewW3fLZMnHWPsWOJ170kYzF1s0doXoUmmPpoMA,4219
336
333
  bbot/test/test_step_2/module_tests/test_module_certspotter.py,sha256=60jCOeK1yaUEgtTxYW-T47kZgKt9XxP2qBH9w-0MDBk,636
337
334
  bbot/test/test_step_2/module_tests/test_module_chaos.py,sha256=9JRgtDEnnJgmEMCTB2bqRJRkBavLys-6ypHPxrM_hXk,956
338
335
  bbot/test/test_step_2/module_tests/test_module_cloudcheck.py,sha256=9KjGREpzOVByDVjIEWoaWbS3RwPlYLN3mw-OnRvD7sg,4083
@@ -355,8 +352,8 @@ bbot/test/test_step_2/module_tests/test_module_dnstlsrpt.py,sha256=8xXSFo0vwKfeh
355
352
  bbot/test/test_step_2/module_tests/test_module_docker_pull.py,sha256=SKc43IKzwoi74qaY8felJXnrgNVXrXRQlg6BtrSjyAc,28151
356
353
  bbot/test/test_step_2/module_tests/test_module_dockerhub.py,sha256=9T8CFcFP32MOppUmSVNBUSifnk2kMONqzW_7vvvKdpk,3907
357
354
  bbot/test/test_step_2/module_tests/test_module_dotnetnuke.py,sha256=Q7M3hrbEwOuORZXPS-pIGFTRzB2-g4cEvGtsEcTp7t8,8049
358
- bbot/test/test_step_2/module_tests/test_module_emailformat.py,sha256=cKxBPnEQ4AiRKV_-hSYEE6756ypst3hi6MN0L5RTukY,461
359
- bbot/test/test_step_2/module_tests/test_module_emails.py,sha256=bZjtO8N3GG2_g6SUEYprAFLcsi7SlwNPJJ0nODfrWYU,944
355
+ bbot/test/test_step_2/module_tests/test_module_emailformat.py,sha256=nXXURJfwmA8q9hQvdmLTP-1obzbDGruW_PpolX2e7RY,590
356
+ bbot/test/test_step_2/module_tests/test_module_emails.py,sha256=6T0zwDMK3d-3t01RGEbd4KeTF-UG7EReOvlyd6qwqig,1074
360
357
  bbot/test/test_step_2/module_tests/test_module_excavate.py,sha256=AUh9fegqoxZjZHISWryuJgK3HJqKEUhFsRtMTROFfa4,63067
361
358
  bbot/test/test_step_2/module_tests/test_module_extractous.py,sha256=6wuZ978y5YIPYdR7av6otrY_5jUlzzuJDZ-DsBNOoLA,18197
362
359
  bbot/test/test_step_2/module_tests/test_module_ffuf.py,sha256=z8ihAM1WYss7QGXIjbi67cekg8iOemDjaM8YR9_qSEs,4100
@@ -450,7 +447,6 @@ bbot/test/test_step_2/module_tests/test_module_web_parameters.py,sha256=cK6F15Tx
450
447
  bbot/test/test_step_2/module_tests/test_module_web_report.py,sha256=5h4yAl_z265UyQXq9V3hNEeqhJhNhBM2hshWOQ_7hH8,2928
451
448
  bbot/test/test_step_2/module_tests/test_module_websocket.py,sha256=eBtHJtTeGdCGtVofpFiliFRU_9zIc5czuqjb8If7g9Q,1030
452
449
  bbot/test/test_step_2/module_tests/test_module_wpscan.py,sha256=ACGnHsavQy4uRJYoosE1JD-eJFdOj50G65P2FhIqRrM,35772
453
- bbot/test/test_step_2/module_tests/test_module_zoomeye.py,sha256=mEaMYa9ytxSMDIR1csmK1k7F1UrbolqEwZtqGRhA-OY,1979
454
450
  bbot/test/test_step_2/template_tests/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
455
451
  bbot/test/test_step_2/template_tests/test_template_subdomain_enum.py,sha256=DrLd0m88Iy3JBs29CiDFguRntCUeKyQX09pYN5oabf8,8618
456
452
  bbot/test/testsslcert.pem,sha256=ymc1o3bnm1WOUFLcOrw7TegnaOwN0TnUpScl7WXmicE,1103
@@ -464,8 +460,8 @@ bbot/wordlists/raft-small-extensions-lowercase_CLEANED.txt,sha256=ZSIVebs7ptMvHx
464
460
  bbot/wordlists/top_open_ports_nmap.txt,sha256=LmdFYkfapSxn1pVuQC2LkOIY2hMLgG-Xts7DVtYzweM,42727
465
461
  bbot/wordlists/valid_url_schemes.txt,sha256=0B_VAr9Dv7aYhwi6JSBDU-3M76vNtzN0qEC_RNLo7HE,3310
466
462
  bbot/wordlists/wordninja_dns.txt.gz,sha256=DYHvvfW0TvzrVwyprqODAk4tGOxv5ezNmCPSdPuDUnQ,570241
467
- bbot-2.7.1.7175rc0.dist-info/METADATA,sha256=iC3zJXTW4ZWS4MY7K1nUWsB61NXmFzNnf27JHwi-3Nc,18420
468
- bbot-2.7.1.7175rc0.dist-info/WHEEL,sha256=zp0Cn7JsFoX2ATtOhtaFYIiE2rmFAD4OcMhtUki8W3U,88
469
- bbot-2.7.1.7175rc0.dist-info/entry_points.txt,sha256=cWjvcU_lLrzzJgjcjF7yeGuRA_eDS8pQ-kmPUAyOBfo,38
470
- bbot-2.7.1.7175rc0.dist-info/licenses/LICENSE,sha256=GzeCzK17hhQQDNow0_r0L8OfLpeTKQjFQwBQU7ZUymg,32473
471
- bbot-2.7.1.7175rc0.dist-info/RECORD,,
463
+ bbot-2.7.1.7198rc0.dist-info/METADATA,sha256=JYtrZwyTVrZ3wOiYsgEM3xZm1MZ7STDWa70Sbtv26KE,18420
464
+ bbot-2.7.1.7198rc0.dist-info/WHEEL,sha256=zp0Cn7JsFoX2ATtOhtaFYIiE2rmFAD4OcMhtUki8W3U,88
465
+ bbot-2.7.1.7198rc0.dist-info/entry_points.txt,sha256=cWjvcU_lLrzzJgjcjF7yeGuRA_eDS8pQ-kmPUAyOBfo,38
466
+ bbot-2.7.1.7198rc0.dist-info/licenses/LICENSE,sha256=GzeCzK17hhQQDNow0_r0L8OfLpeTKQjFQwBQU7ZUymg,32473
467
+ bbot-2.7.1.7198rc0.dist-info/RECORD,,
bbot/modules/censys.py DELETED
@@ -1,98 +0,0 @@
1
- from bbot.modules.templates.subdomain_enum import subdomain_enum_apikey
2
-
3
-
4
- class censys(subdomain_enum_apikey):
5
- """
6
- thanks to https://github.com/owasp-amass/amass/blob/master/resources/scripts/cert/censys.ads
7
- """
8
-
9
- watched_events = ["DNS_NAME"]
10
- produced_events = ["DNS_NAME"]
11
- flags = ["subdomain-enum", "passive", "safe"]
12
- meta = {
13
- "description": "Query the Censys API",
14
- "created_date": "2022-08-04",
15
- "author": "@TheTechromancer",
16
- "auth_required": True,
17
- }
18
- options = {"api_key": "", "max_pages": 5}
19
- options_desc = {
20
- "api_key": "Censys.io API Key in the format of 'key:secret'",
21
- "max_pages": "Maximum number of pages to fetch (100 results per page)",
22
- }
23
-
24
- base_url = "https://search.censys.io/api"
25
-
26
- async def setup(self):
27
- self.max_pages = self.config.get("max_pages", 5)
28
- return await super().setup()
29
-
30
- async def ping(self):
31
- url = f"{self.base_url}/v1/account"
32
- resp = await self.api_request(url, retry_on_http_429=False)
33
- d = resp.json()
34
- assert isinstance(d, dict), f"Invalid response from {url}: {resp}"
35
- quota = d.get("quota", {})
36
- used = int(quota.get("used", 0))
37
- allowance = int(quota.get("allowance", 0))
38
- assert used < allowance, "No quota remaining"
39
-
40
- def prepare_api_request(self, url, kwargs):
41
- api_id, api_secret = self.api_key.split(":", 1)
42
- kwargs["auth"] = (api_id, api_secret)
43
- return url, kwargs
44
-
45
- async def query(self, query):
46
- results = set()
47
- cursor = ""
48
- for i in range(self.max_pages):
49
- url = f"{self.base_url}/v2/certificates/search"
50
- json_data = {
51
- "q": f"names: {query}",
52
- "per_page": 100,
53
- }
54
- if cursor:
55
- json_data.update({"cursor": cursor})
56
- resp = await self.api_request(
57
- url,
58
- method="POST",
59
- json=json_data,
60
- )
61
-
62
- if resp is None:
63
- break
64
-
65
- try:
66
- d = resp.json()
67
- except Exception as e:
68
- self.warning(f"Failed to parse JSON from {url} (response: {resp}): {e}")
69
-
70
- if resp.status_code < 200 or resp.status_code >= 400:
71
- if isinstance(d, dict):
72
- error = d.get("error", "")
73
- if error:
74
- self.warning(error)
75
- self.verbose(f'Non-200 Status code: {resp.status_code} for query "{query}", page #{i + 1}')
76
- self.debug(f"Response: {resp.text}")
77
- break
78
- else:
79
- if d is None:
80
- break
81
- elif not isinstance(d, dict):
82
- break
83
- status = d.get("status", "").lower()
84
- result = d.get("result", {})
85
- hits = result.get("hits", [])
86
- if status != "ok" or not hits:
87
- break
88
-
89
- for h in hits:
90
- names = h.get("names", [])
91
- for n in names:
92
- results.add(n.strip(".*").lower())
93
-
94
- cursor = result.get("links", {}).get("next", "")
95
- if not cursor:
96
- break
97
-
98
- return results
bbot/modules/zoomeye.py DELETED
@@ -1,77 +0,0 @@
1
- from bbot.modules.templates.subdomain_enum import subdomain_enum_apikey
2
-
3
-
4
- class zoomeye(subdomain_enum_apikey):
5
- watched_events = ["DNS_NAME"]
6
- produced_events = ["DNS_NAME"]
7
- flags = ["affiliates", "subdomain-enum", "passive", "safe"]
8
- meta = {
9
- "description": "Query ZoomEye's API for subdomains",
10
- "created_date": "2022-08-03",
11
- "author": "@TheTechromancer",
12
- "auth_required": True,
13
- }
14
- options = {"api_key": "", "max_pages": 20, "include_related": False}
15
- options_desc = {
16
- "api_key": "ZoomEye API key",
17
- "max_pages": "How many pages of results to fetch",
18
- "include_related": "Include domains which may be related to the target",
19
- }
20
-
21
- base_url = "https://api.zoomeye.hk"
22
-
23
- async def setup(self):
24
- self.max_pages = self.config.get("max_pages", 20)
25
- self.include_related = self.config.get("include_related", False)
26
- return await super().setup()
27
-
28
- def prepare_api_request(self, url, kwargs):
29
- kwargs["headers"]["API-KEY"] = self.api_key
30
- return url, kwargs
31
-
32
- async def ping(self):
33
- url = f"{self.base_url}/resources-info"
34
- r = await self.api_request(url, retry_on_http_429=False)
35
- assert int(r.json()["quota_info"]["remain_total_quota"]) > 0, "No quota remaining"
36
-
37
- async def handle_event(self, event):
38
- query = self.make_query(event)
39
- results = await self.query(query)
40
- if results:
41
- for hostname in results:
42
- if hostname == event:
43
- continue
44
- tags = []
45
- if not hostname.endswith(f".{query}"):
46
- tags = ["affiliate"]
47
- await self.emit_event(
48
- hostname,
49
- "DNS_NAME",
50
- event,
51
- tags=tags,
52
- context=f'{{module}} searched ZoomEye API for "{query}" and found {{event.type}}: {{event.data}}',
53
- )
54
-
55
- async def query(self, query):
56
- results = set()
57
- query_type = 0 if self.include_related else 1
58
- url = f"{self.base_url}/domain/search?q={self.helpers.quote(query)}&type={query_type}&page=" + "{page}"
59
- i = 0
60
- agen = self.api_page_iter(url)
61
- try:
62
- async for j in agen:
63
- r = list(await self.parse_results(j))
64
- if r:
65
- results.update(set(r))
66
- if not r or i >= (self.max_pages - 1):
67
- break
68
- i += 1
69
- finally:
70
- await agen.aclose()
71
- return results
72
-
73
- async def parse_results(self, r):
74
- results = set()
75
- for entry in r.get("list", []):
76
- results.add(entry["name"])
77
- return results
bbot/test/test_step_2/module_tests/test_module_censys.py DELETED
@@ -1,83 +0,0 @@
1
- from .base import ModuleTestBase
2
-
3
-
4
- class TestCensys(ModuleTestBase):
5
- config_overrides = {"modules": {"censys": {"api_key": "api_id:api_secret"}}}
6
-
7
- async def setup_before_prep(self, module_test):
8
- module_test.httpx_mock.add_response(
9
- url="https://search.censys.io/api/v1/account",
10
- match_headers={"Authorization": "Basic YXBpX2lkOmFwaV9zZWNyZXQ="},
11
- json={
12
- "email": "info@blacklanternsecurity.com",
13
- "login": "nope",
14
- "first_login": "1917-08-03 20:03:55",
15
- "last_login": "1918-05-19 01:15:22",
16
- "quota": {"used": 26, "allowance": 250, "resets_at": "1919-06-03 16:30:32"},
17
- },
18
- )
19
- module_test.httpx_mock.add_response(
20
- url="https://search.censys.io/api/v2/certificates/search",
21
- match_headers={"Authorization": "Basic YXBpX2lkOmFwaV9zZWNyZXQ="},
22
- method="POST",
23
- match_json={"q": "names: blacklanternsecurity.com", "per_page": 100},
24
- json={
25
- "code": 200,
26
- "status": "OK",
27
- "result": {
28
- "query": "names: blacklanternsecurity.com",
29
- "total": 196,
30
- "duration_ms": 1046,
31
- "hits": [
32
- {
33
- "parsed": {
34
- "validity_period": {
35
- "not_before": "2021-11-18T00:09:46Z",
36
- "not_after": "2022-11-18T00:09:46Z",
37
- },
38
- "issuer_dn": "C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com\\, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2",
39
- "subject_dn": "CN=asdf.blacklanternsecurity.com",
40
- },
41
- "fingerprint_sha256": "590ad51b8db62925f0fd3f300264c6a36692e20ceec2b5a22e7e4b41c1575cdc",
42
- "names": ["asdf.blacklanternsecurity.com", "asdf2.blacklanternsecurity.com"],
43
- },
44
- ],
45
- "links": {"next": "NextToken", "prev": ""},
46
- },
47
- },
48
- )
49
- module_test.httpx_mock.add_response(
50
- url="https://search.censys.io/api/v2/certificates/search",
51
- match_headers={"Authorization": "Basic YXBpX2lkOmFwaV9zZWNyZXQ="},
52
- method="POST",
53
- match_json={"q": "names: blacklanternsecurity.com", "per_page": 100, "cursor": "NextToken"},
54
- json={
55
- "code": 200,
56
- "status": "OK",
57
- "result": {
58
- "query": "names: blacklanternsecurity.com",
59
- "total": 196,
60
- "duration_ms": 1046,
61
- "hits": [
62
- {
63
- "parsed": {
64
- "validity_period": {
65
- "not_before": "2021-11-18T00:09:46Z",
66
- "not_after": "2022-11-18T00:09:46Z",
67
- },
68
- "issuer_dn": "C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com\\, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2",
69
- "subject_dn": "CN=zzzz.blacklanternsecurity.com",
70
- },
71
- "fingerprint_sha256": "590ad51b8db62925f0fd3f300264c6a36692e20ceec2b5a22e7e4b41c1575cdc",
72
- "names": ["zzzz.blacklanternsecurity.com"],
73
- },
74
- ],
75
- "links": {"next": "", "prev": ""},
76
- },
77
- },
78
- )
79
-
80
- def check(self, module_test, events):
81
- assert any(e.data == "asdf.blacklanternsecurity.com" for e in events), "Failed to detect asdf subdomain"
82
- assert any(e.data == "asdf2.blacklanternsecurity.com" for e in events), "Failed to detect asdf2 subdomain"
83
- assert any(e.data == "zzzz.blacklanternsecurity.com" for e in events), "Failed to detect zzzz subdomain"
bbot/test/test_step_2/module_tests/test_module_zoomeye.py DELETED
@@ -1,35 +0,0 @@
1
- from .base import ModuleTestBase
2
-
3
-
4
- class TestZoomEye(ModuleTestBase):
5
- config_overrides = {"modules": {"zoomeye": {"api_key": "asdf", "include_related": True, "max_pages": 3}}}
6
-
7
- async def setup_before_prep(self, module_test):
8
- module_test.httpx_mock.add_response(
9
- url="https://api.zoomeye.hk/resources-info",
10
- match_headers={"API-KEY": "asdf"},
11
- json={"quota_info": {"remain_total_quota": 5}},
12
- )
13
- module_test.httpx_mock.add_response(
14
- url="https://api.zoomeye.hk/domain/search?q=blacklanternsecurity.com&type=0&page=1",
15
- json={"list": [{"name": "asdf.blacklanternsecurity.com"}]},
16
- )
17
- module_test.httpx_mock.add_response(
18
- url="https://api.zoomeye.hk/domain/search?q=blacklanternsecurity.com&type=0&page=2",
19
- json={"list": [{"name": "zzzz.blacklanternsecurity.com"}]},
20
- )
21
- module_test.httpx_mock.add_response(
22
- url="https://api.zoomeye.hk/domain/search?q=blacklanternsecurity.com&type=0&page=3",
23
- json={"list": [{"name": "ffff.blacklanternsecurity.com"}, {"name": "affiliate.bls"}]},
24
- )
25
- module_test.httpx_mock.add_response(
26
- url="https://api.zoomeye.hk/domain/search?q=blacklanternsecurity.com&type=0&page=4",
27
- json={"list": [{"name": "nope.blacklanternsecurity.com"}]},
28
- )
29
-
30
- def check(self, module_test, events):
31
- assert any(e.data == "asdf.blacklanternsecurity.com" for e in events), "Failed to detect subdomain #1"
32
- assert any(e.data == "zzzz.blacklanternsecurity.com" for e in events), "Failed to detect subdomain #2"
33
- assert any(e.data == "ffff.blacklanternsecurity.com" for e in events), "Failed to detect subdomain #3"
34
- assert any(e.data == "affiliate.bls" and "affiliate" in e.tags for e in events), "Failed to detect affiliate"
35
- assert not any(e.data == "nope.blacklanternsecurity.com" for e in events), "Failed to obey max_pages"