bbot 2.7.1.7207rc0__py3-none-any.whl → 2.7.2.7226rc0__py3-none-any.whl

bbot/__init__.py

@@ -1,5 +1,5 @@
 # version placeholder (replaced by poetry-dynamic-versioning)
-__version__ = "v2.7.1.7207rc"
+__version__ = "v2.7.2.7226rc"
 
 from .scanner import Scanner, Preset
 

bbot/modules/dnsdumpster.py

@@ -1,4 +1,4 @@
-import re
+import json
 
 from bbot.modules.templates.subdomain_enum import subdomain_enum
 
@@ -15,78 +15,61 @@ class dnsdumpster(subdomain_enum):
 
     base_url = "https://dnsdumpster.com"
 
+    async def setup(self):
+        self.apikey_regex = self.helpers.re.compile(r'<form[^>]*data-form-id="mainform"[^>]*hx-headers=\'([^\']*)\'')
+        return True
+
     async def query(self, domain):
         ret = []
-        # first, get the CSRF tokens
+        # first, get the JWT token from the main page
         res1 = await self.api_request(self.base_url)
         status_code = getattr(res1, "status_code", 0)
-        if status_code in [429]:
-            self.verbose(f'Too many requests "{status_code}"')
-            return ret
-        elif status_code not in [200]:
+        if status_code not in [200]:
             self.verbose(f'Bad response code "{status_code}" from DNSDumpster')
             return ret
-        else:
-            self.debug(f'Valid response code "{status_code}" from DNSDumpster')
-
-        html = self.helpers.beautifulsoup(res1.content, "html.parser")
-        if html is False:
-            self.verbose("BeautifulSoup returned False")
-            return ret
 
-        csrftoken = None
-        csrfmiddlewaretoken = None
+        # Extract JWT token from the form's hx-headers attribute using regex
+        jwt_token = None
         try:
-            for cookie in res1.headers.get("set-cookie", "").split(";"):
-                try:
-                    k, v = cookie.split("=", 1)
-                except ValueError:
-                    self.verbose("Error retrieving cookie")
-                    return ret
-                if k == "csrftoken":
-                    csrftoken = str(v)
-            csrfmiddlewaretoken = html.find("input", {"name": "csrfmiddlewaretoken"}).attrs.get("value", None)
-        except AttributeError:
-            pass
+            # Look for the form with data-form-id="mainform" and extract hx-headers
+            form_match = await self.helpers.re.search(self.apikey_regex, res1.text)
+            if form_match:
+                headers_json = form_match.group(1)
+                headers_data = json.loads(headers_json)
+                jwt_token = headers_data.get("Authorization")
+        except (AttributeError, json.JSONDecodeError, KeyError):
+            self.log.warning("Error obtaining JWT token")
+            return ret
 
-        # Abort if we didn't get the tokens
-        if not csrftoken or not csrfmiddlewaretoken:
-            self.verbose("Error obtaining CSRF tokens")
+        # Abort if we didn't get the JWT token
+        if not jwt_token:
+            self.verbose("Error obtaining JWT token")
             self.errorState = True
             return ret
         else:
-            self.debug("Successfully obtained CSRF tokens")
+            self.debug("Successfully obtained JWT token")
 
         if self.scan.stopping:
-            return
+            return ret
 
-        # Otherwise, do the needful
-        subdomains = set()
+        # Query the API with the JWT token
         res2 = await self.api_request(
-            f"{self.base_url}/",
+            "https://api.dnsdumpster.com/htmld/",
             method="POST",
-            cookies={"csrftoken": csrftoken},
-            data={
-                "csrfmiddlewaretoken": csrfmiddlewaretoken,
-                "targetip": str(domain).lower(),
-                "user": "free",
-            },
+            data={"target": str(domain).lower()},
             headers={
-                "origin": "https://dnsdumpster.com",
-                "referer": "https://dnsdumpster.com/",
+                "Authorization": jwt_token,
+                "Content-Type": "application/x-www-form-urlencoded",
+                "Origin": "https://dnsdumpster.com",
+                "Referer": "https://dnsdumpster.com/",
+                "HX-Request": "true",
+                "HX-Target": "results",
+                "HX-Current-URL": "https://dnsdumpster.com/",
             },
         )
         status_code = getattr(res2, "status_code", 0)
         if status_code not in [200]:
-            self.verbose(f'Bad response code "{status_code}" from DNSDumpster')
-            return ret
-        html = self.helpers.beautifulsoup(res2.content, "html.parser")
-        if html is False:
-            self.verbose("BeautifulSoup returned False")
+            self.verbose(f'Bad response code "{status_code}" from DNSDumpster API')
             return ret
-        escaped_domain = re.escape(domain)
-        match_pattern = re.compile(r"^[\w\.-]+\." + escaped_domain + r"$")
-        for subdomain in html.findAll(text=match_pattern):
-            subdomains.add(str(subdomain).strip().lower())
 
-        return list(subdomains)
+        return await self.scan.extract_in_scope_hostnames(res2.text)

bbot/modules/gitlab_com.py

@@ -0,0 +1,31 @@
+from bbot.modules.templates.gitlab import GitLabBaseModule
+
+
+class gitlab_com(GitLabBaseModule):
+    watched_events = ["SOCIAL"]
+    produced_events = [
+        "CODE_REPOSITORY",
+    ]
+    flags = ["active", "safe", "code-enum"]
+    meta = {
+        "description": "Enumerate GitLab SaaS (gitlab.com/org) for projects and groups",
+        "created_date": "2024-03-11",
+        "author": "@TheTechromancer",
+    }
+
+    options = {"api_key": ""}
+    options_desc = {"api_key": "GitLab access token (for gitlab.com/org only)"}
+
+    # This is needed because we are consuming SOCIAL events, which aren't in scope
+    scope_distance_modifier = 2
+
+    async def handle_event(self, event):
+        await self.handle_social(event)
+
+    async def filter_event(self, event):
+        if event.data["platform"] != "gitlab":
+            return False, "platform is not gitlab"
+        _, domain = self.helpers.split_domain(event.host)
+        if domain not in self.saas_domains:
+            return False, "gitlab instance is not gitlab.com/org"
+        return True

bbot/modules/gitlab_onprem.py

@@ -0,0 +1,84 @@
+from bbot.modules.templates.gitlab import GitLabBaseModule
+
+
+class gitlab_onprem(GitLabBaseModule):
+    watched_events = ["HTTP_RESPONSE", "TECHNOLOGY", "SOCIAL"]
+    produced_events = [
+        "TECHNOLOGY",
+        "SOCIAL",
+        "CODE_REPOSITORY",
+        "FINDING",
+    ]
+    flags = ["active", "safe", "code-enum"]
+    meta = {
+        "description": "Detect self-hosted GitLab instances and query them for repositories",
+        "created_date": "2024-03-11",
+        "author": "@TheTechromancer",
+    }
+
+    # Optional GitLab access token (only required for gitlab.com, but still
+    # supported for on-prem installations that expose private projects).
+    options = {"api_key": ""}
+    options_desc = {"api_key": "GitLab access token (for self-hosted instances only)"}
+
+    # Allow accepting events slightly beyond configured max distance so we can
+    # discover repos on neighbouring infrastructure.
+    scope_distance_modifier = 2
+
+    async def handle_event(self, event):
+        if event.type == "HTTP_RESPONSE":
+            await self.handle_http_response(event)
+        elif event.type == "TECHNOLOGY":
+            await self.handle_technology(event)
+        elif event.type == "SOCIAL":
+            await self.handle_social(event)
+
+    async def filter_event(self, event):
+        # only accept out-of-scope SOCIAL events
+        if event.type == "HTTP_RESPONSE":
+            if event.scope_distance > self.scan.scope_search_distance:
+                return False, "event is out of scope distance"
+        elif event.type == "TECHNOLOGY":
+            if not event.data["technology"].lower().startswith("gitlab"):
+                return False, "technology is not gitlab"
+            if not self.helpers.is_ip(event.host) and self.helpers.tldextract(event.host).domain == "gitlab":
+                return False, "gitlab instance is not self-hosted"
+        elif event.type == "SOCIAL":
+            if event.data["platform"] != "gitlab":
+                return False, "platform is not gitlab"
+            _, domain = self.helpers.split_domain(event.host)
+            if domain in self.saas_domains:
+                return False, "gitlab instance is not self-hosted"
+        return True
+
+    async def handle_http_response(self, event):
+        """Identify GitLab servers from HTTP responses."""
+        headers = event.data.get("header", {})
+        if "x_gitlab_meta" in headers:
+            url = event.parsed_url._replace(path="/").geturl()
+            await self.emit_event(
+                {"host": str(event.host), "technology": "GitLab", "url": url},
+                "TECHNOLOGY",
+                parent=event,
+                context=f"{{module}} detected {{event.type}}: GitLab at {url}",
+            )
+            description = f"GitLab server at {event.host}"
+            await self.emit_event(
+                {"host": str(event.host), "description": description},
+                "FINDING",
+                parent=event,
+                context=f"{{module}} detected {{event.type}}: {description}",
+            )
+
+    async def handle_technology(self, event):
+        """Enumerate projects & groups once we know a host is GitLab."""
+        base_url = self.get_base_url(event)
+
+        # Projects owned by the authenticated user (or public projects if no
+        # authentication).
+        projects_url = self.helpers.urljoin(base_url, "api/v4/projects?simple=true")
+        await self.handle_projects_url(projects_url, event)
+
+        # Group enumeration.
+        groups_url = self.helpers.urljoin(base_url, "api/v4/groups?simple=true")
+        await self.handle_groups_url(groups_url, event)

bbot/modules/templates/gitlab.py

@@ -0,0 +1,98 @@
+from bbot.modules.base import BaseModule
+
+
+class GitLabBaseModule(BaseModule):
+    """Common functionality for interacting with GitLab instances.
+
+    This template is intended to be inherited by two concrete modules:
+    1. ``gitlab_com``   – Handles public SaaS instances (gitlab.com / gitlab.org).
+    2. ``gitlab_onprem`` – Handles self-hosted, on-premises GitLab servers.
+
+    Both child modules share identical behaviour when talking to the GitLab
+    REST API; they only differ in which events they are willing to accept.
+    """
+
+    # domains owned by GitLab
+    saas_domains = ["gitlab.com", "gitlab.org"]
+
+    async def setup(self):
+        if self.options.get("api_key") is not None:
+            await self.require_api_key()
+        return True
+
+    async def handle_social(self, event):
+        """Enumerate projects belonging to a user or group profile."""
+        username = event.data.get("profile_name", "")
+        if not username:
+            return
+        base_url = self.get_base_url(event)
+        urls = [
+            # User-owned projects
+            self.helpers.urljoin(base_url, f"api/v4/users/{username}/projects?simple=true"),
+            # Group-owned projects
+            self.helpers.urljoin(base_url, f"api/v4/groups/{username}/projects?simple=true"),
+        ]
+        for url in urls:
+            await self.handle_projects_url(url, event)
+
+    async def handle_projects_url(self, projects_url, event):
+        for project in await self.gitlab_json_request(projects_url):
+            project_url = project.get("web_url", "")
+            if project_url:
+                code_event = self.make_event({"url": project_url}, "CODE_REPOSITORY", tags="git", parent=event)
+                await self.emit_event(
+                    code_event,
+                    context=f"{{module}} enumerated projects and found {{event.type}} at {project_url}",
+                )
+            namespace = project.get("namespace", {})
+            if namespace:
+                await self.handle_namespace(namespace, event)
+
+    async def handle_groups_url(self, groups_url, event):
+        for group in await self.gitlab_json_request(groups_url):
+            await self.handle_namespace(group, event)
+
+    async def gitlab_json_request(self, url):
+        """Helper that performs an HTTP request and safely returns JSON list."""
+        response = await self.api_request(url)
+        if response is not None:
+            try:
+                json_data = response.json()
+            except Exception:
+                return []
+            if json_data and isinstance(json_data, list):
+                return json_data
+        return []
+
+    async def handle_namespace(self, namespace, event):
+        namespace_name = namespace.get("path", "")
+        namespace_url = namespace.get("web_url", "")
+        namespace_path = namespace.get("full_path", "")
+
+        if not (namespace_name and namespace_url and namespace_path):
+            return
+
+        namespace_url = self.helpers.parse_url(namespace_url)._replace(path=f"/{namespace_path}").geturl()
+
+        social_event = self.make_event(
+            {
+                "platform": "gitlab",
+                "profile_name": namespace_path,
+                "url": namespace_url,
+            },
+            "SOCIAL",
+            parent=event,
+        )
+        await self.emit_event(
+            social_event,
+            context=f'{{module}} found GitLab namespace ({{event.type}}) "{namespace_name}" at {namespace_url}',
+        )
+
+    # ------------------------------------------------------------------
+    # Utility helpers
+    # ------------------------------------------------------------------
+    def get_base_url(self, event):
+        base_url = event.data.get("url", "")
+        if not base_url:
+            base_url = f"https://{event.host}"
+        return self.helpers.urlparse(base_url)._replace(path="/").geturl()

bbot/test/test_step_2/module_tests/test_module_dnsdumpster.py

@@ -5,13 +5,11 @@ class TestDNSDumpster(ModuleTestBase):
     async def setup_after_prep(self, module_test):
         module_test.httpx_mock.add_response(
             url="https://dnsdumpster.com",
-            headers={"Set-Cookie": "csrftoken=asdf"},
-            content=b'<!DOCTYPE html>\n<html lang="en">\n  <head>\n\n    <meta charset="utf-8">\n    <meta http-equiv="X-UA-Compatible" content="IE=edge">\n<meta name="google-site-verification" content="vAWNZCy-5XAPGRgA2_NY5HictfnByvgpqOLQUAmVZW0" />\n    <meta name="viewport" content="width=device-width, initial-scale=1">\n    <meta name="description" content="Find dns records in order to identify the Internet footprint of an organization. Recon that enables deeper security assessments and discovery of the attack surface.">\n    <meta name="author" content="">\n    <link rel="icon" href="/static/favicon.ico">\n    <title>DNSdumpster.com - dns recon and research, find and lookup dns records</title>\n\n\n    <!-- Bootstrap core CSS -->\n    <link href="/static/css/bootstrap.min.css" rel="stylesheet">\n    <link href="/static/font-awesome/css/font-awesome.min.css" rel="stylesheet">\n\n    <!-- Custom styles for this template -->\n    <link href="/static/cover.css?v=1.4" rel="stylesheet">\n\n  </head>\n\n  <body>\n\n    <div class="site-wrapper">\n      <div class="site-wrapper-inner">\n<!-- Section 1 -->\n<section id="intro" data-speed="6" data-type="background">\n    <div class="container">\n\n   <div class="masthead clearfix">\n   <div class="container inner">\n        <nav>\n       <ul class="nav masthead-nav">\n   <li><a href="https://dnsdumpster.com/" data-toggle="tooltip"  data-placement="bottom" title="Home"><i style="font-size: 1.2em;" class="fa fa-home"></i></a></li>\n   <li><a href="/osint-network-defenders/"  data-toggle="tooltip"  data-placement="bottom" title="Defend"><i style="font-size: 1.2em;" class="fa fa-shield" aria-hidden="true"></i></a></li>\n   <li><a href="/footprinting-reconnaissance/" data-placement="bottom" data-toggle="tooltip" title="Learn"><i style="font-size: 1.2em;" class="fa fa-mortar-board" aria-hidden="true"></i></a></li>\n   <li><a href="https://hackertarget.com/" data-toggle="tooltip" title="Online Vulnerability Scanners"><i style="font-size: 1.2em; color: #00CC00;" class="fa fa-bullseye"></i></a></li>\n       </ul>\n        </nav>\n   </div>\n   </div>\n\n\n\n\n        <div class="cover-container" style="max-width: 900px;">\n          <div class="inner cover">\n            <h1 class="cover-heading" style="margin-top: 100px;">dns recon & research, find & lookup dns records</h1>\n<p class="lead">\n<div id="hideform">\n<form role="form" action="." method="post"><input type="hidden" name="csrfmiddlewaretoken" value="XYxKkbdJJrio6VMqowCdykwpM4mAflKkF9BcKFbLdmPbB3lwXArEVJvTPNpIz50l">\n  <div class="form-group">\n<div class="col-md-2"></div><div class="col-md-6">\n\n<input class="form-control" type="text" placeholder="exampledomain.com" name="targetip" id="regularInput" autofocus>\n\n<input type="hidden" name="user" value="free">\n</div></div>\n<div align="left" id="formsubmit"><button type="submit" class="btn btn-default">Search <span class="glyphicon glyphicon-chevron-right"></span></button></div>\n</form></div></div>\n<div class="row"><div class="col-md-2"></div><div class="col-md-8">\n<div id="showloading" style="color: #fff;">Loading...<br>\n<div class="progress">\n<div class="progress-bar progress-bar-success progress-bar-striped active" role="progressbar" aria-valuenow="45" aria-valuemin="0" aria-valuemax="100" style="width: 100%">\n</div></div></div></div></div></div>\n</P>\n\n<div class="row"><div class="col-md-12" style="padding: 80px;">\n\n</div></div>\n\n<p class="lead" style="margin-top: 40px; margin-bottom: 30px;">DNSdumpster.com is a FREE domain research tool that can discover hosts related to a domain. Finding visible hosts from the attackers perspective is an important part of the security assessment process.</p>\n\n          </div>\n\n              <p style="color: #777; margin-top: 40px;">this is a <a href="https://hackertarget.com/" title="Online Vulnerability Scanners"><button type="button" class="btn btn-danger btn-xs">HackerTarget.com</button></a> project</p>\n\n\n      <div style="margin-top: 160px;" class="container">\n        <div class="row">\n          <div class="col-lg-12 text-center">\n            <h2 class="section-heading text-uppercase"></h2>\n            <h3 class="section-subheading text-muted">Open Source Intelligence for Networks</h3>\n          </div>\n        </div>\n        <div style="margin-top: 30px;" class="row text-center">\n          <div class="col-md-4">\n            <span class="fa-stack fa-4x">\n              <i class="fa fa-user-secret fa-stack-1x" style="color: #00CC00;"></i>\n            </span>\n            <h4 class="service-heading">Attack</h4>\n            <p class="text-muted">The ability to quickly identify the attack surface is essential. Whether you are penetration testing or chasing bug bounties.</p>\n          </div>\n          <div class="col-md-4">\n            <span class="fa-stack fa-4x">\n              <i class="fa fa-shield fa-stack-1x" style="color: #00CC00;"></i>\n            </span>\n            <h4 class="service-heading">Defend</h4>\n            <p class="text-muted">Network defenders benefit from passive reconnaissance in a number of ways. With analysis informing information security strategy.</p>\n          </div>\n          <div class="col-md-4">\n            <span class="fa-stack fa-4x">\n              <i class="fa fa-mortar-board fa-stack-1x" style="color: #00CC00;"></i>\n            </span>\n            <h4 class="service-heading">Learn</h4>\n            <p class="text-muted">Understanding network based OSINT helps information technologists to better operate, assess and manage the network.</p>\n          </div>\n        </div>\n      </div>\n\n\n\n\n    <div class="container" style="background-color: #474747; margin-top: 180px; padding-bottom: 80px;"><div class="col-md-2"></div><div class="col-md-8">\n\n       <span class="glyphicon glyphicon-trash" style="font-size: 4em; line-height: 5.5em;"></span>\n<p style="font-size: 1.7em; line-height: 1.9em; margin-bottom: 80px;">Map an organizations attack surface with a virtual <i>dumpster dive*</i> of the DNS records associated with the target organization.</p>\n<p style="font-size: 1.2em; color: #fff;">*DUMPSTER DIVING: The practice of sifting refuse from an office or technical installation to extract confidential data, especially security-compromising information.</p>\n</div>    </div>\n\n\n<div class="container" style="text-align: left; margin-top: 80px; margin-bottom: 80px;">\n\n<h2 style="font-size: 1.8em;">Frequently Asked Questions</h2>\n\n<h4 style="margin-top: 30px;">How can I take my security assessments to the next level?</h4>\n\n<p>The company behind DNSDumpster is <a href="https://hackertarget.com/" title="Online Vulnerability Scanners">hackertarget.com</a> where we provide online hosted access to trusted open source security vulnerability scanners and network intelligence tools.</P><P>Save time and headaches by incorporating our attack surface discovery into your vulnerability assessment process.</p><P style="text-align: center; padding: 30px;"><a href="https://hackertarget.com/" title="HackerTarget.com | Online Security Testing and Open Source Intelligence"><img src="https://hackertarget.com/wp-content/uploads/2019/09/know-your-network-tools.png" alt="HackerTarget.com | Online Security Testing and Open Source Intelligence"></a></p>\n\n<h4>What data does DNSDumpster use?</h4>\n\n<p>No brute force subdomain enumeration is used as is common in dns recon tools that enumerate subdomains. We use open source intelligence resources to query for related domain data. It is then compiled into an actionable resource for both attackers and defenders of Internet facing systems.</P>\n<P>More than a simple <a href="https://hackertarget.com/dns-lookup/" title="Online DNS Lookup">DNS lookup</a> this tool will discover those hard to find sub-domains and web hosts. The search relies on data from our crawls of the Alexa Top 1 Million sites, Search Engines, Common Crawl, Certificate Transparency, Max Mind, Team Cymru, Shodan and <a href="https://scans.io/" style="text-decoration: underline;">scans.io</a>.</P>\n\n<h4>I have hit the host limit, do you have a PRO option?</h4>\n\n<P>Over at <a href="https://hackertarget.com/" title="Online Vulnerability Scanners">hackertarget.com</a> there\'s a tool we call <a href="https://hackertarget.com/domain-profiler/">domain profiler</a>. This compiles data similar to DNSDumpster; with additional data discovery. Queries available are based on the membership plan with the number of results (subdomains) being unlimited. With a STARTER membership you have access to the domain profiler tool for 12 months. Once the years membership expires you will revert to BASIC member status, however access to Domain Profiler and Basic Nmap scans continue. The BASIC access does not expire.</P>\n\n<h4>What are some other resources and tools for learning more?</h4>\n\n<P>There are some great open source recon frameworks that have been developed over the past couple of years. In addition tools such as <b>Metasploit</b> and <b>Nmap</b> include various modules for enumerating DNS. Check our <a href="https://dnsdumpster.com/footprinting-reconnaissance/">Getting Started with Footprinting</a> for more information.</P>\n\n</div>\n\n\n</div></div>\n</div></div>\n\n<footer>\n<div class="row" style="background-color: #1e1e1e; padding-top: 40px; padding-bottom: 20px;"><div class="container">\n<div class="col-md-6 col-sm-12 right-border" style="text-align: center;">\n<div class="footer-about" style="text-align: left; padding-left: 40px;">\n<h2 class="footer-title" style="font-size: 1.8em;">About</h2>\n<p style="margin-top: 20px;">At <a href="https://hackertarget.com/">hackertarget.com</a>, we have been scanning the Internet since 2007. Our vulnerability scanners now reach millions of IP addresses every year. We work to raise awareness of the value in open source security solutions.</p>\n</div>\n</div>\n<div class="col-md-6 col-sm-12">\n<div class="contact-info" style="text-align: left; padding-left: 40px;">\n<h2 class="footer-title" style="font-size: 1.8em;">Stay in Touch</h2>\n\n<div class="single">\n        <p><i style="font-size: 1.2em;" class="fa fa-envelope"></i> dnsdumpster@gmail.com</p>\n</div>\n<div class="single">\n        <p><i style="font-size: 1.2em;" class="fa fa-twitter"></i> <a href="https://twitter.com/hackertarget/">@hackertarget</a></p>\n</div>\n<!-- Begin MailChimp Signup Form -->\n<link href="https://cdn-images.mailchimp.com/embedcode/horizontal-slim-10_7.css" rel="stylesheet" type="text/css">\n<style type="text/css">\n    #mc_embed_signup{background:#1e1e1e; clear:left; font:14px Helvetica,Arial,sans-serif; width:100%;}\n        /* Add your own MailChimp form style overrides in your site stylesheet or in this style block.\n               We recommend moving this block and the preceding CSS link to the HEAD of your HTML file. */\n               </style>\n               <div id="mc_embed_signup">\n               <form action="https://dnsdumpster.us17.list-manage.com/subscribe/post?u=3cbc62d931a69e74b2c856f1a&amp;id=532c46ab39" method="post" id="mc-embedded-subscribe-form" name="mc-embedded-subscribe-form" class="validate" target="_blank" novalidate>\n                   <div id="mc_embed_signup_scroll" style="text-align: left;">\n\n                        <input type="email" value="" name="EMAIL" class="email" id="mce-EMAIL" placeholder="email address" required>\n                            <!-- real people should not fill this in and expect good things - do not remove this or risk form bot signups-->\n                                <div style="position: absolute; left: -5000px;" aria-hidden="true"><input type="text" name="b_3cbc62d931a69e74b2c856f1a_532c46ab39" tabindex="-1" value=""></div><br>\n                                    <div class="clear" style="margin-top: 5px;"><input type="submit" style="background-color: #00CC00;" value="Subscribe to our List" name="subscribe" id="mc-embedded-subscribe" class="button"> <span style="font-size: 0.8em;">Low volume Updates and News</a></div>\n                                        </div>\n                                        </form>\n                                        </div>\n\n                                        <!--End mc_embed_signup-->\n\n</div>\n</div>\n</div>\n<div class="clearfix"></div>\n<div class="copyright" style="background-color: #1e1e1e; margin-top: 20px;">\n<p>Copyright &copy; 2023 Hacker Target Pty Ltd</p>\n</div>\n</div>\n</div>\n</div>\n</footer>\n                                                </div>\n                                        </div>\n                                </div>\n                        </div>\n\n\n\n\n</div></div>\n\n    <!-- Bootstrap core JavaScript\n    ================================================== -->\n    <!-- Placed at the end of the document so the pages load faster -->\n    <script src="https://dnsdumpster.com/static/js/jquery-1.12.4.min.js"></script>\n    <script src="/static/js/bootstrap.min.js"></script>\n\n\n\n<script type="text/javascript">\n            $(document).ready(function() {\n$(\'[data-toggle="tooltip"]\').tooltip({\'placement\': \'top\'});\n\n$("body").on(\'DOMSubtreeModified\', ".modal-content", function() {\n    $(".modal-heading").hide();\n    $(".modal-content").show();\n});\n\n      $(\'body\').on(\'hidden.bs.modal\', \'.modal\', function () {\n        $(this).removeData(\'bs.modal\');\n      });\n\n            }); //END $(document).ready()\n\n\n$(\'a.external\').on(\'click\', function(e) {\n        e.preventDefault();\n        $(".modal-heading").show();\n        $(".modal-content").hide();\n\n\n        var url = $(this).attr(\'href\');\n        $(".modal-body").html(\'<iframe id="myiframe" style="background-color: #ccc;" width="100%" height="100%" frameborder="0" scrolling="yes" allowtransparency="true" src="\'+url+\'"></iframe>\');\n    });\n\n \n\n\n    $(\'#myModal\').on(\'show.bs.modal\', function () {\n        $(this).find(\'.modal-dialog\').css({\n                  width:\'80%\', //choose your width\n                  height:\'80%\',\n                  \'padding\':\'5\'\n           });\n         $(this).find(\'.modal-content\').css({\n                  height:\'100%\',\n                  \'border-radius\':\'0\',\n                  \'padding\':\'15\'\n           });\n         $(this).find(\'.modal-body\').html(null);\n         $(this).find(\'.modal-body\').css({\n                  width:\'auto\',\n                  height:\'100%\',\n                  \'padding\':\'5\'\n           });\n    })\n\n        </script>\n\n<script>\n$(document).ready(function(){\n  $("#showloading").hide();\n  $("#formsubmit").click(function(){\n    $("#hideform").hide();\n    $("#showloading").show();\n  });\n\n});\n</script>\n<!-- Google tag (gtag.js) -->\n<script async src="https://www.googletagmanager.com/gtag/js?id=G-FPGN9YXFNE"></script>\n<script>\n  window.dataLayer = window.dataLayer || [];\n  function gtag(){dataLayer.push(arguments);}\n  gtag(\'js\', new Date());\n\n  gtag(\'config\', \'G-FPGN9YXFNE\');\n</script>\n  </body>\n</html>\n',
+            content=b"""<form data-form-id="mainform" class="mb-6" hx-post="https://api.dnsdumpster.com/htmld/" hx-target="#results" hx-headers='{"Authorization": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjAsImlhdCI6MTc1OTAxODczOCwiZXhwIjoxNzU5MDE5NjM4LCJkYXRhIjoiZmMxMDcwOTVjYmRjN2Y5YjU1ZWJiM2ZlZGViNWQ5Y2M5MWU1NmEzNGEwYzliNzM5ZjRlYzg2Mjk4MmM0ZDI5YSIsIm1lbWJlcl9zdGF0dXMiOiJmcmVlIn0.7NWBC6TFSaDZH-_VKqDoXqv3nH4a1k30NUxrijg1KqI"}'><div class="form-group">""",
         )
         module_test.httpx_mock.add_response(
-            url="https://dnsdumpster.com/",
-            method="POST",
-            content=b'<!DOCTYPE html>\n<html lang="en">\n  <head>\n\n    <meta charset="utf-8">\n    <meta http-equiv="X-UA-Compatible" content="IE=edge">\n<meta name="google-site-verification" content="vAWNZCy-5XAPGRgA2_NY5HictfnByvgpqOLQUAmVZW0" />\n    <meta name="viewport" content="width=device-width, initial-scale=1">\n    <meta name="description" content="Find dns records in order to identify the Internet footprint of an organization. Recon that enables deeper security assessments and discovery of the attack surface.">\n    <meta name="author" content="">\n    <link rel="icon" href="/static/favicon.ico">\n    <title>DNSdumpster.com - dns recon and research, find and lookup dns records</title>\n\n\n    <!-- Bootstrap core CSS -->\n    <link href="/static/css/bootstrap.min.css" rel="stylesheet">\n    <link href="/static/font-awesome/css/font-awesome.min.css" rel="stylesheet">\n\n    <!-- Custom styles for this template -->\n    <link href="/static/cover.css?v=1.4" rel="stylesheet">\n\n  </head>\n\n  <body>\n\n    <div class="site-wrapper">\n      <div class="site-wrapper-inner">\n<!-- Section 1 -->\n<section id="intro" data-speed="6" data-type="background">\n    <div class="container">\n\n   <div class="masthead clearfix">\n   <div class="container inner">\n        <nav>\n       <ul class="nav masthead-nav">\n   <li><a href="https://dnsdumpster.com/" data-toggle="tooltip"  data-placement="bottom" title="Home"><i style="font-size: 1.2em;" class="fa fa-home"></i></a></li>\n   <li><a href="/osint-network-defenders/"  data-toggle="tooltip"  data-placement="bottom" title="Defend"><i style="font-size: 1.2em;" class="fa fa-shield" aria-hidden="true"></i></a></li>\n   <li><a href="/footprinting-reconnaissance/" data-placement="bottom" data-toggle="tooltip" title="Learn"><i style="font-size: 1.2em;" class="fa fa-mortar-board" aria-hidden="true"></i></a></li>\n   <li><a href="https://hackertarget.com/" data-toggle="tooltip" title="Online Vulnerability Scanners"><i style="font-size: 1.2em; color: #00CC00;" class="fa fa-bullseye"></i></a></li>\n       </ul>\n        </nav>\n   </div>\n   </div>\n\n\n\n\n        <div class="cover-container" style="max-width: 900px;">\n          <div class="inner cover">\n            <h1 class="cover-heading" style="margin-top: 100px;">dns recon & research, find & lookup dns records</h1>\n<p class="lead">\n<div id="hideform">\n<form role="form" action="." method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS">\n  <div class="form-group">\n<div class="col-md-2"></div><div class="col-md-6">\n\n<input class="form-control" type="text" placeholder="exampledomain.com" name="targetip" id="regularInput" autofocus>\n\n<input type="hidden" name="user" value="free">\n</div></div>\n<div align="left" id="formsubmit"><button type="submit" class="btn btn-default">Search <span class="glyphicon glyphicon-chevron-right"></span></button></div>\n</form></div></div>\n<div class="row"><div class="col-md-2"></div><div class="col-md-8">\n<div id="showloading" style="color: #fff;">Loading...<br>\n<div class="progress">\n<div class="progress-bar progress-bar-success progress-bar-striped active" role="progressbar" aria-valuenow="45" aria-valuemin="0" aria-valuemax="100" style="width: 100%">\n</div></div></div></div></div></div>\n</P>\n\n<div class="row"><div class="col-md-12" style="padding: 80px;">\n\n<p><h4 style="color: #00CC00; text-align: left; font-size: 1.5em; line-height: 2.7em;">Showing results for <span style="font-weight: 700;">blacklanternsecurity.com</span></h4></p>\n<div style="text-align: right; font-size: 1em;"><a href="#dnsanchor"><span class="label label-default">DNS Servers</span></a> <a href="#mxanchor"><span class="label label-default">MX Records</span></a> <a href="#txtanchor"><span class="label label-default">TXT Records</span></a> <a href="#hostanchor"><span class="label label-default">Host (A) Records</span></a> <a href="#domainmap"><span class="label label-default">Domain Map</span></a></div><div class="clearfix" style="height: 30px;"></div>\n<div class="container">\n    <div class="row">\n        <div class="col-md-4">\n<p style="color: #ddd; font-family: \'Courier New\', Courier, monospace; text-align: left; padding-left: 30px; padding-bottom: 20px;">Hosting (IP block owners)</P>\n<canvas id="hosting" height="380" width="300"></canvas></div>\n        <div class="col-md-8">\n<p style="color: #ddd; font-family: \'Courier New\', Courier, monospace; text-align: left; padding-left: 30px;">GeoIP of Host Locations</P>\n  <div id="world-map" style="width: 480px; height: 380px"></div>\n</div>                        </div>\n</div>\n\n<p style="color: #ddd; font-family: \'Courier New\', Courier, monospace; text-align: left;"><a name="dnsanchor"></a>DNS Servers</P>\n<div class="table-responsive" style="text-align: left;">\n  <table class="table" style="font-size: 1.1em; border-color: #777;">\n \n   <tr><td class="col-md-4">ns01.domaincontrol.com.<br>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/httpheaders/?q=ns01.domaincontrol.com." data-target="#myModal"><span class="glyphicon glyphicon-globe" data-toggle="tooltip" data-placement="top" title="Get HTTP Headers from IP address (Active)"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/zonetransfer/?q=ns01.domaincontrol.com." data-target="#myModal"><span class="glyphicon glyphicon-log-in" data-toggle="tooltip" data-placement="top" title="Attempt Zone Transfer (Active)"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/mtr/?q=97.74.100.1" data-target="#myModal"><span class="glyphicon glyphicon-random" data-toggle="tooltip" data-placement="top" title="Trace path to IP address using MTR (Active)"></span></a> <a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/findshareddns/?q=ns01.domaincontrol.com." data-target="#myModal"><span class="glyphicon glyphicon-cloud-download" data-toggle="tooltip" data-placement="top" title="Find hosts sharing this DNS server"></span></a>\n<form style="display: inline;" role="form" action="." method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="97.74.100.0/23" name="targetip"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Search Banners for Netblock (Passive)"><span class="glyphicon glyphicon-eye-open"></span></button></form>\n<form style="display: inline;" role="form" action="https://hackertarget.com/nmap-online-port-scanner/" target="_blank" method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="97.74.100.1" name="send_scan[]"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Nmap Port Scan (Active)"><span class="glyphicon glyphicon-screenshot" style="color: #0C0;"></span></button></form>\n</td><td class="col-md-3">97.74.100.1<br><span style="font-size: 0.9em; color: #eee;">ns01.domaincontrol.com</span></td><td class="col-md-3">GODADDY-DNS<br><span style="font-size: 0.9em; color: #eee;">United States</span></td></tr>\n \n   <tr><td class="col-md-4">ns02.domaincontrol.com.<br>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/httpheaders/?q=ns02.domaincontrol.com." data-target="#myModal"><span class="glyphicon glyphicon-globe" data-toggle="tooltip" data-placement="top" title="Get HTTP Headers from IP address (Active)"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/zonetransfer/?q=ns02.domaincontrol.com." data-target="#myModal"><span class="glyphicon glyphicon-log-in" data-toggle="tooltip" data-placement="top" title="Attempt Zone Transfer (Active)"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/mtr/?q=173.201.68.1" data-target="#myModal"><span class="glyphicon glyphicon-random" data-toggle="tooltip" data-placement="top" title="Trace path to IP address using MTR (Active)"></span></a> <a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/findshareddns/?q=ns02.domaincontrol.com." data-target="#myModal"><span class="glyphicon glyphicon-cloud-download" data-toggle="tooltip" data-placement="top" title="Find hosts sharing this DNS server"></span></a>\n<form style="display: inline;" role="form" action="." method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="173.201.68.0/23" name="targetip"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Search Banners for Netblock (Passive)"><span class="glyphicon glyphicon-eye-open"></span></button></form>\n<form style="display: inline;" role="form" action="https://hackertarget.com/nmap-online-port-scanner/" target="_blank" method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="173.201.68.1" name="send_scan[]"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Nmap Port Scan (Active)"><span class="glyphicon glyphicon-screenshot" style="color: #0C0;"></span></button></form>\n</td><td class="col-md-3">173.201.68.1<br><span style="font-size: 0.9em; color: #eee;">ns02.domaincontrol.com</span></td><td class="col-md-3">GODADDY-DNS<br><span style="font-size: 0.9em; color: #eee;">United States</span></td></tr>\n   \n  </table>\n</div>\n\n<p style="color: #ddd; font-family: \'Courier New\', Courier, monospace; text-align: left;"><a name="mxanchor"></a>MX Records <span style="font-size: 0.8em; color: #777;">** This is where email for the domain goes...</P>\n<div class="table-responsive" style="text-align: left;">\n  <table class="table" style="font-size: 1.1em; font-family: \'Courier New\', Courier, monospace;">\n \n   <tr><td class="col-md-4">asdf.blacklanternsecurity.com.mail.protection.outlook.com.<br>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/reverseiplookup/?q=104.47.55.138" data-target="#myModal"><span class="glyphicon glyphicon-th" data-toggle="tooltip" data-placement="top" title="Find hosts sharing this IP address"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/mtr/?q=104.47.55.138" data-target="#myModal"><span class="glyphicon glyphicon-random" data-toggle="tooltip" data-placement="top" title="Trace path"></span></a>\n<form style="display: inline;" role="form" action="." method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="104.40.0.0/13" name="targetip"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Search Banners for Netblock (Passive)"><span class="glyphicon glyphicon-eye-open"></span></button></form>\n<form style="display: inline;" role="form" action="https://hackertarget.com/nmap-online-port-scanner/" target="_blank" method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="104.47.55.138" name="send_scan[]"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Nmap Port Scan (Active)"><span class="glyphicon glyphicon-screenshot" style="color: #0C0;"></span></button></form>\n</td><td class="col-md-3">104.47.55.138<br><span style="font-size: 0.9em; color: #eee;">mail-bn8nam120138.inbound.protection.outlook.com</span></td><td class="col-md-3">MICROSOFT-CORP-MSN-AS-BLOCK<br><span style="font-size: 0.9em; color: #eee;">United States</span></td></tr>\n   \n  </table>\n</div>\n\n<p style="color: #ddd; font-family: \'Courier New\', Courier, monospace; text-align: left;"><a name="txtanchor"></a>TXT Records <span style="font-size: 0.8em; color: #777;">** Find more hosts in Sender Policy Framework (SPF) configurations</span></P>\n<div class="table-responsive" style="text-align: left;">\n  <table class="table" style="font-size: 1.1em; font-family: \'Courier New\', Courier, monospace;">\n\n<tr><td>&quot;MS=ms26206678&quot;</td></tr>\n\n<tr><td>&quot;v=spf1 ip4:50.240.76.25 include:spf.protection.outlook.com -all&quot;</td></tr>\n\n<tr><td>&quot;google-site-verification=O_PoQFTGJ_hZ9LqfNT9OEc0KPFERKHQ_1t1m0YTx_1E&quot;</td></tr>\n\n<tr><td>&quot;google-site-verification=7XKUMxJSTHBSzdvT7gH47jLRjNAS76nrEfXmzhR_DO4&quot;</td></tr>\n\n</table>\n</div>\n\n\n<p style="color: #ddd; font-family: \'Courier New\', Courier, monospace; text-align: left;"><a name="hostanchor"></a>Host Records (A) <span style="font-size: 0.8em; color: #777;">** this data may not be current as it uses a static database (updated monthly)</span> </P>\n<div class="table-responsive" style="text-align: left;">\n  <table class="table" style="font-size: 1.1em; font-family: \'Courier New\', Courier, monospace;">\n\n \n   <tr><td class="col-md-4">blacklanternsecurity.com<br>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/reverseiplookup/?q=185.199.108.153" data-target="#myModal"><span class="glyphicon glyphicon-th" data-toggle="tooltip" data-placement="top" title="Find hosts sharing this IP address"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/httpheaders/?q=http://blacklanternsecurity.com" data-target="#myModal"><span class="glyphicon glyphicon-globe" data-toggle="tooltip" data-placement="top" title="Get HTTP Headers"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/mtr/?q=185.199.108.153" data-target="#myModal"><span class="glyphicon glyphicon-random" data-toggle="tooltip" data-placement="top" title="Trace path"></span></a>\n<form style="display: inline;" role="form" action="." method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="185.199.108.0/24" name="targetip"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Search Banners for Netblock (Passive)"><span class="glyphicon glyphicon-eye-open"></span></button></form>\n<form style="display: inline;" role="form" action="https://hackertarget.com/nmap-online-port-scanner/" target="_blank" method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="185.199.108.153" name="send_scan[]"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Nmap Port Scan (Active)"><span class="glyphicon glyphicon-screenshot" style="color: #0C0;"></span></button></form>\n<!--  -->\n\n<br><span style="font-size: 0.8em; color: #bbb;">HTTP: </span>\n <span style="font-size: 0.9em; color: #eee; color: #0C0;"  data-toggle="tooltip" data-placement="top" title="HTTP Server found in Global Scan data (Passive)">GitHub.com</span>\n\n\n\n\n\n\n\n\n<br><span style="font-size: 0.8em; color: #bbb;">HTTP TECH: </span>\n <span style="font-size: 0.9em; color: #eee; color: #0C0;"  data-toggle="tooltip" data-placement="top" title="Apps / Technologies found in Global Scan data (Passive)">varnish</span>\n\n\n\n</td><td class="col-md-3">185.199.108.153<br><span style="font-size: 0.9em; color: #eee;">cdn-185-199-108-153.github.com</span></td><td class="col-md-3">FASTLY<br><span style="font-size: 0.9em; color: #eee;">United States</span></td></tr>\n \n   <tr><td class="col-md-4">asdf.blacklanternsecurity.com<br>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/reverseiplookup/?q=143.244.156.80" data-target="#myModal"><span class="glyphicon glyphicon-th" data-toggle="tooltip" data-placement="top" title="Find hosts sharing this IP address"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/httpheaders/?q=http://asdf.blacklanternsecurity.com" data-target="#myModal"><span class="glyphicon glyphicon-globe" data-toggle="tooltip" data-placement="top" title="Get HTTP Headers"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/mtr/?q=143.244.156.80" data-target="#myModal"><span class="glyphicon glyphicon-random" data-toggle="tooltip" data-placement="top" title="Trace path"></span></a>\n<form style="display: inline;" role="form" action="." method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="143.244.144.0/20" name="targetip"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Search Banners for Netblock (Passive)"><span class="glyphicon glyphicon-eye-open"></span></button></form>\n<form style="display: inline;" role="form" action="https://hackertarget.com/nmap-online-port-scanner/" target="_blank" method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="143.244.156.80" name="send_scan[]"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Nmap Port Scan (Active)"><span class="glyphicon glyphicon-screenshot" style="color: #0C0;"></span></button></form>\n<!--  -->\n\n\n\n\n<br><span style="font-size: 0.8em; color: #bbb;">SSH: </span>\n <span style="font-size: 0.9em; color: #eee; color: #0C0;"  data-toggle="tooltip" data-placement="top" title="SSH Server found in Global Scan data (Passive)">SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3</span>\n\n\n\n\n\n\n\n</td><td class="col-md-3">143.244.156.80<br><span style="font-size: 0.9em; color: #eee;">asdf.blacklanternsecurity.com</span></td><td class="col-md-3">DIGITALOCEAN-ASN<br><span style="font-size: 0.9em; color: #eee;">United States</span></td></tr>\n \n   <tr><td class="col-md-4">asdf.blacklanternsecurity.com<br>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/reverseiplookup/?q=64.227.8.231" data-target="#myModal"><span class="glyphicon glyphicon-th" data-toggle="tooltip" data-placement="top" title="Find hosts sharing this IP address"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/httpheaders/?q=http://asdf.blacklanternsecurity.com" data-target="#myModal"><span class="glyphicon glyphicon-globe" data-toggle="tooltip" data-placement="top" title="Get HTTP Headers"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/mtr/?q=64.227.8.231" data-target="#myModal"><span class="glyphicon glyphicon-random" data-toggle="tooltip" data-placement="top" title="Trace path"></span></a>\n<form style="display: inline;" role="form" action="." method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="64.227.0.0/20" name="targetip"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Search Banners for Netblock (Passive)"><span class="glyphicon glyphicon-eye-open"></span></button></form>\n<form style="display: inline;" role="form" action="https://hackertarget.com/nmap-online-port-scanner/" target="_blank" method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="64.227.8.231" name="send_scan[]"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Nmap Port Scan (Active)"><span class="glyphicon glyphicon-screenshot" style="color: #0C0;"></span></button></form>\n<!--  -->\n\n<br><span style="font-size: 0.8em; color: #bbb;">HTTP: </span>\n <span style="font-size: 0.9em; color: #eee; color: #0C0;"  data-toggle="tooltip" data-placement="top" title="HTTP Server found in Global Scan data (Passive)">Apache/2.4.29 (Ubuntu)</span>\n\n\n\n\n\n\n\n\n<br><span style="font-size: 0.8em; color: #bbb;">HTTP TECH: </span>\n <span style="font-size: 0.9em; color: #eee; color: #0C0;"  data-toggle="tooltip" data-placement="top" title="Apps / Technologies found in Global Scan data (Passive)">Ubuntu<br>Apache,2.4.29</span>\n\n\n\n</td><td class="col-md-3">64.227.8.231<br><span style="font-size: 0.9em; color: #eee;">asdf.blacklanternsecurity.com</span></td><td class="col-md-3">DIGITALOCEAN-ASN<br><span style="font-size: 0.9em; color: #eee;">United States</span></td></tr>\n \n   <tr><td class="col-md-4">asdf.blacklanternsecurity.com<br>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/reverseiplookup/?q=192.34.56.157" data-target="#myModal"><span class="glyphicon glyphicon-th" data-toggle="tooltip" data-placement="top" title="Find hosts sharing this IP address"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/httpheaders/?q=http://asdf.blacklanternsecurity.com" data-target="#myModal"><span class="glyphicon glyphicon-globe" data-toggle="tooltip" data-placement="top" title="Get HTTP Headers"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/mtr/?q=192.34.56.157" data-target="#myModal"><span class="glyphicon glyphicon-random" data-toggle="tooltip" data-placement="top" title="Trace path"></span></a>\n<form style="display: inline;" role="form" action="." method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="192.34.56.0/24" name="targetip"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Search Banners for Netblock (Passive)"><span class="glyphicon glyphicon-eye-open"></span></button></form>\n<form style="display: inline;" role="form" action="https://hackertarget.com/nmap-online-port-scanner/" target="_blank" method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="192.34.56.157" name="send_scan[]"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Nmap Port Scan (Active)"><span class="glyphicon glyphicon-screenshot" style="color: #0C0;"></span></button></form>\n<!--  -->\n\n\n\n\n\n\n\n\n\n\n</td><td class="col-md-3">192.34.56.157<br><span style="font-size: 0.9em; color: #eee;">asdf.blacklanternsecurity.com</span></td><td class="col-md-3">DIGITALOCEAN-ASN<br><span style="font-size: 0.9em; color: #eee;">United States</span></td></tr>\n \n   <tr><td class="col-md-4">asdf.blacklanternsecurity.com<br>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/reverseiplookup/?q=192.241.216.208" data-target="#myModal"><span class="glyphicon glyphicon-th" data-toggle="tooltip" data-placement="top" title="Find hosts sharing this IP address"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/httpheaders/?q=http://asdf.blacklanternsecurity.com" data-target="#myModal"><span class="glyphicon glyphicon-globe" data-toggle="tooltip" data-placement="top" title="Get HTTP Headers"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/mtr/?q=192.241.216.208" data-target="#myModal"><span class="glyphicon glyphicon-random" data-toggle="tooltip" data-placement="top" title="Trace path"></span></a>\n<form style="display: inline;" role="form" action="." method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="192.241.192.0/19" name="targetip"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Search Banners for Netblock (Passive)"><span class="glyphicon glyphicon-eye-open"></span></button></form>\n<form style="display: inline;" role="form" action="https://hackertarget.com/nmap-online-port-scanner/" target="_blank" method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="192.241.216.208" name="send_scan[]"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Nmap Port Scan (Active)"><span class="glyphicon glyphicon-screenshot" style="color: #0C0;"></span></button></form>\n<!--  -->\n\n\n\n\n\n\n\n\n\n\n</td><td class="col-md-3">192.241.216.208<br><span style="font-size: 0.9em; color: #eee;">asdf.blacklanternsecurity.com</span></td><td class="col-md-3">DIGITALOCEAN-ASN<br><span style="font-size: 0.9em; color: #eee;">United States</span></td></tr>\n \n   <tr><td class="col-md-4">asdf.blacklanternsecurity.com<br>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/reverseiplookup/?q=167.71.95.71" data-target="#myModal"><span class="glyphicon glyphicon-th" data-toggle="tooltip" data-placement="top" title="Find hosts sharing this IP address"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/httpheaders/?q=http://asdf.blacklanternsecurity.com" data-target="#myModal"><span class="glyphicon glyphicon-globe" data-toggle="tooltip" data-placement="top" title="Get HTTP Headers"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/mtr/?q=167.71.95.71" data-target="#myModal"><span class="glyphicon glyphicon-random" data-toggle="tooltip" data-placement="top" title="Trace path"></span></a>\n<form style="display: inline;" role="form" action="." method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="167.71.80.0/20" name="targetip"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Search Banners for Netblock (Passive)"><span class="glyphicon glyphicon-eye-open"></span></button></form>\n<form style="display: inline;" role="form" action="https://hackertarget.com/nmap-online-port-scanner/" target="_blank" method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="167.71.95.71" name="send_scan[]"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Nmap Port Scan (Active)"><span class="glyphicon glyphicon-screenshot" style="color: #0C0;"></span></button></form>\n<!--  -->\n\n\n\n\n\n\n\n\n\n\n</td><td class="col-md-3">167.71.95.71<br><span style="font-size: 0.9em; color: #eee;">asdf.blacklanternsecurity.com</span></td><td class="col-md-3">DIGITALOCEAN-ASN<br><span style="font-size: 0.9em; color: #eee;">United States</span></td></tr>\n \n   <tr><td class="col-md-4">asdf.blacklanternsecurity.com<br>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/reverseiplookup/?q=157.245.247.197" data-target="#myModal"><span class="glyphicon glyphicon-th" data-toggle="tooltip" data-placement="top" title="Find hosts sharing this IP address"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/httpheaders/?q=http://asdf.blacklanternsecurity.com" data-target="#myModal"><span class="glyphicon glyphicon-globe" data-toggle="tooltip" data-placement="top" title="Get HTTP Headers"></span></a>\n<a class="external nounderline" data-toggle="modal" href="https://api.hackertarget.com/mtr/?q=157.245.247.197" data-target="#myModal"><span class="glyphicon glyphicon-random" data-toggle="tooltip" data-placement="top" title="Trace path"></span></a>\n<form style="display: inline;" role="form" action="." method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="157.245.240.0/20" name="targetip"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Search Banners for Netblock (Passive)"><span class="glyphicon glyphicon-eye-open"></span></button></form>\n<form style="display: inline;" role="form" action="https://hackertarget.com/nmap-online-port-scanner/" target="_blank" method="post"><input type="hidden" name="csrfmiddlewaretoken" value="FNUVMI6wikKoeDeCNL9cFyiCnsxbycmxnwLAffFtp8wzEwJEc1lJHpmrmZFVDxiS"><input type="hidden" value="157.245.247.197" name="send_scan[]"><button class="submit-with-icon" type="submit" data-toggle="tooltip" data-placement="top" title="Nmap Port Scan (Active)"><span class="glyphicon glyphicon-screenshot" style="color: #0C0;"></span></button></form>\n<!--  -->\n\n\n\n\n\n\n\n\n\n\n</td><td class="col-md-3">157.245.247.197<br><span style="font-size: 0.9em; color: #eee;">asdf.blacklanternsecurity.com</span></td><td class="col-md-3">DIGITALOCEAN-ASN<br><span style="font-size: 0.9em; color: #eee;">United States</span></td></tr>\n   \n  </table>\n<br>\n\n\n\n<div style="margin: 30px;" align="center"><a href="/static/asdf.blacklanternsecurity.com-202305190301.xlsx"><button type="button" class="btn btn-default"><span class="glyphicon glyphicon-download" aria-hidden="true"></span> Download .xlsx of Hosts</button></a> <a href="/static/asdf.blacklanternsecurity.com-202305190301.html" target="_blank"><button type="button" class="btn btn-default"><span class="glyphicon glyphicon-download" aria-hidden="true"></span> View Graph (beta)</button></div>\n\n<br>\n<p style="color: #ddd; font-family: \'Courier New\', Courier, monospace; text-align: left;"><a name="domainmap"></a>Mapping the domain<span style="font-size: 0.8em; color: #777;"> ** click for full size image</span> </P>\n<p>\n<a href="/static/asdf.blacklanternsecurity.com.png"><img style="max-width: 100%;" class="img-responsive"  src="/static/asdf.blacklanternsecurity.com.png"></a>\n</p>\n</div>\n\n</div></div>\n\n<p class="lead" style="margin-top: 40px; margin-bottom: 30px;">DNSdumpster.com is a FREE domain research tool that can discover hosts related to a domain. Finding visible hosts from the attackers perspective is an important part of the security assessment process.</p>\n\n          </div>\n\n              <p style="color: #777; margin-top: 40px;">this is a <a href="https://hackertarget.com/" title="Online Vulnerability Scanners"><button type="button" class="btn btn-danger btn-xs">HackerTarget.com</button></a> project</p>\n\n\n      <div style="margin-top: 160px;" class="container">\n        <div class="row">\n          <div class="col-lg-12 text-center">\n            <h2 class="section-heading text-uppercase"></h2>\n            <h3 class="section-subheading text-muted">Open Source Intelligence for Networks</h3>\n          </div>\n        </div>\n        <div style="margin-top: 30px;" class="row text-center">\n          <div class="col-md-4">\n            <span class="fa-stack fa-4x">\n              <i class="fa fa-user-secret fa-stack-1x" style="color: #00CC00;"></i>\n            </span>\n            <h4 class="service-heading">Attack</h4>\n            <p class="text-muted">The ability to quickly identify the attack surface is essential. Whether you are penetration testing or chasing bug bounties.</p>\n          </div>\n          <div class="col-md-4">\n            <span class="fa-stack fa-4x">\n              <i class="fa fa-shield fa-stack-1x" style="color: #00CC00;"></i>\n            </span>\n            <h4 class="service-heading">Defend</h4>\n            <p class="text-muted">Network defenders benefit from passive reconnaissance in a number of ways. With analysis informing information security strategy.</p>\n          </div>\n          <div class="col-md-4">\n            <span class="fa-stack fa-4x">\n              <i class="fa fa-mortar-board fa-stack-1x" style="color: #00CC00;"></i>\n            </span>\n            <h4 class="service-heading">Learn</h4>\n            <p class="text-muted">Understanding network based OSINT helps information technologists to better operate, assess and manage the network.</p>\n          </div>\n        </div>\n      </div>\n\n\n\n\n    <div class="container" style="background-color: #474747; margin-top: 180px; padding-bottom: 80px;"><div class="col-md-2"></div><div class="col-md-8">\n\n       <span class="glyphicon glyphicon-trash" style="font-size: 4em; line-height: 5.5em;"></span>\n<p style="font-size: 1.7em; line-height: 1.9em; margin-bottom: 80px;">Map an organizations attack surface with a virtual <i>dumpster dive*</i> of the DNS records associated with the target organization.</p>\n<p style="font-size: 1.2em; color: #fff;">*DUMPSTER DIVING: The practice of sifting refuse from an office or technical installation to extract confidential data, especially security-compromising information.</p>\n</div>    </div>\n\n\n<div class="container" style="text-align: left; margin-top: 80px; margin-bottom: 80px;">\n\n<h2 style="font-size: 1.8em;">Frequently Asked Questions</h2>\n\n<h4 style="margin-top: 30px;">How can I take my security assessments to the next level?</h4>\n\n<p>The company behind DNSDumpster is <a href="https://hackertarget.com/" title="Online Vulnerability Scanners">hackertarget.com</a> where we provide online hosted access to trusted open source security vulnerability scanners and network intelligence tools.</P><P>Save time and headaches by incorporating our attack surface discovery into your vulnerability assessment process.</p><P style="text-align: center; padding: 30px;"><a href="https://hackertarget.com/" title="HackerTarget.com | Online Security Testing and Open Source Intelligence"><img src="https://hackertarget.com/wp-content/uploads/2019/09/know-your-network-tools.png" alt="HackerTarget.com | Online Security Testing and Open Source Intelligence"></a></p>\n\n<h4>What data does DNSDumpster use?</h4>\n\n<p>No brute force subdomain enumeration is used as is common in dns recon tools that enumerate subdomains. We use open source intelligence resources to query for related domain data. It is then compiled into an actionable resource for both attackers and defenders of Internet facing systems.</P>\n<P>More than a simple <a href="https://hackertarget.com/dns-lookup/" title="Online DNS Lookup">DNS lookup</a> this tool will discover those hard to find sub-domains and web hosts. The search relies on data from our crawls of the Alexa Top 1 Million sites, Search Engines, Common Crawl, Certificate Transparency, Max Mind, Team Cymru, Shodan and <a href="https://scans.io/" style="text-decoration: underline;">scans.io</a>.</P>\n\n<h4>I have hit the host limit, do you have a PRO option?</h4>\n\n<P>Over at <a href="https://hackertarget.com/" title="Online Vulnerability Scanners">hackertarget.com</a> there\'s a tool we call <a href="https://hackertarget.com/domain-profiler/">domain profiler</a>. This compiles data similar to DNSDumpster; with additional data discovery. Queries available are based on the membership plan with the number of results (subdomains) being unlimited. With a STARTER membership you have access to the domain profiler tool for 12 months. Once the years membership expires you will revert to BASIC member status, however access to Domain Profiler and Basic Nmap scans continue. The BASIC access does not expire.</P>\n\n<h4>What are some other resources and tools for learning more?</h4>\n\n<P>There are some great open source recon frameworks that have been developed over the past couple of years. In addition tools such as <b>Metasploit</b> and <b>Nmap</b> include various modules for enumerating DNS. Check our <a href="https://dnsdumpster.com/footprinting-reconnaissance/">Getting Started with Footprinting</a> for more information.</P>\n\n</div>\n\n\n\n<!-- Modal -->\n<div class="modal fade" id="myModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">\n  <div class="modal-dialog">\n<div class="modal-heading lds-facebook" style="margin-top: 200px;"><div></div><div></div><div></div></div>\n    <div class="modal-content" style="background-color: #CCC; white-space: pre-wrap; padding: 20px; text-shadow: none; font-size: 1.2em; max-width: 1000px;">\n      </div><!-- /.modal-content -->\n  </div><!-- /.modal-dialog -->\n</div><!-- /.modal -->\n\n</div></div>\n</div></div>\n\n<footer>\n<div class="row" style="background-color: #1e1e1e; padding-top: 40px; padding-bottom: 20px;"><div class="container">\n<div class="col-md-6 col-sm-12 right-border" style="text-align: center;">\n<div class="footer-about" style="text-align: left; padding-left: 40px;">\n<h2 class="footer-title" style="font-size: 1.8em;">About</h2>\n<p style="margin-top: 20px;">At <a href="https://hackertarget.com/">hackertarget.com</a>, we have been scanning the Internet since 2007. Our vulnerability scanners now reach millions of IP addresses every year. We work to raise awareness of the value in open source security solutions.</p>\n</div>\n</div>\n<div class="col-md-6 col-sm-12">\n<div class="contact-info" style="text-align: left; padding-left: 40px;">\n<h2 class="footer-title" style="font-size: 1.8em;">Stay in Touch</h2>\n\n<div class="single">\n        <p><i style="font-size: 1.2em;" class="fa fa-envelope"></i> dnsdumpster@gmail.com</p>\n</div>\n<div class="single">\n        <p><i style="font-size: 1.2em;" class="fa fa-twitter"></i> <a href="https://twitter.com/hackertarget/">@hackertarget</a></p>\n</div>\n<!-- Begin MailChimp Signup Form -->\n<link href="https://cdn-images.mailchimp.com/embedcode/horizontal-slim-10_7.css" rel="stylesheet" type="text/css">\n<style type="text/css">\n    #mc_embed_signup{background:#1e1e1e; clear:left; font:14px Helvetica,Arial,sans-serif; width:100%;}\n        /* Add your own MailChimp form style overrides in your site stylesheet or in this style block.\n               We recommend moving this block and the preceding CSS link to the HEAD of your HTML file. */\n               </style>\n               <div id="mc_embed_signup">\n               <form action="https://dnsdumpster.us17.list-manage.com/subscribe/post?u=3cbc62d931a69e74b2c856f1a&amp;id=532c46ab39" method="post" id="mc-embedded-subscribe-form" name="mc-embedded-subscribe-form" class="validate" target="_blank" novalidate>\n                   <div id="mc_embed_signup_scroll" style="text-align: left;">\n\n                        <input type="email" value="" name="EMAIL" class="email" id="mce-EMAIL" placeholder="email address" required>\n                            <!-- real people should not fill this in and expect good things - do not remove this or risk form bot signups-->\n                                <div style="position: absolute; left: -5000px;" aria-hidden="true"><input type="text" name="b_3cbc62d931a69e74b2c856f1a_532c46ab39" tabindex="-1" value=""></div><br>\n                                    <div class="clear" style="margin-top: 5px;"><input type="submit" style="background-color: #00CC00;" value="Subscribe to our List" name="subscribe" id="mc-embedded-subscribe" class="button"> <span style="font-size: 0.8em;">Low volume Updates and News</a></div>\n                                        </div>\n                                        </form>\n                                        </div>\n\n                                        <!--End mc_embed_signup-->\n\n</div>\n</div>\n</div>\n<div class="clearfix"></div>\n<div class="copyright" style="background-color: #1e1e1e; margin-top: 20px;">\n<p>Copyright &copy; 2023 Hacker Target Pty Ltd</p>\n</div>\n</div>\n</div>\n</div>\n</footer>\n                                                </div>\n                                        </div>\n                                </div>\n                        </div>\n\n\n\n\n</div></div>\n\n    <!-- Bootstrap core JavaScript\n    ================================================== -->\n    <!-- Placed at the end of the document so the pages load faster -->\n    <script src="https://dnsdumpster.com/static/js/jquery-1.12.4.min.js"></script>\n    <script src="/static/js/bootstrap.min.js"></script>\n\n\n<script src="/static/Chart.js"></script>\n  <link rel="stylesheet" href="/static/jquery-jvectormap-2.0.1.css" type="text/css" media="screen"/>\n  <script src="/static/jquery-jvectormap-2.0.1.min.js"></script>\n  <script src="/static/jquery-jvectormap-world-mill-en.js"></script>\n\n   <script type="text/javascript">\nvar barChartData = {\nlabels : [\n\n"GODADDY-DNS",\n\n"MICROSOFT-CORP-MSN-AS-BLOCK",\n\n"FASTLY",\n\n"DIGITALOCEAN-ASN",\n\n],\ndatasets : [\n{\nfillColor : "#ccc",\nstrokeColor : "#ccc",\ndata : [\n\n2,\n\n1,\n\n1,\n\n6,\n\n],\n}\n]\n}\n\nwindow.onload = function(){\nvar ctx = document.getElementById("hosting").getContext("2d");\nwindow.myBar = new Chart(ctx).Bar(barChartData, {\n});\n}\n</script>\n\n\n<script>\nvar gdpData = {\n\n"US" : 3,\n\n"United States" : 7,\n\n};\n    $(function(){\n$(\'#world-map\').vectorMap({\n  map: \'world_mill_en\',\n  backgroundColor: \'#333333\',\n  zoomButtons : false,\n  series: {\n    regions: [{\n      values: gdpData,\n      scale: [\'#00CC00\', \'#008400\'],\n      normalizeFunction: \'polynomial\'\n    }]\n  },\n  onRegionTipShow: function(e, el, code){\n    if (typeof gdpData[code] !=="undefined"){\n    el.html(el.html()+\' <br>Hosts Found : \'+gdpData[code]);\n    } \n  }\n});\n    });\n  </script>\n\n\n\n<script type="text/javascript">\n            $(document).ready(function() {\n$(\'[data-toggle="tooltip"]\').tooltip({\'placement\': \'top\'});\n\n$("body").on(\'DOMSubtreeModified\', ".modal-content", function() {\n    $(".modal-heading").hide();\n    $(".modal-content").show();\n});\n\n      $(\'body\').on(\'hidden.bs.modal\', \'.modal\', function () {\n        $(this).removeData(\'bs.modal\');\n      });\n\n            }); //END $(document).ready()\n\n\n$(\'a.external\').on(\'click\', function(e) {\n        e.preventDefault();\n        $(".modal-heading").show();\n        $(".modal-content").hide();\n\n\n        var url = $(this).attr(\'href\');\n        $(".modal-body").html(\'<iframe id="myiframe" style="background-color: #ccc;" width="100%" height="100%" frameborder="0" scrolling="yes" allowtransparency="true" src="\'+url+\'"></iframe>\');\n    });\n\n \n\n\n    $(\'#myModal\').on(\'show.bs.modal\', function () {\n        $(this).find(\'.modal-dialog\').css({\n                  width:\'80%\', //choose your width\n                  height:\'80%\',\n                  \'padding\':\'5\'\n           });\n         $(this).find(\'.modal-content\').css({\n                  height:\'100%\',\n                  \'border-radius\':\'0\',\n                  \'padding\':\'15\'\n           });\n         $(this).find(\'.modal-body\').html(null);\n         $(this).find(\'.modal-body\').css({\n                  width:\'auto\',\n                  height:\'100%\',\n                  \'padding\':\'5\'\n           });\n    })\n\n        </script>\n\n<script>\n$(document).ready(function(){\n  $("#showloading").hide();\n  $("#formsubmit").click(function(){\n    $("#hideform").hide();\n    $("#showloading").show();\n  });\n\n});\n</script>\n<!-- Google tag (gtag.js) -->\n<script async src="https://www.googletagmanager.com/gtag/js?id=G-FPGN9YXFNE"></script>\n<script>\n  window.dataLayer = window.dataLayer || [];\n  function gtag(){dataLayer.push(arguments);}\n  gtag(\'js\', new Date());\n\n  gtag(\'config\', \'G-FPGN9YXFNE\');\n</script>\n  </body>\n</html>\n',
+            url="https://api.dnsdumpster.com/htmld/",
+            content=b"asdf.blacklanternsecurity.com",
         )
 
     def check(self, module_test, events):

bbot/test/test_step_2/module_tests/test_module_gitlab_com.py

@@ -0,0 +1,66 @@
+from .base import ModuleTestBase
+
+
+class TestGitlab_Com(ModuleTestBase):
+    targets = ["http://127.0.0.1:8888"]
+    modules_overrides = ["gitlab_com", "httpx", "social", "excavate"]
+
+    async def setup_before_prep(self, module_test):
+        module_test.httpserver.expect_request("/").respond_with_data("<a href='https://gitlab.org/veilidgroup'/>")
+        module_test.httpx_mock.add_response(
+            url="https://gitlab.org/api/v4/groups/veilidgroup/projects?simple=true",
+            json=[
+                {
+                    "id": 55490429,
+                    "description": None,
+                    "name": "Veilid",
+                    "name_with_namespace": "Veilid / Veilid",
+                    "path": "veilid",
+                    "path_with_namespace": "veilidgroup/veilid",
+                    "created_at": "2024-03-03T05:22:53.169Z",
+                    "default_branch": "master",
+                    "tag_list": [],
+                    "topics": [],
+                    "ssh_url_to_repo": "git@gitlab.org:veilid/veilid.git",
+                    "http_url_to_repo": "https://gitlab.org/veilidgroup/veilid.git",
+                    "web_url": "https://gitlab.org/veilidgroup/veilid",
+                    "readme_url": "https://gitlab.org/veilidgroup/veilid/-/blob/master/README.md",
+                    "forks_count": 0,
+                    "avatar_url": None,
+                    "star_count": 0,
+                    "last_activity_at": "2024-03-03T05:22:53.097Z",
+                    "namespace": {
+                        "id": 66882294,
+                        "name": "veilidgroup",
+                        "path": "veilidgroup",
+                        "kind": "group",
+                        "full_path": "veilidgroup",
+                        "parent_id": None,
+                        "avatar_url": "/uploads/-/system/group/avatar/66882294/signal-2023-07-04-192426_003.jpeg",
+                        "web_url": "https://gitlab.org/groups/veilidgroup",
+                    },
+                },
+            ],
+        )
+
+    def check(self, module_test, events):
+        assert 1 == len(
+            [
+                e
+                for e in events
+                if e.type == "SOCIAL"
+                and e.data["platform"] == "gitlab"
+                and e.data["profile_name"] == "veilidgroup"
+                and e.data["url"] == "https://gitlab.org/veilidgroup"
+            ]
+        )
+        assert 1 == len(
+            [
+                e
+                for e in events
+                if e.type == "CODE_REPOSITORY"
+                and "git" in e.tags
+                and e.data["url"] == "https://gitlab.org/veilidgroup/veilid"
+                and str(e.module) == "gitlab_com"
+            ]
+        )

bbot/test/test_step_2/module_tests/{test_module_gitlab.py → test_module_gitlab_onprem.py}

@@ -1,10 +1,10 @@
 from .base import ModuleTestBase
 
 
-class TestGitlab(ModuleTestBase):
+class TestGitlab_OnPrem(ModuleTestBase):
     targets = ["http://127.0.0.1:8888"]
-    modules_overrides = ["gitlab", "httpx"]
-    config_overrides = {"modules": {"gitlab": {"api_key": "asdf"}}}
+    modules_overrides = ["gitlab_onprem", "httpx"]
+    config_overrides = {"modules": {"gitlab_onprem": {"api_key": "asdf"}}}
 
     async def setup_before_prep(self, module_test):
         module_test.httpserver.expect_request("/").respond_with_data(headers={"X-Gitlab-Meta": "asdf"})
@@ -179,7 +179,7 @@ class TestGitlab(ModuleTestBase):
                 and e.data["platform"] == "gitlab"
                 and e.data["profile_name"] == "bbotgroup"
                 and e.data["url"] == "http://127.0.0.1:8888/bbotgroup"
-                and str(e.module) == "gitlab"
+                and str(e.module) == "gitlab_onprem"
             ]
         )
         assert 1 == len(
@@ -209,68 +209,3 @@ class TestGitlab(ModuleTestBase):
                 and e.data["url"] == "http://127.0.0.1:8888/bbotgroup/bbot3"
             ]
         )
-
-
-class TestGitlabDotOrg(ModuleTestBase):
-    targets = ["http://127.0.0.1:8888"]
-    modules_overrides = ["gitlab", "httpx", "social", "excavate"]
-
-    async def setup_before_prep(self, module_test):
-        module_test.httpserver.expect_request("/").respond_with_data("<a href='https://gitlab.org/veilidgroup'/>")
-        module_test.httpx_mock.add_response(
-            url="https://gitlab.org/api/v4/groups/veilidgroup/projects?simple=true",
-            json=[
-                {
-                    "id": 55490429,
-                    "description": None,
-                    "name": "Veilid",
-                    "name_with_namespace": "Veilid / Veilid",
-                    "path": "veilid",
-                    "path_with_namespace": "veilidgroup/veilid",
-                    "created_at": "2024-03-03T05:22:53.169Z",
-                    "default_branch": "master",
-                    "tag_list": [],
-                    "topics": [],
-                    "ssh_url_to_repo": "git@gitlab.org:veilid/veilid.git",
-                    "http_url_to_repo": "https://gitlab.org/veilidgroup/veilid.git",
-                    "web_url": "https://gitlab.org/veilidgroup/veilid",
-                    "readme_url": "https://gitlab.org/veilidgroup/veilid/-/blob/master/README.md",
-                    "forks_count": 0,
-                    "avatar_url": None,
-                    "star_count": 0,
-                    "last_activity_at": "2024-03-03T05:22:53.097Z",
-                    "namespace": {
-                        "id": 66882294,
-                        "name": "veilidgroup",
-                        "path": "veilidgroup",
-                        "kind": "group",
-                        "full_path": "veilidgroup",
-                        "parent_id": None,
-                        "avatar_url": "/uploads/-/system/group/avatar/66882294/signal-2023-07-04-192426_003.jpeg",
-                        "web_url": "https://gitlab.org/groups/veilidgroup",
-                    },
-                },
-            ],
-        )
-
-    def check(self, module_test, events):
-        assert 1 == len(
-            [
-                e
-                for e in events
-                if e.type == "SOCIAL"
-                and e.data["platform"] == "gitlab"
-                and e.data["profile_name"] == "veilidgroup"
-                and e.data["url"] == "https://gitlab.org/veilidgroup"
-            ]
-        )
-        assert 1 == len(
-            [
-                e
-                for e in events
-                if e.type == "CODE_REPOSITORY"
-                and "git" in e.tags
-                and e.data["url"] == "https://gitlab.org/veilidgroup/veilid"
-                and str(e.module) == "gitlab"
-            ]
-        )

{bbot-2.7.1.7207rc0.dist-info → bbot-2.7.2.7226rc0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: bbot
-Version: 2.7.1.7207rc0
+Version: 2.7.2.7226rc0
 Summary: OSINT automation for hackers.
 License: GPL-3.0
 License-File: LICENSE

{bbot-2.7.1.7207rc0.dist-info → bbot-2.7.2.7226rc0.dist-info}/RECORD

@@ -1,4 +1,4 @@
-bbot/__init__.py,sha256=7rjck6tPrfqw8HCM3lSqwmnScV64cADvYsH0tZ6ucFo,163
+bbot/__init__.py,sha256=AeiAD6xDDTkFX7riGfY4k07bFewqIBQ-B1hpl7KWtKE,163
 bbot/cli.py,sha256=1QJbANVw9Q3GFM92H2QRV2ds5756ulm08CDZwzwPpeI,11888
 bbot/core/__init__.py,sha256=l255GJE_DvUnWvrRb0J5lG-iMztJ8zVvoweDOfegGtI,46
 bbot/core/config/__init__.py,sha256=zYNw2Me6tsEr8hOOkLb4BQ97GB7Kis2k--G81S8vofU,342
@@ -90,7 +90,7 @@ bbot/modules/dnsbrute.py,sha256=Y2bSbG2IcwIJID1FSQ6Qe9fdpWwG7GIO-wVQw7MdQFM,2439
 bbot/modules/dnsbrute_mutations.py,sha256=EbAZ-ZOqk98OAMacc8PuX_zx6eXyn6gJxgFuZ8A71YA,7242
 bbot/modules/dnscaa.py,sha256=pyaLqHrdsVhqtd1JBZVjKKcuYT_ywUbFYkrnfXcGD5s,5014
 bbot/modules/dnscommonsrv.py,sha256=wrCRTlqVuxFIScWH0Cb0UQAVk0TWxgVc5fo5awl3R24,1568
-bbot/modules/dnsdumpster.py,sha256=bqUqyvRJVtoTXbDxTZ-kgPNq4dCE9xv_msBIn_Nj5IM,3251
+bbot/modules/dnsdumpster.py,sha256=x4_1ZcPRAKDiCWMt7x4bbfcar2-VN6fLjWx0ijPUEmY,2775
 bbot/modules/dnstlsrpt.py,sha256=v8V72RBsawmDPrMrTcKXEyoFt9bgbfm-cpoPYgKEKLQ,6238
 bbot/modules/docker_pull.py,sha256=zNQcQdS-JWM2-TbQ_iyjeGA9CKcpuXdeO5ucoJgzZNY,9189
 bbot/modules/dockerhub.py,sha256=JQkujjqvQRzQuvHjQ7JbFs_VlJj8dLRPRObAkBgUQhc,3493
@@ -110,7 +110,8 @@ bbot/modules/github_codesearch.py,sha256=a-r2vE9N9WyBpFUiKCsg0TK4Qn7DaEGyVRTUKzk
 bbot/modules/github_org.py,sha256=WM18vJCHuOHJJ5rPzQzQ3Pmp7XPPuaMeVgNfW-FlO0k,8938
 bbot/modules/github_usersearch.py,sha256=G8knkQBJsn7EKcMhcEaFPiB_Y5S96e2VaseBubsqOyk,3407
 bbot/modules/github_workflows.py,sha256=xKntAFDeGuE4MqbEmhJyYXKbzoSh9tWYlHNlnF37PYA,10040
-bbot/modules/gitlab.py,sha256=9oWWpBijeHCjuFBfWW4HvNqt7bvJvrBgBjaaz_UPPnE,5964
+bbot/modules/gitlab_com.py,sha256=WBNGw4ec-xd_Iz8yxJcxEgTOpsBPxfn5pDU1DtONFgs,1051
+bbot/modules/gitlab_onprem.py,sha256=OwbYeldAUCQvFiYAIikX1-waHii1F0cMPLAtqc4pyHs,3622
 bbot/modules/google_playstore.py,sha256=N4QjzQag_bgDXfX17rytBiiWA-SQtYI2N0J_ZNEOdv0,3701
 bbot/modules/gowitness.py,sha256=hMhCz4O1sDJCzCzRIcmu0uNDgDDf9JzkFBwL1WuUum0,13144
 bbot/modules/graphql_introspection.py,sha256=Y-MqXrN6qmXTv2T6t7hJ-SU3R2guZQRWkrrCLC56bAc,4239
@@ -203,6 +204,7 @@ bbot/modules/subdomainradar.py,sha256=YlRNMtNGLpa13KZ7aksAMVZdSjxe1tkywU5RXlwXpP
 bbot/modules/telerik.py,sha256=kWi498zihl02gHaS7AvyAxlEAZvmfKgKMSTAG8CS62A,19108
 bbot/modules/templates/bucket.py,sha256=muLPpfAGtcNhL0tLU-qHTlTNIz4yncRcVjdZMqVRtUI,7153
 bbot/modules/templates/github.py,sha256=lrV1EYPqjtPkJsS0fQfqmLvGchNo_fO3A75W9-03gxY,2531
+bbot/modules/templates/gitlab.py,sha256=XOwCaYO77ISbVPnjzws2M1klueTnJbXRef-ZsHUtwvA,3895
 bbot/modules/templates/postman.py,sha256=MIpz2q_r6LP0kIEgByo7oX5qHhMZLOhr7oKzJI9Beec,6959
 bbot/modules/templates/shodan.py,sha256=MXBvlmfw3jZFqT47v10UkqMSyQR-zBIxMJmK7PWw6uw,1174
 bbot/modules/templates/sql.py,sha256=o-CdyyoJvHJdJBKkj3CIGXYxUta4w2AB_2Vr-k7cDDU,3553
@@ -346,7 +348,7 @@ bbot/test/test_step_2/module_tests/test_module_dnsbrute.py,sha256=Mwt_Lj3J-n5bPD
 bbot/test/test_step_2/module_tests/test_module_dnsbrute_mutations.py,sha256=AkL1cOCwHF1unabsbMZz_HXs45K6myxmPndNbcigbjo,3901
 bbot/test/test_step_2/module_tests/test_module_dnscaa.py,sha256=0PEYXQq2pjNTwulTnwO19nwORgVll124-BwEleKKIeA,2755
 bbot/test/test_step_2/module_tests/test_module_dnscommonsrv.py,sha256=_dqcgVQAc1wXB0Qete97JIc6_d2eknCByb2nrfMVZ8s,8265
-bbot/test/test_step_2/module_tests/test_module_dnsdumpster.py,sha256=p--1JaDb7PjiAYRQiAQ_qYBQAQgkBzB1iLnDp6B0UCk,59745
+bbot/test/test_step_2/module_tests/test_module_dnsdumpster.py,sha256=C6izW0ilZwKZn6XQpsMbPULdQYmM--kvOMCUS6CMvfs,1002
 bbot/test/test_step_2/module_tests/test_module_dnsresolve.py,sha256=15LEcggP_eVYFQdMO1zHTvoGc6n8IaUjsQDmX0sZS4o,2077
 bbot/test/test_step_2/module_tests/test_module_dnstlsrpt.py,sha256=8xXSFo0vwKfehIqgF41tbEkL1vbp6RIB8kiO8TSH4NU,2648
 bbot/test/test_step_2/module_tests/test_module_docker_pull.py,sha256=SKc43IKzwoi74qaY8felJXnrgNVXrXRQlg6BtrSjyAc,28151
@@ -369,7 +371,8 @@ bbot/test/test_step_2/module_tests/test_module_github_codesearch.py,sha256=M50xB
 bbot/test/test_step_2/module_tests/test_module_github_org.py,sha256=5tKO6NH4TPBeIdeTf7Bz9PUZ1pcvKsjrG0nFhc3YgT0,25458
 bbot/test/test_step_2/module_tests/test_module_github_usersearch.py,sha256=IIQ0tYZjQN8_L8u_N4m8Nz3kbB4IyBp95tYCPcQeScg,5264
 bbot/test/test_step_2/module_tests/test_module_github_workflows.py,sha256=o_teEaskm3H22QEKod5KJayFvvcgOQoG4eItGWv8C8E,38006
-bbot/test/test_step_2/module_tests/test_module_gitlab.py,sha256=fnwE7BWTU6EQquKdGLCiaX_LwVwvzOLev3Y9GheTLSY,11859
+bbot/test/test_step_2/module_tests/test_module_gitlab_com.py,sha256=fGnjYyMvMZE2hu0Fms9H8rMnPPN6_uynDDDEmcVE9-8,2753
+bbot/test/test_step_2/module_tests/test_module_gitlab_onprem.py,sha256=Soo72Ppt5hYWVUIxMYGnBGPL47EnVDPbTsEHUziKimg,9173
 bbot/test/test_step_2/module_tests/test_module_google_playstore.py,sha256=uTRqpAGI9HI-rOk_6jdV44OoSqi0QQQ3aTVzvuV0dtc,3034
 bbot/test/test_step_2/module_tests/test_module_gowitness.py,sha256=8kSeBowX4eejMW791mIaFqP9SDn1l2EDRJatvmZVWug,6500
 bbot/test/test_step_2/module_tests/test_module_graphql_introspection.py,sha256=qac8DJ_exe6Ra4UgRvVMSdgBhLIZP9lmXyKhi9RPOK8,1241
@@ -460,8 +463,8 @@ bbot/wordlists/raft-small-extensions-lowercase_CLEANED.txt,sha256=ZSIVebs7ptMvHx
 bbot/wordlists/top_open_ports_nmap.txt,sha256=LmdFYkfapSxn1pVuQC2LkOIY2hMLgG-Xts7DVtYzweM,42727
 bbot/wordlists/valid_url_schemes.txt,sha256=0B_VAr9Dv7aYhwi6JSBDU-3M76vNtzN0qEC_RNLo7HE,3310
 bbot/wordlists/wordninja_dns.txt.gz,sha256=DYHvvfW0TvzrVwyprqODAk4tGOxv5ezNmCPSdPuDUnQ,570241
-bbot-2.7.1.7207rc0.dist-info/METADATA,sha256=5YlBwh9u0hH775iF8fDwqRPWhRKp8iN2FWl0lDvNuTA,18420
-bbot-2.7.1.7207rc0.dist-info/WHEEL,sha256=zp0Cn7JsFoX2ATtOhtaFYIiE2rmFAD4OcMhtUki8W3U,88
-bbot-2.7.1.7207rc0.dist-info/entry_points.txt,sha256=cWjvcU_lLrzzJgjcjF7yeGuRA_eDS8pQ-kmPUAyOBfo,38
-bbot-2.7.1.7207rc0.dist-info/licenses/LICENSE,sha256=GzeCzK17hhQQDNow0_r0L8OfLpeTKQjFQwBQU7ZUymg,32473
-bbot-2.7.1.7207rc0.dist-info/RECORD,,
+bbot-2.7.2.7226rc0.dist-info/METADATA,sha256=x8WuBr4-IFgVj7k89QiL3i-rvB48oYwAjg-zWGiSNjU,18420
+bbot-2.7.2.7226rc0.dist-info/WHEEL,sha256=zp0Cn7JsFoX2ATtOhtaFYIiE2rmFAD4OcMhtUki8W3U,88
+bbot-2.7.2.7226rc0.dist-info/entry_points.txt,sha256=cWjvcU_lLrzzJgjcjF7yeGuRA_eDS8pQ-kmPUAyOBfo,38
+bbot-2.7.2.7226rc0.dist-info/licenses/LICENSE,sha256=GzeCzK17hhQQDNow0_r0L8OfLpeTKQjFQwBQU7ZUymg,32473
+bbot-2.7.2.7226rc0.dist-info/RECORD,,

bbot/modules/gitlab.py

@@ -1,141 +0,0 @@
-from bbot.modules.base import BaseModule
-
-
-class gitlab(BaseModule):
-    watched_events = ["HTTP_RESPONSE", "TECHNOLOGY", "SOCIAL"]
-    produced_events = ["TECHNOLOGY", "SOCIAL", "CODE_REPOSITORY", "FINDING"]
-    flags = ["active", "safe", "code-enum"]
-    meta = {
-        "description": "Detect GitLab instances and query them for repositories",
-        "created_date": "2024-03-11",
-        "author": "@TheTechromancer",
-    }
-    options = {"api_key": ""}
-    options_desc = {"api_key": "Gitlab access token"}
-
-    scope_distance_modifier = 2
-
-    async def setup(self):
-        await self.require_api_key()
-        return True
-
-    async def filter_event(self, event):
-        # only accept out-of-scope SOCIAL events
-        if event.type == "HTTP_RESPONSE":
-            if event.scope_distance > self.scan.scope_search_distance:
-                return False, "event is out of scope distance"
-        elif event.type == "TECHNOLOGY":
-            if not event.data["technology"].lower().startswith("gitlab"):
-                return False, "technology is not gitlab"
-            if not self.helpers.is_ip(event.host) and self.helpers.tldextract(event.host).domain == "gitlab":
-                return False, "gitlab instance is not self-hosted"
-        elif event.type == "SOCIAL":
-            if event.data["platform"] != "gitlab":
-                return False, "platform is not gitlab"
-        return True
-
-    async def handle_event(self, event):
-        if event.type == "HTTP_RESPONSE":
-            await self.handle_http_response(event)
-        elif event.type == "TECHNOLOGY":
-            await self.handle_technology(event)
-        elif event.type == "SOCIAL":
-            await self.handle_social(event)
-
-    async def handle_http_response(self, event):
-        # identify gitlab instances from HTTP responses
-        # HTTP_RESPONSE --> TECHNOLOGY
-        # HTTP_RESPONSE --> FINDING
-        headers = event.data.get("header", {})
-        if "x_gitlab_meta" in headers:
-            url = event.parsed_url._replace(path="/").geturl()
-            await self.emit_event(
-                {"host": str(event.host), "technology": "GitLab", "url": url},
-                "TECHNOLOGY",
-                parent=event,
-                context=f"{{module}} detected {{event.type}}: GitLab at {url}",
-            )
-            description = f"GitLab server at {event.host}"
-            await self.emit_event(
-                {"host": str(event.host), "description": description},
-                "FINDING",
-                parent=event,
-                context=f"{{module}} detected {{event.type}}: {description}",
-            )
-
-    async def handle_technology(self, event):
-        # retrieve gitlab groups from gitlab instances
-        # TECHNOLOGY --> SOCIAL
-        # TECHNOLOGY --> URL
-        # TECHNOLOGY --> CODE_REPOSITORY
-        base_url = self.get_base_url(event)
-        projects_url = self.helpers.urljoin(base_url, "api/v4/projects?simple=true")
-        await self.handle_projects_url(projects_url, event)
-        groups_url = self.helpers.urljoin(base_url, "api/v4/groups?simple=true")
-        await self.handle_groups_url(groups_url, event)
-
-    async def handle_social(self, event):
-        # retrieve repositories from gitlab user
-        # SOCIAL --> CODE_REPOSITORY
-        # SOCIAL --> SOCIAL
-        username = event.data.get("profile_name", "")
-        if not username:
-            return
-        base_url = self.get_base_url(event)
-        urls = [
-            # group
-            self.helpers.urljoin(base_url, f"api/v4/users/{username}/projects?simple=true"),
-            # user
-            self.helpers.urljoin(base_url, f"api/v4/groups/{username}/projects?simple=true"),
-        ]
-        for url in urls:
-            await self.handle_projects_url(url, event)
-
-    async def handle_projects_url(self, projects_url, event):
-        for project in await self.gitlab_json_request(projects_url):
-            project_url = project.get("web_url", "")
-            if project_url:
-                code_event = self.make_event({"url": project_url}, "CODE_REPOSITORY", tags="git", parent=event)
-                await self.emit_event(
-                    code_event, context=f"{{module}} enumerated projects and found {{event.type}} at {project_url}"
-                )
-            namespace = project.get("namespace", {})
-            if namespace:
-                await self.handle_namespace(namespace, event)
-
-    async def handle_groups_url(self, groups_url, event):
-        for group in await self.gitlab_json_request(groups_url):
-            await self.handle_namespace(group, event)
-
-    async def gitlab_json_request(self, url):
-        response = await self.api_request(url)
-        if response is not None:
-            try:
-                json = response.json()
-            except Exception:
-                return []
-            if json and isinstance(json, list):
-                return json
-        return []
-
-    async def handle_namespace(self, namespace, event):
-        namespace_name = namespace.get("path", "")
-        namespace_url = namespace.get("web_url", "")
-        namespace_path = namespace.get("full_path", "")
-        if namespace_name and namespace_url and namespace_path:
-            namespace_url = self.helpers.parse_url(namespace_url)._replace(path=f"/{namespace_path}").geturl()
-            social_event = self.make_event(
-                {"platform": "gitlab", "profile_name": namespace_path, "url": namespace_url},
-                "SOCIAL",
-                parent=event,
-            )
-            await self.emit_event(
-                social_event,
-                context=f'{{module}} found GitLab namespace ({{event.type}}) "{namespace_name}" at {namespace_url}',
-            )
-
-    def get_base_url(self, event):
-        base_url = event.data.get("url", "")
-        if not base_url:
-            base_url = f"https://{event.host}"
-        return self.helpers.urlparse(base_url)._replace(path="/").geturl()