Conversation
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## dev #2007 +/- ##
=======================================
- Coverage 92% 91% -0%
=======================================
Files 416 440 +24
Lines 34690 37685 +2995
=======================================
+ Hits 31648 34104 +2456
- Misses 3042 3581 +539 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
TheTechromancer
force-pushed
the
3.0
branch
2 times, most recently
from
5cb7f10 to
1a36dae
Compare
|
@TheTechromancer we should now add to the list of breaking changes, the removal of vulnerability event type and the addition of severity and confidence as attributes on finding types |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
🚀 Performance Benchmark Report
📊 Current Results (3.0) - Click to expandResults
🐍 Python Version 3.11.15 |
Fix omitted event types leaking to console output
- Add submodule auto-filter: disable submodules whose max severity/confidence is below configured thresholds (avoids running expensive submodules for nothing) - Create baddns.yml base preset (CNAME, MX, TXT) and baddns-heavy.yml (all submodules) - Rename spider-intense→spider-heavy, baddns-intense→baddns-heavy - Fix baddns_zone default min_severity to INFORMATIONAL (NSEC/zonetransfer need it) - Update kitchen-sink.yml, remove stale enable_references v1.x config - Fix baddns_zone NSEC test (bad.dns→bad.com for tldextract compatibility) - Fix baddns_direct test (updated signature matcher for baddns 2.0) - Update all preset warning messages and docs references
- Add submodule auto-filter: disable submodules whose max severity/confidence is below configured thresholds (avoids running expensive submodules for nothing) - Create baddns.yml base preset (CNAME, MX, TXT) and baddns-heavy.yml (all submodules) - Rename spider-intense→spider-heavy, baddns-intense→baddns-heavy - Fix baddns_zone default min_severity to INFORMATIONAL (NSEC/zonetransfer need it) - Update kitchen-sink.yml, remove stale enable_references v1.x config - Fix baddns_zone NSEC test (bad.dns→bad.com for tldextract compatibility) - Fix baddns_direct test (updated signature matcher for baddns 2.0) - Update all preset warning messages and docs references
|
recheck |
Show status code, URL, title, and redirect target instead of raw JSON dict.
Improve URL event stdout display format
…s_class on event types
…tatus-line Show FINDING severity breakdown in scan status line
CDNs and reverse proxies return 502/503/504 for upstream failures, not as an IIS shortname signal. Treating them as status-code differences caused false positives on CDN-fronted non-IIS hosts.
Add human-readable stdout display for all event types
…y-check Fix non-functional DNS brute-force canary check
Convert websocket URLs to HTTP instead of raising findings
…-gateway-fp Skip gateway error codes in IIS shortnames detection
…ments Support comments in target lists
| "evilcorp.com # the main domain", | ||
| ], | ||
| ) | ||
| assert "evilcorp.com" in target.seeds |
Check failure
Code scanning / CodeQL
Incomplete URL substring sanitization High test
Copilot Autofix
AI 1 day ago
Copilot could not generate an autofix suggestion
Copilot could not generate an autofix suggestion for this alert. Try pushing a new commit or if the problem persists contact support.
| ) | ||
|
|
||
| result = chain_lists([str(target_file)], try_files=True, _strip_comments=True) | ||
| assert "evilcorp.com" in result |
Check failure
Code scanning / CodeQL
Incomplete URL substring sanitization High test
Copilot Autofix
AI 1 day ago
Copilot could not generate an autofix suggestion
Copilot could not generate an autofix suggestion for this alert. Try pushing a new commit or if the problem persists contact support.
|
|
||
| result = chain_lists([str(target_file)], try_files=True, _strip_comments=True) | ||
| assert "evilcorp.com" in result | ||
| assert "othercorp.com" in result |
Check failure
Code scanning / CodeQL
Incomplete URL substring sanitization High test
Copilot Autofix
AI 1 day ago
Copilot could not generate an autofix suggestion
Copilot could not generate an autofix suggestion for this alert. Try pushing a new commit or if the problem persists contact support.
Filter out useless PTRs by default
Install pip inside the bbot venv
Fix docker publishing so :latest points to stable instead of dev
|
recheck |
5 participants
Summary
BBOT 3.0 "
blazed_elijah" contains changes needed to store BBOT data in a persistent database. The idea is to release it alongside BBOT server, a tiny CLI-only database. This will be paired with a series of blog posts showing how BBOT server can be used on the command line to script out bug bounty hunting, threat intel, and ASM (i.e. running scheduled scans, exporting to CSV, diffing results over time, etc.).Together, BBOT 3.0 and BBOT server will give us a solid foundation to build a bunch of other useful tooling, like asset inventory. Sometime in the future, it may also be useful to frontend.
Breaking changes
1.
.dataand.data_jsonevent fieldsThe main breaking change in BBOT 3.0 is that the name of the
.datafield is different based on whether it's astrordict..data: string.data_json: dictionaryThe
siem_friendlyoption has been removed, since BBOT data is now SIEM-friendly by default.2. Changes to vulnerabilities
The
VULNERABILITYevent type has been removed in favor ofFINDING, which now has several improvements:namefield which holds a generic description common to all findings of the same type. This makes it easier to collapse and categorize them.confidencefieldseverityfieldFeatures
Potential changes