Skip to content

Commit

Permalink
add output module list in README
Browse files Browse the repository at this point in the history
  • Loading branch information
@TheTechromancer
TheTechromancer committed Feb 18, 2024
1 parent 4b94b75 commit 2e70522
Show file tree
Hide file tree
Showing 6 changed files with 40 additions and 13 deletions.
24 changes: 23 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -280,4 +280,26 @@ For a full list of modules, including the data types consumed and emitted by eac
| subdomain-hijack | 1 | Detects hijackable subdomains | subdomain_hijack |
| web-screenshots | 1 | Takes screenshots of web pages | gowitness |
<!-- END BBOT MODULE FLAGS -->
</details>

## BBOT Output Modules
BBOT can save its data to TXT, CSV, JSON, and tons of other destinations including [Neo4j](https://www.blacklanternsecurity.com/bbot/scanning/output/#neo4j), [Splunk](https://www.blacklanternsecurity.com/bbot/scanning/output/#splunk), and [Discord](https://www.blacklanternsecurity.com/bbot/scanning/output/#discord-slack-teams). For instructions on how to use these, see [Output Modules](https://www.blacklanternsecurity.com/bbot/scanning/output).

<!-- BBOT OUTPUT MODULES -->
| Module | Type | Needs API Key | Description | Flags | Consumed Events | Produced Events |
|-----------------|--------|-----------------|-----------------------------------------------------------------------------------------|----------------|--------------------------------------------------------------------------------------------------|---------------------------|
| asset_inventory | output | No | Merge hosts, open ports, technologies, findings, etc. into a single asset inventory CSV | | DNS_NAME, FINDING, HTTP_RESPONSE, IP_ADDRESS, OPEN_TCP_PORT, TECHNOLOGY, URL, VULNERABILITY, WAF | IP_ADDRESS, OPEN_TCP_PORT |
| csv | output | No | Output to CSV | | * | |
| discord | output | No | Message a Discord channel when certain events are encountered | | * | |
| emails | output | No | Output any email addresses found belonging to the target domain | email-enum | EMAIL_ADDRESS | |
| http | output | No | Send every event to a custom URL via a web request | | * | |
| human | output | No | Output to text | | * | |
| json | output | No | Output to Newline-Delimited JSON (NDJSON) | | * | |
| neo4j | output | No | Output to Neo4j | | * | |
| python | output | No | Output via Python API | | * | |
| slack | output | No | Message a Slack channel when certain events are encountered | | * | |
| splunk | output | No | Send every event to a splunk instance through HTTP Event Collector | | * | |
| subdomains | output | No | Output only resolved, in-scope subdomains | subdomain-enum | DNS_NAME, DNS_NAME_UNRESOLVED | |
| teams | output | No | Message a Teams channel when certain events are encountered | | * | |
| web_report | output | No | Create a markdown report with web assets | | FINDING, TECHNOLOGY, URL, VHOST, VULNERABILITY | |
| websocket | output | No | Output to websockets | | * | |
<!-- END BBOT OUTPUT MODULES -->
5 changes: 5 additions & 0 deletions bbot/scripts/docs.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,11 @@ def update_individual_module_options():
assert len(bbot_module_table.splitlines()) > 50
update_md_files("BBOT MODULES", bbot_module_table)

# BBOT output modules
bbot_output_module_table = module_loader.modules_table(mod_type="output")
assert len(bbot_output_module_table.splitlines()) > 10
update_md_files("BBOT OUTPUT MODULES", bbot_output_module_table)

# BBOT module options
bbot_module_options_table = module_loader.modules_options_table()
assert len(bbot_module_options_table.splitlines()) > 100
Expand Down
1 change: 1 addition & 0 deletions docs/modules/list_of_modules.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,6 +107,7 @@
| neo4j | output | No | Output to Neo4j | | * | |
| python | output | No | Output via Python API | | * | |
| slack | output | No | Message a Slack channel when certain events are encountered | | * | |
| splunk | output | No | Send every event to a splunk instance through HTTP Event Collector | | * | |
| subdomains | output | No | Output only resolved, in-scope subdomains | subdomain-enum | DNS_NAME, DNS_NAME_UNRESOLVED | |
| teams | output | No | Message a Teams channel when certain events are encountered | | * | |
| web_report | output | No | Create a markdown report with web assets | | FINDING, TECHNOLOGY, URL, VHOST, VULNERABILITY | |
Expand Down
16 changes: 5 additions & 11 deletions docs/scanning/advanced.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,16 +33,10 @@ asyncio.run(main())

<!-- BBOT HELP OUTPUT -->
```text
usage: bbot [-h] [--help-all] [-t TARGET [TARGET ...]]
[-w WHITELIST [WHITELIST ...]] [-b BLACKLIST [BLACKLIST ...]]
[--strict-scope] [-m MODULE [MODULE ...]] [-l]
[-em MODULE [MODULE ...]] [-f FLAG [FLAG ...]] [-lf]
[-rf FLAG [FLAG ...]] [-ef FLAG [FLAG ...]]
[-om MODULE [MODULE ...]] [--allow-deadly] [-n SCAN_NAME]
[-o DIR] [-c [CONFIG ...]] [-v] [-d] [-s] [--force] [-y]
[--dry-run] [--current-config]
[--no-deps | --force-deps | --retry-deps | --ignore-failed-deps | --install-all-deps]
[-a] [--version]
usage: bbot [-h] [--help-all] [-t TARGET [TARGET ...]] [-w WHITELIST [WHITELIST ...]] [-b BLACKLIST [BLACKLIST ...]] [--strict-scope] [-m MODULE [MODULE ...]] [-l]
[-em MODULE [MODULE ...]] [-f FLAG [FLAG ...]] [-lf] [-rf FLAG [FLAG ...]] [-ef FLAG [FLAG ...]] [-om MODULE [MODULE ...]] [--allow-deadly] [-n SCAN_NAME] [-o DIR]
[-c [CONFIG ...]] [-v] [-d] [-s] [--force] [-y] [--dry-run] [--current-config] [--no-deps | --force-deps | --retry-deps | --ignore-failed-deps | --install-all-deps] [-a]
[--version]
Bighuge BLS OSINT Tool
Expand Down Expand Up @@ -73,7 +67,7 @@ Modules:
-ef FLAG [FLAG ...], --exclude-flags FLAG [FLAG ...]
Disable modules with these flags. (e.g. -ef aggressive)
-om MODULE [MODULE ...], --output-modules MODULE [MODULE ...]
Output module(s). Choices: asset_inventory,csv,discord,emails,http,human,json,neo4j,python,slack,subdomains,teams,web_report,websocket
Output module(s). Choices: asset_inventory,csv,discord,emails,http,human,json,neo4j,python,slack,splunk,subdomains,teams,web_report,websocket
--allow-deadly Enable the use of highly aggressive modules
Scan:
Expand Down
Loading

0 comments on commit 2e70522

Please sign in to comment.