Merge pull request #837 from blacklanternsecurity/dev

Dev --> Stable
blacklanternsecurity · Jan 12, 2024 · 32e4cdb · 32e4cdb
2 parents 6603724 + 3adc449
commit 32e4cdb
Show file tree

Hide file tree

Showing 168 changed files with 6,511 additions and 3,221 deletions.
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -31,19 +31,22 @@ jobs:
   test:
     needs: lint
     runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.9", "3.10", "3.11", "3.12"]
     steps:
       - uses: actions/checkout@v3
       - name: Set up Python
         uses: actions/setup-python@v4
         with:
-          python-version: "3.x"
+          python-version: ${{ matrix.python-version }}
       - name: Install dependencies
         run: |
           pip install poetry
           poetry install
       - name: Run tests
         run: |
-          poetry run pytest --exitfirst --reruns 2 -o timeout_func_only=true --timeout 600 --disable-warnings --log-cli-level=DEBUG --cov-report xml:cov.xml --cov=bbot .
+          poetry run pytest --exitfirst --reruns 2 -o timeout_func_only=true --timeout 1200 --disable-warnings --log-cli-level=DEBUG --cov-config=bbot/test/coverage.cfg --cov-report xml:cov.xml --cov=bbot .
       - name: Upload Code Coverage
         uses: codecov/codecov-action@v3
         with:

diff --git a/README.md b/README.md
diff --git a/bbot/cli.py b/bbot/cli.py
@@ -302,6 +302,7 @@ async def _main():
                 await scanner._prep()
 
                 if not options.dry_run:
+                    log.trace(f"Command: {' '.join(sys.argv)}")
                     if not options.agent_mode and not options.yes and sys.stdin.isatty():
                         log.hugesuccess(f"Scan ready. Press enter to execute {scanner.name}")
                         input()

diff --git a/bbot/core/configurator/__init__.py b/bbot/core/configurator/__init__.py
@@ -1,9 +1,5 @@
-import os
 import re
-import sys
-from pathlib import Path
 from omegaconf import OmegaConf
-from contextlib import suppress
 
 from . import files, args, environ
 from ..errors import ConfigLoadError
@@ -70,6 +66,11 @@ def ensure_config_files():
     secrets_strings = ["api_key", "username", "password", "token", "secret", "_id"]
     exclude_keys = ["modules", "output_modules", "internal_modules"]
 
+    comment_notice = (
+        "# NOTICE: THESE ENTRIES ARE COMMENTED BY DEFAULT\n"
+        + "# Please be sure to uncomment when inserting API keys, etc.\n"
+    )
+
     # ensure bbot.yml
     if not files.config_filename.exists():
         log_to_stderr(f"Creating BBOT config at {files.config_filename}")
@@ -81,7 +82,7 @@ def ensure_config_files():
             exclude_keys=exclude_keys,
         )
         yaml = OmegaConf.to_yaml(no_secrets_config)
-        yaml = "\n".join(f"# {line}" for line in yaml.splitlines())
+        yaml = comment_notice + "\n".join(f"# {line}" for line in yaml.splitlines())
         with open(str(files.config_filename), "w") as f:
             f.write(yaml)
 
@@ -96,7 +97,7 @@ def ensure_config_files():
             exclude_keys=exclude_keys,
         )
         yaml = OmegaConf.to_yaml(secrets_only_config)
-        yaml = "\n".join(f"# {line}" for line in yaml.splitlines())
+        yaml = comment_notice + "\n".join(f"# {line}" for line in yaml.splitlines())
         with open(str(files.secrets_filename), "w") as f:
             f.write(yaml)
         files.secrets_filename.chmod(0o600)
diff --git a/bbot/core/configurator/args.py b/bbot/core/configurator/args.py
@@ -29,11 +29,13 @@ def parse_args(self, *args, **kwargs):
         if ret.silent:
             ret.yes = True
         ret.modules = chain_lists(ret.modules)
+        ret.exclude_modules = chain_lists(ret.exclude_modules)
         ret.output_modules = chain_lists(ret.output_modules)
         ret.targets = chain_lists(ret.targets, try_files=True, msg="Reading targets from file: {filename}")
         ret.whitelist = chain_lists(ret.whitelist, try_files=True, msg="Reading whitelist from file: {filename}")
         ret.blacklist = chain_lists(ret.blacklist, try_files=True, msg="Reading blacklist from file: {filename}")
         ret.flags = chain_lists(ret.flags)
+        ret.exclude_flags = chain_lists(ret.exclude_flags)
         ret.require_flags = chain_lists(ret.require_flags)
         for m in ret.modules:
             if m not in module_choices and not self._dummy:

diff --git a/bbot/core/configurator/files.py b/bbot/core/configurator/files.py
@@ -21,7 +21,7 @@ def _get_config(filename, name="config"):
     filename = Path(filename).resolve()
     try:
         conf = OmegaConf.load(str(filename))
-        if notify:
+        if notify and __name__ == "__main__":
             log_to_stderr(f"Loaded {name} from {filename}")
         return conf
     except Exception as e: