Skip to content

Commit

Permalink
Merge pull request #1809 from blacklanternsecurity/dns-extract-whitel…
Browse files Browse the repository at this point in the history
…ist-only

Hostname extraction - only extract whitelisted hosts
  • Loading branch information
TheTechromancer authored Sep 30, 2024
2 parents fa9cf75 + 92a68f2 commit d326413
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 7 deletions.
1 change: 1 addition & 0 deletions bbot/modules/internal/excavate.py
Original file line number Diff line number Diff line change
Expand Up @@ -828,6 +828,7 @@ async def setup(self):
yara.set_config(max_match_data=yara_max_match_data)
yara_rules_combined = "\n".join(self.yara_rules_dict.values())
try:
self.info(f"Compiling {len(self.yara_rules_dict):,} YARA rules")
self.yara_rules = yara.compile(source=yara_rules_combined)
except yara.SyntaxError as e:
self.debug(yara_rules_combined)
Expand Down
12 changes: 5 additions & 7 deletions bbot/scanner/scanner.py
Original file line number Diff line number Diff line change
Expand Up @@ -1004,15 +1004,13 @@ def dns_strings(self):
A list of DNS hostname strings generated from the scan target
"""
if self._dns_strings is None:
dns_targets = set(t.host for t in self.target if t.host and isinstance(t.host, str))
dns_whitelist = set(t.host for t in self.whitelist if t.host and isinstance(t.host, str))
dns_targets.update(dns_whitelist)
dns_targets = sorted(dns_targets, key=len)
dns_targets_set = set()
dns_whitelist = sorted(dns_whitelist, key=len)
dns_whitelist_set = set()
dns_strings = []
for t in dns_targets:
if not any(x in dns_targets_set for x in self.helpers.domain_parents(t, include_self=True)):
dns_targets_set.add(t)
for t in dns_whitelist:
if not any(x in dns_whitelist_set for x in self.helpers.domain_parents(t, include_self=True)):
dns_whitelist_set.add(t)
dns_strings.append(t)
self._dns_strings = dns_strings
return self._dns_strings
Expand Down

0 comments on commit d326413

Please sign in to comment.