Module Todo: Newsletter Scrapper

[stryker2k2]

Description:

• Create a new module called 'newsletters' that will scrap the websites (or recursive websites, thanks to BBOT's sub-domain enumeration) looking for the presence of an 'email type' that also contains a 'placeholder'. The combination of these two HTML items usually signify the presence of an "Enter Your Email Here" type Newsletter Subscription service. This module could be used to find newsletters for a future email bombing attack and/or find user-input fields that could be be susceptible to overflows or injections.

Module Development Checklist:

• Watch for 'URL' events and outputs 'NEWLETTER' event
• Perform a GET Request on received 'URL' events
• Scrap HTML for Newsletter Submission text box with Placeholder Text
• Emit a Boolean Event to signal if Newsletter Submission box is present
• Have automated tests to ensure module functionality
• Create PULL Request and fix peer-review issues

[stryker2k2]

Update:
I have a good working newsletter module up and running (see screenshot). It is looking good. What I want to do next is:

• Add Tests
• Determine if I must run -m httpx newsletters together... or if I can make newsletters dependent on httpx natively
• Run against many known 'Newsletter' website to verify
• Add logic to discover all forms of Newsletter Submissions, as required
• View how the [NEWSLETTER] events look in NEO4J
• Create Pull Request

[stryker2k2]

Determine if I must run -m httpx newsletters together... or if I can make newsletters dependent on httpx natively

As the moment, if there are multiple feasible recursive dependencies (ex: httpx & gowitness), BBOT will ask the Operator to make that decision via the -m argument.

See #746 for more information

[stryker2k2]

#1072 has been merged into DEV Branch. Closing out ticket/issue.