From c3ed71f89b65ce32e0af39cabb41877f1544d2b7 Mon Sep 17 00:00:00 2001 From: TheTechromancer <20261699+TheTechromancer@users.noreply.github.com> Date: Mon, 9 Dec 2024 02:56:12 +0000 Subject: [PATCH] [create-pull-request] automated change --- README.md | 2 - docs/data/chord_graph/entities.json | 683 +++++++++++++++------------- docs/data/chord_graph/rels.json | 566 ++++++++++++----------- docs/modules/list_of_modules.md | 15 +- docs/modules/nuclei.md | 2 +- docs/scanning/advanced.md | 13 +- docs/scanning/configuration.md | 4 +- docs/scanning/events.md | 70 +-- docs/scanning/presets_list.md | 83 ++-- 9 files changed, 756 insertions(+), 682 deletions(-) diff --git a/README.md b/README.md index f029b9432d..bd4e9d461a 100644 --- a/README.md +++ b/README.md @@ -226,8 +226,6 @@ config: baddns: enable_references: True - - ``` diff --git a/docs/data/chord_graph/entities.json b/docs/data/chord_graph/entities.json index 88242097ed..00633c95fa 100644 --- a/docs/data/chord_graph/entities.json +++ b/docs/data/chord_graph/entities.json @@ -23,11 +23,11 @@ ] }, { - "id": 129, + "id": 131, "name": "AZURE_TENANT", "parent": 88888888, "consumes": [ - 128 + 130 ], "produces": [] }, @@ -36,20 +36,20 @@ "name": "CODE_REPOSITORY", "parent": 88888888, "consumes": [ - 62, - 82, - 85, - 87, - 117, - 136 + 63, + 83, + 86, + 88, + 119, + 138 ], "produces": [ 42, - 63, - 83, + 64, 84, - 86, - 116 + 85, + 87, + 118 ] }, { @@ -87,36 +87,37 @@ 58, 59, 60, - 61, - 67, - 79, - 83, - 90, - 94, - 96, - 102, + 62, + 68, + 80, + 84, + 91, + 95, + 97, 103, - 107, - 108, - 112, - 113, + 104, + 106, + 109, + 110, 114, - 118, - 121, - 122, + 115, + 116, + 120, 123, 124, 125, - 128, - 131, - 132, + 126, + 127, + 130, 133, + 134, 135, - 138, - 141, - 142, - 145, - 148 + 137, + 140, + 143, + 144, + 147, + 150 ], "produces": [ 6, @@ -137,31 +138,32 @@ 58, 59, 60, - 79, - 90, - 94, - 96, - 102, + 61, + 80, + 91, + 95, + 97, 103, - 105, + 104, 107, - 108, - 112, - 118, - 121, + 109, + 110, + 114, + 120, 123, - 124, - 128, + 125, + 126, 130, - 131, 132, - 135, - 138, - 139, + 133, + 134, + 137, + 140, 141, - 142, - 145, - 148 + 143, + 144, + 147, + 150 ] }, { @@ -170,8 +172,8 @@ "parent": 88888888, "consumes": [ 21, - 128, - 133 + 130, + 135 ], "produces": [] }, @@ -180,19 +182,19 @@ "name": "EMAIL_ADDRESS", "parent": 88888888, "consumes": [ - 68 + 69 ], "produces": [ 45, 52, 58, - 61, - 67, - 94, - 113, - 122, - 125, - 130 + 62, + 68, + 95, + 115, + 124, + 127, + 132 ] }, { @@ -200,18 +202,18 @@ "name": "FILESYSTEM", "parent": 88888888, "consumes": [ - 72, - 101, - 136 + 73, + 102, + 138 ], "produces": [ 8, - 62, - 76, - 82, - 85, - 101, - 117 + 63, + 77, + 83, + 86, + 102, + 119 ] }, { @@ -220,7 +222,7 @@ "parent": 88888888, "consumes": [ 14, - 146 + 148 ], "produces": [ 1, @@ -235,33 +237,33 @@ 34, 37, 51, - 81, - 86, - 91, - 93, - 96, - 104, + 82, + 87, + 92, + 94, + 97, 105, - 106, - 109, - 110, - 120, - 126, + 107, + 108, + 111, + 112, + 122, 128, - 134, + 130, 136, - 137, - 147 + 138, + 139, + 149 ] }, { - "id": 98, + "id": 99, "name": "GEOLOCATION", "parent": 88888888, "consumes": [], "produces": [ - 97, - 100 + 98, + 101 ] }, { @@ -283,24 +285,25 @@ 14, 26, 51, - 66, - 69, - 76, - 86, - 91, - 104, + 67, + 70, + 77, + 87, + 92, 105, - 109, - 110, + 106, + 107, 111, - 120, - 128, - 134, - 144, - 147 + 112, + 113, + 122, + 130, + 136, + 146, + 149 ], "produces": [ - 92 + 93 ] }, { @@ -310,26 +313,28 @@ "consumes": [ 11, 14, - 96, 97, - 99, + 98, 100, - 114, - 128 + 101, + 106, + 116, + 130 ], "produces": [ 14, - 99, - 128 + 61, + 100, + 130 ] }, { - "id": 115, + "id": 117, "name": "IP_RANGE", "parent": 88888888, "consumes": [ - 114, - 128 + 116, + 130 ], "produces": [] }, @@ -341,7 +346,7 @@ 8 ], "produces": [ - 87 + 88 ] }, { @@ -350,29 +355,30 @@ "parent": 88888888, "consumes": [ 14, - 77, - 92, - 130 + 78, + 93, + 106, + 132 ], "produces": [ 14, - 96, - 114, - 128 + 97, + 116, + 130 ] }, { - "id": 64, + "id": 65, "name": "ORG_STUB", "parent": 88888888, "consumes": [ - 63, - 84, - 87, - 116 + 64, + 85, + 88, + 118 ], "produces": [ - 128 + 130 ] }, { @@ -386,12 +392,14 @@ ] }, { - "id": 78, + "id": 79, "name": "PROTOCOL", "parent": 88888888, - "consumes": [], + "consumes": [ + 106 + ], "produces": [ - 77 + 78 ] }, { @@ -401,36 +409,37 @@ "consumes": [], "produces": [ 54, - 61 + 61, + 62 ] }, { - "id": 70, + "id": 71, "name": "RAW_TEXT", "parent": 88888888, "consumes": [ - 69 + 70 ], "produces": [ - 72 + 73 ] }, { - "id": 65, + "id": 66, "name": "SOCIAL", "parent": 88888888, "consumes": [ - 63, - 84, - 86, - 88, - 116, - 128 + 64, + 85, + 87, + 89, + 118, + 130 ], "produces": [ - 63, - 86, - 127 + 64, + 87, + 129 ] }, { @@ -445,7 +454,7 @@ 32, 33, 34, - 128 + 130 ], "produces": [ 29, @@ -461,19 +470,19 @@ "parent": 88888888, "consumes": [ 14, - 86, - 146, - 147 + 87, + 148, + 149 ], "produces": [ 26, - 66, - 86, - 88, - 96, - 106, - 144, - 147 + 67, + 87, + 89, + 97, + 108, + 146, + 149 ] }, { @@ -485,37 +494,37 @@ 14, 23, 37, - 73, - 80, + 74, 81, - 88, - 92, - 95, - 105, - 106, - 119, - 126, + 82, + 89, + 93, + 96, + 107, + 108, + 121, 128, - 134, - 137, + 130, + 136, 139, - 143, - 146 + 141, + 145, + 148 ], "produces": [ - 88, - 92 + 89, + 93 ] }, { - "id": 75, + "id": 76, "name": "URL_HINT", "parent": 88888888, "consumes": [ - 74 + 75 ], "produces": [ - 95 + 96 ] }, { @@ -524,11 +533,11 @@ "parent": 88888888, "consumes": [ 42, - 76, - 92, - 107, - 127, - 128 + 77, + 93, + 109, + 129, + 130 ], "produces": [ 18, @@ -536,19 +545,19 @@ 32, 54, 58, - 61, - 63, - 69, - 73, + 62, + 64, + 70, 74, - 83, - 88, - 94, - 119, - 122, - 138, - 145, - 147 + 75, + 84, + 89, + 95, + 121, + 124, + 140, + 147, + 149 ] }, { @@ -556,7 +565,7 @@ "name": "USERNAME", "parent": 88888888, "consumes": [ - 128 + 130 ], "produces": [ 45, @@ -564,14 +573,14 @@ ] }, { - "id": 140, + "id": 142, "name": "VHOST", "parent": 88888888, "consumes": [ - 146 + 148 ], "produces": [ - 139 + 141 ] }, { @@ -580,7 +589,7 @@ "parent": 88888888, "consumes": [ 14, - 146 + 148 ], "produces": [ 1, @@ -589,13 +598,13 @@ 25, 26, 51, - 66, - 80, - 96, - 106, - 134, + 67, + 81, + 97, + 108, 136, - 147 + 138, + 149 ] }, { @@ -606,33 +615,33 @@ 14 ], "produces": [ - 143 + 145 ] }, { - "id": 89, + "id": 90, "name": "WEBSCREENSHOT", "parent": 88888888, "consumes": [], "produces": [ - 88 + 89 ] }, { - "id": 71, + "id": 72, "name": "WEB_PARAMETER", "parent": 88888888, "consumes": [ - 93, - 109, - 110, - 111 + 94, + 111, + 112, + 113 ], "produces": [ - 69, - 109, - 110, - 111 + 70, + 111, + 112, + 113 ] }, { @@ -1105,6 +1114,17 @@ }, { "id": 61, + "name": "dnsresolve", + "parent": 99999999, + "consumes": [], + "produces": [ + 7, + 12, + 55 + ] + }, + { + "id": 62, "name": "dnstlsrpt", "parent": 99999999, "consumes": [ @@ -1117,7 +1137,7 @@ ] }, { - "id": 62, + "id": 63, "name": "docker_pull", "parent": 99999999, "consumes": [ @@ -1128,21 +1148,21 @@ ] }, { - "id": 63, + "id": 64, "name": "dockerhub", "parent": 99999999, "consumes": [ - 64, - 65 + 65, + 66 ], "produces": [ 43, - 65, + 66, 19 ] }, { - "id": 66, + "id": 67, "name": "dotnetnuke", "parent": 99999999, "consumes": [ @@ -1154,7 +1174,7 @@ ] }, { - "id": 67, + "id": 68, "name": "emailformat", "parent": 99999999, "consumes": [ @@ -1165,7 +1185,7 @@ ] }, { - "id": 68, + "id": 69, "name": "emails", "parent": 99999999, "consumes": [ @@ -1174,31 +1194,31 @@ "produces": [] }, { - "id": 69, + "id": 70, "name": "excavate", "parent": 99999999, "consumes": [ 2, - 70 + 71 ], "produces": [ 19, - 71 + 72 ] }, { - "id": 72, + "id": 73, "name": "extractous", "parent": 99999999, "consumes": [ 10 ], "produces": [ - 70 + 71 ] }, { - "id": 73, + "id": 74, "name": "ffuf", "parent": 99999999, "consumes": [ @@ -1209,18 +1229,18 @@ ] }, { - "id": 74, + "id": 75, "name": "ffuf_shortnames", "parent": 99999999, "consumes": [ - 75 + 76 ], "produces": [ 19 ] }, { - "id": 76, + "id": 77, "name": "filedownload", "parent": 99999999, "consumes": [ @@ -1232,18 +1252,18 @@ ] }, { - "id": 77, + "id": 78, "name": "fingerprintx", "parent": 99999999, "consumes": [ 15 ], "produces": [ - 78 + 79 ] }, { - "id": 79, + "id": 80, "name": "fullhunt", "parent": 99999999, "consumes": [ @@ -1254,7 +1274,7 @@ ] }, { - "id": 80, + "id": 81, "name": "generic_ssrf", "parent": 99999999, "consumes": [ @@ -1265,7 +1285,7 @@ ] }, { - "id": 81, + "id": 82, "name": "git", "parent": 99999999, "consumes": [ @@ -1276,7 +1296,7 @@ ] }, { - "id": 82, + "id": 83, "name": "git_clone", "parent": 99999999, "consumes": [ @@ -1287,7 +1307,7 @@ ] }, { - "id": 83, + "id": 84, "name": "github_codesearch", "parent": 99999999, "consumes": [ @@ -1299,19 +1319,19 @@ ] }, { - "id": 84, + "id": 85, "name": "github_org", "parent": 99999999, "consumes": [ - 64, - 65 + 65, + 66 ], "produces": [ 43 ] }, { - "id": 85, + "id": 86, "name": "github_workflows", "parent": 99999999, "consumes": [ @@ -1322,50 +1342,50 @@ ] }, { - "id": 86, + "id": 87, "name": "gitlab", "parent": 99999999, "consumes": [ 2, - 65, + 66, 16 ], "produces": [ 43, 4, - 65, + 66, 16 ] }, { - "id": 87, + "id": 88, "name": "google_playstore", "parent": 99999999, "consumes": [ 43, - 64 + 65 ], "produces": [ 9 ] }, { - "id": 88, + "id": 89, "name": "gowitness", "parent": 99999999, "consumes": [ - 65, + 66, 3 ], "produces": [ 16, 3, 19, - 89 + 90 ] }, { - "id": 90, + "id": 91, "name": "hackertarget", "parent": 99999999, "consumes": [ @@ -1376,7 +1396,7 @@ ] }, { - "id": 91, + "id": 92, "name": "host_header", "parent": 99999999, "consumes": [ @@ -1387,7 +1407,7 @@ ] }, { - "id": 92, + "id": 93, "name": "httpx", "parent": 99999999, "consumes": [ @@ -1401,18 +1421,18 @@ ] }, { - "id": 93, + "id": 94, "name": "hunt", "parent": 99999999, "consumes": [ - 71 + 72 ], "produces": [ 4 ] }, { - "id": 94, + "id": 95, "name": "hunterio", "parent": 99999999, "consumes": [ @@ -1425,18 +1445,18 @@ ] }, { - "id": 95, + "id": 96, "name": "iis_shortnames", "parent": 99999999, "consumes": [ 3 ], "produces": [ - 75 + 76 ] }, { - "id": 96, + "id": 97, "name": "internetdb", "parent": 99999999, "consumes": [ @@ -1452,18 +1472,18 @@ ] }, { - "id": 97, + "id": 98, "name": "ip2location", "parent": 99999999, "consumes": [ 12 ], "produces": [ - 98 + 99 ] }, { - "id": 99, + "id": 100, "name": "ipneighbor", "parent": 99999999, "consumes": [ @@ -1474,18 +1494,18 @@ ] }, { - "id": 100, + "id": 101, "name": "ipstack", "parent": 99999999, "consumes": [ 12 ], "produces": [ - 98 + 99 ] }, { - "id": 101, + "id": 102, "name": "jadx", "parent": 99999999, "consumes": [ @@ -1496,7 +1516,7 @@ ] }, { - "id": 102, + "id": 103, "name": "leakix", "parent": 99999999, "consumes": [ @@ -1507,7 +1527,7 @@ ] }, { - "id": 103, + "id": 104, "name": "myssl", "parent": 99999999, "consumes": [ @@ -1518,7 +1538,7 @@ ] }, { - "id": 104, + "id": 105, "name": "newsletters", "parent": 99999999, "consumes": [ @@ -1529,7 +1549,20 @@ ] }, { - "id": 105, + "id": 106, + "name": "nmap_xml", + "parent": 99999999, + "consumes": [ + 7, + 2, + 12, + 15, + 79 + ], + "produces": [] + }, + { + "id": 107, "name": "ntlm", "parent": 99999999, "consumes": [ @@ -1542,7 +1575,7 @@ ] }, { - "id": 106, + "id": 108, "name": "nuclei", "parent": 99999999, "consumes": [ @@ -1555,7 +1588,7 @@ ] }, { - "id": 107, + "id": 109, "name": "oauth", "parent": 99999999, "consumes": [ @@ -1567,7 +1600,7 @@ ] }, { - "id": 108, + "id": 110, "name": "otx", "parent": 99999999, "consumes": [ @@ -1578,45 +1611,45 @@ ] }, { - "id": 109, + "id": 111, "name": "paramminer_cookies", "parent": 99999999, "consumes": [ 2, - 71 + 72 ], "produces": [ 4, - 71 + 72 ] }, { - "id": 110, + "id": 112, "name": "paramminer_getparams", "parent": 99999999, "consumes": [ 2, - 71 + 72 ], "produces": [ 4, - 71 + 72 ] }, { - "id": 111, + "id": 113, "name": "paramminer_headers", "parent": 99999999, "consumes": [ 2, - 71 + 72 ], "produces": [ - 71 + 72 ] }, { - "id": 112, + "id": 114, "name": "passivetotal", "parent": 99999999, "consumes": [ @@ -1627,7 +1660,7 @@ ] }, { - "id": 113, + "id": 115, "name": "pgp", "parent": 99999999, "consumes": [ @@ -1638,32 +1671,32 @@ ] }, { - "id": 114, + "id": 116, "name": "portscan", "parent": 99999999, "consumes": [ 7, 12, - 115 + 117 ], "produces": [ 15 ] }, { - "id": 116, + "id": 118, "name": "postman", "parent": 99999999, "consumes": [ - 64, - 65 + 65, + 66 ], "produces": [ 43 ] }, { - "id": 117, + "id": 119, "name": "postman_download", "parent": 99999999, "consumes": [ @@ -1674,7 +1707,7 @@ ] }, { - "id": 118, + "id": 120, "name": "rapiddns", "parent": 99999999, "consumes": [ @@ -1685,7 +1718,7 @@ ] }, { - "id": 119, + "id": 121, "name": "robots", "parent": 99999999, "consumes": [ @@ -1696,7 +1729,7 @@ ] }, { - "id": 120, + "id": 122, "name": "secretsdb", "parent": 99999999, "consumes": [ @@ -1707,7 +1740,7 @@ ] }, { - "id": 121, + "id": 123, "name": "securitytrails", "parent": 99999999, "consumes": [ @@ -1718,7 +1751,7 @@ ] }, { - "id": 122, + "id": 124, "name": "securitytxt", "parent": 99999999, "consumes": [ @@ -1730,7 +1763,7 @@ ] }, { - "id": 123, + "id": 125, "name": "shodan_dns", "parent": 99999999, "consumes": [ @@ -1741,7 +1774,7 @@ ] }, { - "id": 124, + "id": 126, "name": "sitedossier", "parent": 99999999, "consumes": [ @@ -1752,7 +1785,7 @@ ] }, { - "id": 125, + "id": 127, "name": "skymem", "parent": 99999999, "consumes": [ @@ -1763,7 +1796,7 @@ ] }, { - "id": 126, + "id": 128, "name": "smuggler", "parent": 99999999, "consumes": [ @@ -1774,28 +1807,28 @@ ] }, { - "id": 127, + "id": 129, "name": "social", "parent": 99999999, "consumes": [ 19 ], "produces": [ - 65 + 66 ] }, { - "id": 128, + "id": 130, "name": "speculate", "parent": 99999999, "consumes": [ - 129, + 131, 7, 22, 2, 12, - 115, - 65, + 117, + 66, 24, 3, 19, @@ -1806,11 +1839,11 @@ 4, 12, 15, - 64 + 65 ] }, { - "id": 130, + "id": 132, "name": "sslcert", "parent": 99999999, "consumes": [ @@ -1822,7 +1855,7 @@ ] }, { - "id": 131, + "id": 133, "name": "subdomaincenter", "parent": 99999999, "consumes": [ @@ -1833,7 +1866,7 @@ ] }, { - "id": 132, + "id": 134, "name": "subdomainradar", "parent": 99999999, "consumes": [ @@ -1844,7 +1877,7 @@ ] }, { - "id": 133, + "id": 135, "name": "subdomains", "parent": 99999999, "consumes": [ @@ -1854,7 +1887,7 @@ "produces": [] }, { - "id": 134, + "id": 136, "name": "telerik", "parent": 99999999, "consumes": [ @@ -1867,7 +1900,7 @@ ] }, { - "id": 135, + "id": 137, "name": "trickest", "parent": 99999999, "consumes": [ @@ -1878,7 +1911,7 @@ ] }, { - "id": 136, + "id": 138, "name": "trufflehog", "parent": 99999999, "consumes": [ @@ -1891,7 +1924,7 @@ ] }, { - "id": 137, + "id": 139, "name": "url_manipulation", "parent": 99999999, "consumes": [ @@ -1902,7 +1935,7 @@ ] }, { - "id": 138, + "id": 140, "name": "urlscan", "parent": 99999999, "consumes": [ @@ -1914,7 +1947,7 @@ ] }, { - "id": 139, + "id": 141, "name": "vhost", "parent": 99999999, "consumes": [ @@ -1922,11 +1955,11 @@ ], "produces": [ 7, - 140 + 142 ] }, { - "id": 141, + "id": 143, "name": "viewdns", "parent": 99999999, "consumes": [ @@ -1937,7 +1970,7 @@ ] }, { - "id": 142, + "id": 144, "name": "virustotal", "parent": 99999999, "consumes": [ @@ -1948,7 +1981,7 @@ ] }, { - "id": 143, + "id": 145, "name": "wafw00f", "parent": 99999999, "consumes": [ @@ -1959,7 +1992,7 @@ ] }, { - "id": 144, + "id": 146, "name": "wappalyzer", "parent": 99999999, "consumes": [ @@ -1970,7 +2003,7 @@ ] }, { - "id": 145, + "id": 147, "name": "wayback", "parent": 99999999, "consumes": [ @@ -1982,20 +2015,20 @@ ] }, { - "id": 146, + "id": 148, "name": "web_report", "parent": 99999999, "consumes": [ 4, 16, 3, - 140, + 142, 5 ], "produces": [] }, { - "id": 147, + "id": 149, "name": "wpscan", "parent": 99999999, "consumes": [ @@ -2010,7 +2043,7 @@ ] }, { - "id": 148, + "id": 150, "name": "zoomeye", "parent": 99999999, "consumes": [ @@ -2020,4 +2053,4 @@ 7 ] } -] +] \ No newline at end of file diff --git a/docs/data/chord_graph/rels.json b/docs/data/chord_graph/rels.json index 43a646026a..f25e491f3e 100644 --- a/docs/data/chord_graph/rels.json +++ b/docs/data/chord_graph/rels.json @@ -585,1138 +585,1178 @@ "type": "produces" }, { - "source": 61, + "source": 7, + "target": 61, + "type": "produces" + }, + { + "source": 12, + "target": 61, + "type": "produces" + }, + { + "source": 55, + "target": 61, + "type": "produces" + }, + { + "source": 62, "target": 7, "type": "consumes" }, { "source": 46, - "target": 61, + "target": 62, "type": "produces" }, { "source": 55, - "target": 61, + "target": 62, "type": "produces" }, { "source": 19, - "target": 61, + "target": 62, "type": "produces" }, { - "source": 62, + "source": 63, "target": 43, "type": "consumes" }, { "source": 10, - "target": 62, + "target": 63, "type": "produces" }, { - "source": 63, - "target": 64, + "source": 64, + "target": 65, "type": "consumes" }, { - "source": 63, - "target": 65, + "source": 64, + "target": 66, "type": "consumes" }, { "source": 43, - "target": 63, + "target": 64, "type": "produces" }, { - "source": 65, - "target": 63, + "source": 66, + "target": 64, "type": "produces" }, { "source": 19, - "target": 63, + "target": 64, "type": "produces" }, { - "source": 66, + "source": 67, "target": 2, "type": "consumes" }, { "source": 16, - "target": 66, + "target": 67, "type": "produces" }, { "source": 5, - "target": 66, + "target": 67, "type": "produces" }, { - "source": 67, + "source": 68, "target": 7, "type": "consumes" }, { "source": 46, - "target": 67, + "target": 68, "type": "produces" }, { - "source": 68, + "source": 69, "target": 46, "type": "consumes" }, { - "source": 69, + "source": 70, "target": 2, "type": "consumes" }, { - "source": 69, - "target": 70, + "source": 70, + "target": 71, "type": "consumes" }, { "source": 19, - "target": 69, + "target": 70, "type": "produces" }, { - "source": 71, - "target": 69, + "source": 72, + "target": 70, "type": "produces" }, { - "source": 72, + "source": 73, "target": 10, "type": "consumes" }, { - "source": 70, - "target": 72, + "source": 71, + "target": 73, "type": "produces" }, { - "source": 73, + "source": 74, "target": 3, "type": "consumes" }, { "source": 19, - "target": 73, + "target": 74, "type": "produces" }, { - "source": 74, - "target": 75, + "source": 75, + "target": 76, "type": "consumes" }, { "source": 19, - "target": 74, + "target": 75, "type": "produces" }, { - "source": 76, + "source": 77, "target": 2, "type": "consumes" }, { - "source": 76, + "source": 77, "target": 19, "type": "consumes" }, { "source": 10, - "target": 76, + "target": 77, "type": "produces" }, { - "source": 77, + "source": 78, "target": 15, "type": "consumes" }, { - "source": 78, - "target": 77, + "source": 79, + "target": 78, "type": "produces" }, { - "source": 79, + "source": 80, "target": 7, "type": "consumes" }, { "source": 7, - "target": 79, + "target": 80, "type": "produces" }, { - "source": 80, + "source": 81, "target": 3, "type": "consumes" }, { "source": 5, - "target": 80, + "target": 81, "type": "produces" }, { - "source": 81, + "source": 82, "target": 3, "type": "consumes" }, { "source": 4, - "target": 81, + "target": 82, "type": "produces" }, { - "source": 82, + "source": 83, "target": 43, "type": "consumes" }, { "source": 10, - "target": 82, + "target": 83, "type": "produces" }, { - "source": 83, + "source": 84, "target": 7, "type": "consumes" }, { "source": 43, - "target": 83, + "target": 84, "type": "produces" }, { "source": 19, - "target": 83, + "target": 84, "type": "produces" }, { - "source": 84, - "target": 64, + "source": 85, + "target": 65, "type": "consumes" }, { - "source": 84, - "target": 65, + "source": 85, + "target": 66, "type": "consumes" }, { "source": 43, - "target": 84, + "target": 85, "type": "produces" }, { - "source": 85, + "source": 86, "target": 43, "type": "consumes" }, { "source": 10, - "target": 85, + "target": 86, "type": "produces" }, { - "source": 86, + "source": 87, "target": 2, "type": "consumes" }, { - "source": 86, - "target": 65, + "source": 87, + "target": 66, "type": "consumes" }, { - "source": 86, + "source": 87, "target": 16, "type": "consumes" }, { "source": 43, - "target": 86, + "target": 87, "type": "produces" }, { "source": 4, - "target": 86, + "target": 87, "type": "produces" }, { - "source": 65, - "target": 86, + "source": 66, + "target": 87, "type": "produces" }, { "source": 16, - "target": 86, + "target": 87, "type": "produces" }, { - "source": 87, + "source": 88, "target": 43, "type": "consumes" }, { - "source": 87, - "target": 64, + "source": 88, + "target": 65, "type": "consumes" }, { "source": 9, - "target": 87, + "target": 88, "type": "produces" }, { - "source": 88, - "target": 65, + "source": 89, + "target": 66, "type": "consumes" }, { - "source": 88, + "source": 89, "target": 3, "type": "consumes" }, { "source": 16, - "target": 88, + "target": 89, "type": "produces" }, { "source": 3, - "target": 88, + "target": 89, "type": "produces" }, { "source": 19, - "target": 88, + "target": 89, "type": "produces" }, { - "source": 89, - "target": 88, + "source": 90, + "target": 89, "type": "produces" }, { - "source": 90, + "source": 91, "target": 7, "type": "consumes" }, { "source": 7, - "target": 90, + "target": 91, "type": "produces" }, { - "source": 91, + "source": 92, "target": 2, "type": "consumes" }, { "source": 4, - "target": 91, + "target": 92, "type": "produces" }, { - "source": 92, + "source": 93, "target": 15, "type": "consumes" }, { - "source": 92, + "source": 93, "target": 3, "type": "consumes" }, { - "source": 92, + "source": 93, "target": 19, "type": "consumes" }, { "source": 2, - "target": 92, + "target": 93, "type": "produces" }, { "source": 3, - "target": 92, + "target": 93, "type": "produces" }, { - "source": 93, - "target": 71, + "source": 94, + "target": 72, "type": "consumes" }, { "source": 4, - "target": 93, + "target": 94, "type": "produces" }, { - "source": 94, + "source": 95, "target": 7, "type": "consumes" }, { "source": 7, - "target": 94, + "target": 95, "type": "produces" }, { "source": 46, - "target": 94, + "target": 95, "type": "produces" }, { "source": 19, - "target": 94, + "target": 95, "type": "produces" }, { - "source": 95, + "source": 96, "target": 3, "type": "consumes" }, { - "source": 75, - "target": 95, + "source": 76, + "target": 96, "type": "produces" }, { - "source": 96, + "source": 97, "target": 7, "type": "consumes" }, { - "source": 96, + "source": 97, "target": 12, "type": "consumes" }, { "source": 7, - "target": 96, + "target": 97, "type": "produces" }, { "source": 4, - "target": 96, + "target": 97, "type": "produces" }, { "source": 15, - "target": 96, + "target": 97, "type": "produces" }, { "source": 16, - "target": 96, + "target": 97, "type": "produces" }, { "source": 5, - "target": 96, + "target": 97, "type": "produces" }, { - "source": 97, + "source": 98, "target": 12, "type": "consumes" }, { - "source": 98, - "target": 97, + "source": 99, + "target": 98, "type": "produces" }, { - "source": 99, + "source": 100, "target": 12, "type": "consumes" }, { "source": 12, - "target": 99, + "target": 100, "type": "produces" }, { - "source": 100, + "source": 101, "target": 12, "type": "consumes" }, { - "source": 98, - "target": 100, + "source": 99, + "target": 101, "type": "produces" }, { - "source": 101, + "source": 102, "target": 10, "type": "consumes" }, { "source": 10, - "target": 101, + "target": 102, "type": "produces" }, { - "source": 102, + "source": 103, "target": 7, "type": "consumes" }, { "source": 7, - "target": 102, + "target": 103, "type": "produces" }, { - "source": 103, + "source": 104, "target": 7, "type": "consumes" }, { "source": 7, - "target": 103, + "target": 104, "type": "produces" }, { - "source": 104, + "source": 105, "target": 2, "type": "consumes" }, { "source": 4, - "target": 104, + "target": 105, "type": "produces" }, { - "source": 105, + "source": 106, + "target": 7, + "type": "consumes" + }, + { + "source": 106, "target": 2, "type": "consumes" }, { - "source": 105, + "source": 106, + "target": 12, + "type": "consumes" + }, + { + "source": 106, + "target": 15, + "type": "consumes" + }, + { + "source": 106, + "target": 79, + "type": "consumes" + }, + { + "source": 107, + "target": 2, + "type": "consumes" + }, + { + "source": 107, "target": 3, "type": "consumes" }, { "source": 7, - "target": 105, + "target": 107, "type": "produces" }, { "source": 4, - "target": 105, + "target": 107, "type": "produces" }, { - "source": 106, + "source": 108, "target": 3, "type": "consumes" }, { "source": 4, - "target": 106, + "target": 108, "type": "produces" }, { "source": 16, - "target": 106, + "target": 108, "type": "produces" }, { "source": 5, - "target": 106, + "target": 108, "type": "produces" }, { - "source": 107, + "source": 109, "target": 7, "type": "consumes" }, { - "source": 107, + "source": 109, "target": 19, "type": "consumes" }, { "source": 7, - "target": 107, + "target": 109, "type": "produces" }, { - "source": 108, + "source": 110, "target": 7, "type": "consumes" }, { "source": 7, - "target": 108, + "target": 110, "type": "produces" }, { - "source": 109, + "source": 111, "target": 2, "type": "consumes" }, { - "source": 109, - "target": 71, + "source": 111, + "target": 72, "type": "consumes" }, { "source": 4, - "target": 109, + "target": 111, "type": "produces" }, { - "source": 71, - "target": 109, + "source": 72, + "target": 111, "type": "produces" }, { - "source": 110, + "source": 112, "target": 2, "type": "consumes" }, { - "source": 110, - "target": 71, + "source": 112, + "target": 72, "type": "consumes" }, { "source": 4, - "target": 110, + "target": 112, "type": "produces" }, { - "source": 71, - "target": 110, + "source": 72, + "target": 112, "type": "produces" }, { - "source": 111, + "source": 113, "target": 2, "type": "consumes" }, { - "source": 111, - "target": 71, + "source": 113, + "target": 72, "type": "consumes" }, { - "source": 71, - "target": 111, + "source": 72, + "target": 113, "type": "produces" }, { - "source": 112, + "source": 114, "target": 7, "type": "consumes" }, { "source": 7, - "target": 112, + "target": 114, "type": "produces" }, { - "source": 113, + "source": 115, "target": 7, "type": "consumes" }, { "source": 46, - "target": 113, + "target": 115, "type": "produces" }, { - "source": 114, + "source": 116, "target": 7, "type": "consumes" }, { - "source": 114, + "source": 116, "target": 12, "type": "consumes" }, { - "source": 114, - "target": 115, + "source": 116, + "target": 117, "type": "consumes" }, { "source": 15, - "target": 114, + "target": 116, "type": "produces" }, { - "source": 116, - "target": 64, + "source": 118, + "target": 65, "type": "consumes" }, { - "source": 116, - "target": 65, + "source": 118, + "target": 66, "type": "consumes" }, { "source": 43, - "target": 116, + "target": 118, "type": "produces" }, { - "source": 117, + "source": 119, "target": 43, "type": "consumes" }, { "source": 10, - "target": 117, + "target": 119, "type": "produces" }, { - "source": 118, + "source": 120, "target": 7, "type": "consumes" }, { "source": 7, - "target": 118, + "target": 120, "type": "produces" }, { - "source": 119, + "source": 121, "target": 3, "type": "consumes" }, { "source": 19, - "target": 119, + "target": 121, "type": "produces" }, { - "source": 120, + "source": 122, "target": 2, "type": "consumes" }, { "source": 4, - "target": 120, + "target": 122, "type": "produces" }, { - "source": 121, + "source": 123, "target": 7, "type": "consumes" }, { "source": 7, - "target": 121, + "target": 123, "type": "produces" }, { - "source": 122, + "source": 124, "target": 7, "type": "consumes" }, { "source": 46, - "target": 122, + "target": 124, "type": "produces" }, { "source": 19, - "target": 122, + "target": 124, "type": "produces" }, { - "source": 123, + "source": 125, "target": 7, "type": "consumes" }, { "source": 7, - "target": 123, + "target": 125, "type": "produces" }, { - "source": 124, + "source": 126, "target": 7, "type": "consumes" }, { "source": 7, - "target": 124, + "target": 126, "type": "produces" }, { - "source": 125, + "source": 127, "target": 7, "type": "consumes" }, { "source": 46, - "target": 125, + "target": 127, "type": "produces" }, { - "source": 126, + "source": 128, "target": 3, "type": "consumes" }, { "source": 4, - "target": 126, + "target": 128, "type": "produces" }, { - "source": 127, + "source": 129, "target": 19, "type": "consumes" }, { - "source": 65, - "target": 127, + "source": 66, + "target": 129, "type": "produces" }, { - "source": 128, - "target": 129, + "source": 130, + "target": 131, "type": "consumes" }, { - "source": 128, + "source": 130, "target": 7, "type": "consumes" }, { - "source": 128, + "source": 130, "target": 22, "type": "consumes" }, { - "source": 128, + "source": 130, "target": 2, "type": "consumes" }, { - "source": 128, + "source": 130, "target": 12, "type": "consumes" }, { - "source": 128, - "target": 115, + "source": 130, + "target": 117, "type": "consumes" }, { - "source": 128, - "target": 65, + "source": 130, + "target": 66, "type": "consumes" }, { - "source": 128, + "source": 130, "target": 24, "type": "consumes" }, { - "source": 128, + "source": 130, "target": 3, "type": "consumes" }, { - "source": 128, + "source": 130, "target": 19, "type": "consumes" }, { - "source": 128, + "source": 130, "target": 49, "type": "consumes" }, { "source": 7, - "target": 128, + "target": 130, "type": "produces" }, { "source": 4, - "target": 128, + "target": 130, "type": "produces" }, { "source": 12, - "target": 128, + "target": 130, "type": "produces" }, { "source": 15, - "target": 128, + "target": 130, "type": "produces" }, { - "source": 64, - "target": 128, + "source": 65, + "target": 130, "type": "produces" }, { - "source": 130, + "source": 132, "target": 15, "type": "consumes" }, { "source": 7, - "target": 130, + "target": 132, "type": "produces" }, { "source": 46, - "target": 130, + "target": 132, "type": "produces" }, { - "source": 131, + "source": 133, "target": 7, "type": "consumes" }, { "source": 7, - "target": 131, + "target": 133, "type": "produces" }, { - "source": 132, + "source": 134, "target": 7, "type": "consumes" }, { "source": 7, - "target": 132, + "target": 134, "type": "produces" }, { - "source": 133, + "source": 135, "target": 7, "type": "consumes" }, { - "source": 133, + "source": 135, "target": 22, "type": "consumes" }, { - "source": 134, + "source": 136, "target": 2, "type": "consumes" }, { - "source": 134, + "source": 136, "target": 3, "type": "consumes" }, { "source": 4, - "target": 134, + "target": 136, "type": "produces" }, { "source": 5, - "target": 134, + "target": 136, "type": "produces" }, { - "source": 135, + "source": 137, "target": 7, "type": "consumes" }, { "source": 7, - "target": 135, + "target": 137, "type": "produces" }, { - "source": 136, + "source": 138, "target": 43, "type": "consumes" }, { - "source": 136, + "source": 138, "target": 10, "type": "consumes" }, { "source": 4, - "target": 136, + "target": 138, "type": "produces" }, { "source": 5, - "target": 136, + "target": 138, "type": "produces" }, { - "source": 137, + "source": 139, "target": 3, "type": "consumes" }, { "source": 4, - "target": 137, + "target": 139, "type": "produces" }, { - "source": 138, + "source": 140, "target": 7, "type": "consumes" }, { "source": 7, - "target": 138, + "target": 140, "type": "produces" }, { "source": 19, - "target": 138, + "target": 140, "type": "produces" }, { - "source": 139, + "source": 141, "target": 3, "type": "consumes" }, { "source": 7, - "target": 139, + "target": 141, "type": "produces" }, { - "source": 140, - "target": 139, + "source": 142, + "target": 141, "type": "produces" }, { - "source": 141, + "source": 143, "target": 7, "type": "consumes" }, { "source": 7, - "target": 141, + "target": 143, "type": "produces" }, { - "source": 142, + "source": 144, "target": 7, "type": "consumes" }, { "source": 7, - "target": 142, + "target": 144, "type": "produces" }, { - "source": 143, + "source": 145, "target": 3, "type": "consumes" }, { "source": 17, - "target": 143, + "target": 145, "type": "produces" }, { - "source": 144, + "source": 146, "target": 2, "type": "consumes" }, { "source": 16, - "target": 144, + "target": 146, "type": "produces" }, { - "source": 145, + "source": 147, "target": 7, "type": "consumes" }, { "source": 7, - "target": 145, + "target": 147, "type": "produces" }, { "source": 19, - "target": 145, + "target": 147, "type": "produces" }, { - "source": 146, + "source": 148, "target": 4, "type": "consumes" }, { - "source": 146, + "source": 148, "target": 16, "type": "consumes" }, { - "source": 146, + "source": 148, "target": 3, "type": "consumes" }, { - "source": 146, - "target": 140, + "source": 148, + "target": 142, "type": "consumes" }, { - "source": 146, + "source": 148, "target": 5, "type": "consumes" }, { - "source": 147, + "source": 149, "target": 2, "type": "consumes" }, { - "source": 147, + "source": 149, "target": 16, "type": "consumes" }, { "source": 4, - "target": 147, + "target": 149, "type": "produces" }, { "source": 16, - "target": 147, + "target": 149, "type": "produces" }, { "source": 19, - "target": 147, + "target": 149, "type": "produces" }, { "source": 5, - "target": 147, + "target": 149, "type": "produces" }, { - "source": 148, + "source": 150, "target": 7, "type": "consumes" }, { "source": 7, - "target": 148, + "target": 150, "type": "produces" } -] +] \ No newline at end of file diff --git a/docs/modules/list_of_modules.md b/docs/modules/list_of_modules.md index 44d57a0fbe..f8eae6b501 100644 --- a/docs/modules/list_of_modules.md +++ b/docs/modules/list_of_modules.md @@ -120,21 +120,22 @@ | emails | output | No | Output any email addresses found belonging to the target domain | email-enum | EMAIL_ADDRESS | | @domwhewell-sage | 2023-12-23 | | http | output | No | Send every event to a custom URL via a web request | | * | | @TheTechromancer | 2022-04-13 | | json | output | No | Output to Newline-Delimited JSON (NDJSON) | | * | | @TheTechromancer | 2022-04-07 | -| mysql | output | No | Output scan data to a MySQL database | | * | | | | +| mysql | output | No | Output scan data to a MySQL database | | * | | @TheTechromancer | 2024-11-13 | | neo4j | output | No | Output to Neo4j | | * | | @TheTechromancer | 2022-04-07 | -| postgres | output | No | Output scan data to a SQLite database | | * | | | | +| nmap_xml | output | No | Output to Nmap XML | | DNS_NAME, HTTP_RESPONSE, IP_ADDRESS, OPEN_TCP_PORT, PROTOCOL | | @TheTechromancer | 2024-11-16 | +| postgres | output | No | Output scan data to a SQLite database | | * | | @TheTechromancer | 2024-11-08 | | python | output | No | Output via Python API | | * | | @TheTechromancer | 2022-09-13 | | slack | output | No | Message a Slack channel when certain events are encountered | | * | | @TheTechromancer | 2023-08-14 | | splunk | output | No | Send every event to a splunk instance through HTTP Event Collector | | * | | @w0Tx | 2024-02-17 | -| sqlite | output | No | Output scan data to a SQLite database | | * | | | | -| stdout | output | No | Output to text | | * | | | | +| sqlite | output | No | Output scan data to a SQLite database | | * | | @TheTechromancer | 2024-11-07 | +| stdout | output | No | Output to text | | * | | @TheTechromancer | 2024-04-03 | | subdomains | output | No | Output only resolved, in-scope subdomains | subdomain-enum | DNS_NAME, DNS_NAME_UNRESOLVED | | @TheTechromancer | 2023-07-31 | | teams | output | No | Message a Teams channel when certain events are encountered | | * | | @TheTechromancer | 2023-08-14 | -| txt | output | No | Output to text | | * | | | | +| txt | output | No | Output to text | | * | | @TheTechromancer | 2024-04-03 | | web_report | output | No | Create a markdown report with web assets | | FINDING, TECHNOLOGY, URL, VHOST, VULNERABILITY | | @liquidsec | 2023-02-08 | | websocket | output | No | Output to websockets | | * | | @TheTechromancer | 2022-04-15 | -| cloudcheck | internal | No | Tag events by cloud provider, identify cloud resources like storage buckets | | * | | | | -| dnsresolve | internal | No | | | * | | | | +| cloudcheck | internal | No | Tag events by cloud provider, identify cloud resources like storage buckets | | * | | @TheTechromancer | 2024-07-07 | +| dnsresolve | internal | No | Perform DNS resolution | | * | DNS_NAME, IP_ADDRESS, RAW_DNS_RECORD | @TheTechromancer | 2022-04-08 | | aggregate | internal | No | Summarize statistics at the end of a scan | passive, safe | | | @TheTechromancer | 2022-07-25 | | excavate | internal | No | Passively extract juicy tidbits from scan data | passive | HTTP_RESPONSE, RAW_TEXT | URL_UNVERIFIED, WEB_PARAMETER | @liquidsec | 2022-06-27 | | speculate | internal | No | Derive certain event types from others by common sense | passive | AZURE_TENANT, DNS_NAME, DNS_NAME_UNRESOLVED, HTTP_RESPONSE, IP_ADDRESS, IP_RANGE, SOCIAL, STORAGE_BUCKET, URL, URL_UNVERIFIED, USERNAME | DNS_NAME, FINDING, IP_ADDRESS, OPEN_TCP_PORT, ORG_STUB | @liquidsec | 2022-05-03 | diff --git a/docs/modules/nuclei.md b/docs/modules/nuclei.md index 43231b5c7a..2849cf22f5 100644 --- a/docs/modules/nuclei.md +++ b/docs/modules/nuclei.md @@ -51,7 +51,7 @@ The Nuclei module has many configuration options: | modules.nuclei.silent | bool | Don't display nuclei's banner or status messages | False | | modules.nuclei.tags | str | execute a subset of templates that contain the provided tags | | | modules.nuclei.templates | str | template or template directory paths to include in the scan | | -| modules.nuclei.version | str | nuclei version | 3.3.6 | +| modules.nuclei.version | str | nuclei version | 3.3.7 | Most of these you probably will **NOT** want to change. In particular, we advise against changing the version of Nuclei, as it's possible the latest version won't work right with BBOT. diff --git a/docs/scanning/advanced.md b/docs/scanning/advanced.md index b990598a1a..88f75da5c1 100644 --- a/docs/scanning/advanced.md +++ b/docs/scanning/advanced.md @@ -39,8 +39,8 @@ usage: bbot [-h] [-t TARGET [TARGET ...]] [-w WHITELIST [WHITELIST ...]] [-f FLAG [FLAG ...]] [-lf] [-rf FLAG [FLAG ...]] [-ef FLAG [FLAG ...]] [--allow-deadly] [-n SCAN_NAME] [-v] [-d] [-s] [--force] [-y] [--fast-mode] [--dry-run] - [--current-preset] [--current-preset-full] [-o DIR] - [-om MODULE [MODULE ...]] [--json] [--brief] + [--current-preset] [--current-preset-full] + [-om MODULE [MODULE ...]] [-lo] [-o DIR] [--json] [--brief] [--event-types EVENT_TYPES [EVENT_TYPES ...]] [--no-deps | --force-deps | --retry-deps | --ignore-failed-deps | --install-all-deps] [--version] [--proxy HTTP_PROXY] @@ -100,10 +100,12 @@ Scan: Show the current preset in its full form, including defaults Output: + -om MODULE [MODULE ...], --output-modules MODULE [MODULE ...] + Output module(s). Choices: asset_inventory,csv,discord,emails,http,json,mysql,neo4j,nmap_xml,postgres,python,slack,splunk,sqlite,stdout,subdomains,teams,txt,web_report,websocket + -lo, --list-output-modules + List available output modules -o DIR, --output-dir DIR Directory to output scan results - -om MODULE [MODULE ...], --output-modules MODULE [MODULE ...] - Output module(s). Choices: asset_inventory,csv,discord,emails,http,json,mysql,neo4j,postgres,python,slack,splunk,sqlite,stdout,subdomains,teams,txt,web_report,websocket --json, -j Output scan data in JSON format --brief, -br Output only the data itself --event-types EVENT_TYPES [EVENT_TYPES ...] @@ -149,6 +151,9 @@ EXAMPLES List modules: bbot -l + List output modules: + bbot -lo + List presets: bbot -lp diff --git a/docs/scanning/configuration.md b/docs/scanning/configuration.md index 4ce1a92212..fe6b0fad55 100644 --- a/docs/scanning/configuration.md +++ b/docs/scanning/configuration.md @@ -325,7 +325,7 @@ Many modules accept their own configuration options. These options have the abil | modules.nuclei.silent | bool | Don't display nuclei's banner or status messages | False | | modules.nuclei.tags | str | execute a subset of templates that contain the provided tags | | | modules.nuclei.templates | str | template or template directory paths to include in the scan | | -| modules.nuclei.version | str | nuclei version | 3.3.6 | +| modules.nuclei.version | str | nuclei version | 3.3.7 | | modules.oauth.try_all | bool | Check for OAUTH/IODC on every subdomain and URL. | False | | modules.paramminer_cookies.recycle_words | bool | Attempt to use words found during the scan on all other endpoints | False | | modules.paramminer_cookies.skip_boring_words | bool | Remove commonly uninteresting words from the wordlist | True | @@ -436,7 +436,7 @@ Many modules accept their own configuration options. These options have the abil | modules.trufflehog.config | str | File path or URL to YAML trufflehog config | | | modules.trufflehog.deleted_forks | bool | Scan for deleted github forks. WARNING: This is SLOW. For a smaller repository, this process can take 20 minutes. For a larger repository, it could take hours. | False | | modules.trufflehog.only_verified | bool | Only report credentials that have been verified | True | -| modules.trufflehog.version | str | trufflehog version | 3.84.1 | +| modules.trufflehog.version | str | trufflehog version | 3.84.2 | | modules.urlscan.urls | bool | Emit URLs in addition to DNS_NAMEs | False | | modules.virustotal.api_key | str | VirusTotal API Key | | | modules.wayback.garbage_threshold | int | Dedupe similar urls if they are in a group of this size or higher (lower values == less garbage data) | 10 | diff --git a/docs/scanning/events.md b/docs/scanning/events.md index e837417985..f512ac770d 100644 --- a/docs/scanning/events.md +++ b/docs/scanning/events.md @@ -104,41 +104,41 @@ Below is a full list of event types along with which modules produce/consume the ## List of Event Types -| Event Type | # Consuming Modules | # Producing Modules | Consuming Modules | Producing Modules | -|---------------------|-----------------------|-----------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| * | 18 | 0 | affiliates, cloudcheck, csv, discord, dnsresolve, http, json, mysql, neo4j, postgres, python, slack, splunk, sqlite, stdout, teams, txt, websocket | | -| ASN | 0 | 1 | | asn | -| AZURE_TENANT | 1 | 0 | speculate | | -| CODE_REPOSITORY | 6 | 6 | docker_pull, git_clone, github_workflows, google_playstore, postman_download, trufflehog | code_repository, dockerhub, github_codesearch, github_org, gitlab, postman | -| DNS_NAME | 60 | 43 | anubisdb, asset_inventory, azure_realm, azure_tenant, baddns, baddns_zone, bevigil, binaryedge, bucket_amazon, bucket_azure, bucket_digitalocean, bucket_firebase, bucket_google, bufferoverrun, builtwith, c99, censys, certspotter, chaos, columbus, credshed, crt, dehashed, digitorus, dnsbimi, dnsbrute, dnsbrute_mutations, dnscaa, dnscommonsrv, dnsdumpster, dnstlsrpt, emailformat, fullhunt, github_codesearch, hackertarget, hunterio, internetdb, leakix, myssl, oauth, otx, passivetotal, pgp, portscan, rapiddns, securitytrails, securitytxt, shodan_dns, sitedossier, skymem, speculate, subdomaincenter, subdomainradar, subdomains, trickest, urlscan, viewdns, virustotal, wayback, zoomeye | anubisdb, azure_tenant, bevigil, binaryedge, bufferoverrun, builtwith, c99, censys, certspotter, chaos, columbus, crt, digitorus, dnsbrute, dnsbrute_mutations, dnscaa, dnscommonsrv, dnsdumpster, fullhunt, hackertarget, hunterio, internetdb, leakix, myssl, ntlm, oauth, otx, passivetotal, rapiddns, securitytrails, shodan_dns, sitedossier, speculate, sslcert, subdomaincenter, subdomainradar, trickest, urlscan, vhost, viewdns, virustotal, wayback, zoomeye | -| DNS_NAME_UNRESOLVED | 3 | 0 | baddns, speculate, subdomains | | -| EMAIL_ADDRESS | 1 | 10 | emails | credshed, dehashed, dnscaa, dnstlsrpt, emailformat, hunterio, pgp, securitytxt, skymem, sslcert | -| FILESYSTEM | 3 | 7 | extractous, jadx, trufflehog | apkpure, docker_pull, filedownload, git_clone, github_workflows, jadx, postman_download | -| FINDING | 2 | 29 | asset_inventory, web_report | ajaxpro, baddns, baddns_direct, baddns_zone, badsecrets, bucket_amazon, bucket_azure, bucket_digitalocean, bucket_firebase, bucket_google, bypass403, dastardly, git, gitlab, host_header, hunt, internetdb, newsletters, ntlm, nuclei, paramminer_cookies, paramminer_getparams, secretsdb, smuggler, speculate, telerik, trufflehog, url_manipulation, wpscan | -| GEOLOCATION | 0 | 2 | | ip2location, ipstack | -| HASHED_PASSWORD | 0 | 2 | | credshed, dehashed | -| HTTP_RESPONSE | 19 | 1 | ajaxpro, asset_inventory, badsecrets, dastardly, dotnetnuke, excavate, filedownload, gitlab, host_header, newsletters, ntlm, paramminer_cookies, paramminer_getparams, paramminer_headers, secretsdb, speculate, telerik, wappalyzer, wpscan | httpx | -| IP_ADDRESS | 8 | 3 | asn, asset_inventory, internetdb, ip2location, ipneighbor, ipstack, portscan, speculate | asset_inventory, ipneighbor, speculate | -| IP_RANGE | 2 | 0 | portscan, speculate | | -| MOBILE_APP | 1 | 1 | apkpure | google_playstore | -| OPEN_TCP_PORT | 4 | 4 | asset_inventory, fingerprintx, httpx, sslcert | asset_inventory, internetdb, portscan, speculate | -| ORG_STUB | 4 | 1 | dockerhub, github_org, google_playstore, postman | speculate | -| PASSWORD | 0 | 2 | | credshed, dehashed | -| PROTOCOL | 0 | 1 | | fingerprintx | -| RAW_DNS_RECORD | 0 | 2 | | dnsbimi, dnstlsrpt | -| RAW_TEXT | 1 | 1 | excavate | extractous | -| SOCIAL | 6 | 3 | dockerhub, github_org, gitlab, gowitness, postman, speculate | dockerhub, gitlab, social | -| STORAGE_BUCKET | 8 | 5 | baddns_direct, bucket_amazon, bucket_azure, bucket_digitalocean, bucket_file_enum, bucket_firebase, bucket_google, speculate | bucket_amazon, bucket_azure, bucket_digitalocean, bucket_firebase, bucket_google | -| TECHNOLOGY | 4 | 8 | asset_inventory, gitlab, web_report, wpscan | badsecrets, dotnetnuke, gitlab, gowitness, internetdb, nuclei, wappalyzer, wpscan | -| URL | 20 | 2 | ajaxpro, asset_inventory, baddns_direct, bypass403, ffuf, generic_ssrf, git, gowitness, httpx, iis_shortnames, ntlm, nuclei, robots, smuggler, speculate, telerik, url_manipulation, vhost, wafw00f, web_report | gowitness, httpx | -| URL_HINT | 1 | 1 | ffuf_shortnames | iis_shortnames | -| URL_UNVERIFIED | 6 | 18 | code_repository, filedownload, httpx, oauth, social, speculate | azure_realm, bevigil, bucket_file_enum, dnsbimi, dnscaa, dnstlsrpt, dockerhub, excavate, ffuf, ffuf_shortnames, github_codesearch, gowitness, hunterio, robots, securitytxt, urlscan, wayback, wpscan | -| USERNAME | 1 | 2 | speculate | credshed, dehashed | -| VHOST | 1 | 1 | web_report | vhost | -| VULNERABILITY | 2 | 13 | asset_inventory, web_report | ajaxpro, baddns, baddns_direct, baddns_zone, badsecrets, dastardly, dotnetnuke, generic_ssrf, internetdb, nuclei, telerik, trufflehog, wpscan | -| WAF | 1 | 1 | asset_inventory | wafw00f | -| WEBSCREENSHOT | 0 | 1 | | gowitness | -| WEB_PARAMETER | 4 | 4 | hunt, paramminer_cookies, paramminer_getparams, paramminer_headers | excavate, paramminer_cookies, paramminer_getparams, paramminer_headers | +| Event Type | # Consuming Modules | # Producing Modules | Consuming Modules | Producing Modules | +|---------------------|-----------------------|-----------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| * | 18 | 0 | affiliates, cloudcheck, csv, discord, dnsresolve, http, json, mysql, neo4j, postgres, python, slack, splunk, sqlite, stdout, teams, txt, websocket | | +| ASN | 0 | 1 | | asn | +| AZURE_TENANT | 1 | 0 | speculate | | +| CODE_REPOSITORY | 6 | 6 | docker_pull, git_clone, github_workflows, google_playstore, postman_download, trufflehog | code_repository, dockerhub, github_codesearch, github_org, gitlab, postman | +| DNS_NAME | 61 | 44 | anubisdb, asset_inventory, azure_realm, azure_tenant, baddns, baddns_zone, bevigil, binaryedge, bucket_amazon, bucket_azure, bucket_digitalocean, bucket_firebase, bucket_google, bufferoverrun, builtwith, c99, censys, certspotter, chaos, columbus, credshed, crt, dehashed, digitorus, dnsbimi, dnsbrute, dnsbrute_mutations, dnscaa, dnscommonsrv, dnsdumpster, dnstlsrpt, emailformat, fullhunt, github_codesearch, hackertarget, hunterio, internetdb, leakix, myssl, nmap_xml, oauth, otx, passivetotal, pgp, portscan, rapiddns, securitytrails, securitytxt, shodan_dns, sitedossier, skymem, speculate, subdomaincenter, subdomainradar, subdomains, trickest, urlscan, viewdns, virustotal, wayback, zoomeye | anubisdb, azure_tenant, bevigil, binaryedge, bufferoverrun, builtwith, c99, censys, certspotter, chaos, columbus, crt, digitorus, dnsbrute, dnsbrute_mutations, dnscaa, dnscommonsrv, dnsdumpster, dnsresolve, fullhunt, hackertarget, hunterio, internetdb, leakix, myssl, ntlm, oauth, otx, passivetotal, rapiddns, securitytrails, shodan_dns, sitedossier, speculate, sslcert, subdomaincenter, subdomainradar, trickest, urlscan, vhost, viewdns, virustotal, wayback, zoomeye | +| DNS_NAME_UNRESOLVED | 3 | 0 | baddns, speculate, subdomains | | +| EMAIL_ADDRESS | 1 | 10 | emails | credshed, dehashed, dnscaa, dnstlsrpt, emailformat, hunterio, pgp, securitytxt, skymem, sslcert | +| FILESYSTEM | 3 | 7 | extractous, jadx, trufflehog | apkpure, docker_pull, filedownload, git_clone, github_workflows, jadx, postman_download | +| FINDING | 2 | 29 | asset_inventory, web_report | ajaxpro, baddns, baddns_direct, baddns_zone, badsecrets, bucket_amazon, bucket_azure, bucket_digitalocean, bucket_firebase, bucket_google, bypass403, dastardly, git, gitlab, host_header, hunt, internetdb, newsletters, ntlm, nuclei, paramminer_cookies, paramminer_getparams, secretsdb, smuggler, speculate, telerik, trufflehog, url_manipulation, wpscan | +| GEOLOCATION | 0 | 2 | | ip2location, ipstack | +| HASHED_PASSWORD | 0 | 2 | | credshed, dehashed | +| HTTP_RESPONSE | 20 | 1 | ajaxpro, asset_inventory, badsecrets, dastardly, dotnetnuke, excavate, filedownload, gitlab, host_header, newsletters, nmap_xml, ntlm, paramminer_cookies, paramminer_getparams, paramminer_headers, secretsdb, speculate, telerik, wappalyzer, wpscan | httpx | +| IP_ADDRESS | 9 | 4 | asn, asset_inventory, internetdb, ip2location, ipneighbor, ipstack, nmap_xml, portscan, speculate | asset_inventory, dnsresolve, ipneighbor, speculate | +| IP_RANGE | 2 | 0 | portscan, speculate | | +| MOBILE_APP | 1 | 1 | apkpure | google_playstore | +| OPEN_TCP_PORT | 5 | 4 | asset_inventory, fingerprintx, httpx, nmap_xml, sslcert | asset_inventory, internetdb, portscan, speculate | +| ORG_STUB | 4 | 1 | dockerhub, github_org, google_playstore, postman | speculate | +| PASSWORD | 0 | 2 | | credshed, dehashed | +| PROTOCOL | 1 | 1 | nmap_xml | fingerprintx | +| RAW_DNS_RECORD | 0 | 3 | | dnsbimi, dnsresolve, dnstlsrpt | +| RAW_TEXT | 1 | 1 | excavate | extractous | +| SOCIAL | 6 | 3 | dockerhub, github_org, gitlab, gowitness, postman, speculate | dockerhub, gitlab, social | +| STORAGE_BUCKET | 8 | 5 | baddns_direct, bucket_amazon, bucket_azure, bucket_digitalocean, bucket_file_enum, bucket_firebase, bucket_google, speculate | bucket_amazon, bucket_azure, bucket_digitalocean, bucket_firebase, bucket_google | +| TECHNOLOGY | 4 | 8 | asset_inventory, gitlab, web_report, wpscan | badsecrets, dotnetnuke, gitlab, gowitness, internetdb, nuclei, wappalyzer, wpscan | +| URL | 20 | 2 | ajaxpro, asset_inventory, baddns_direct, bypass403, ffuf, generic_ssrf, git, gowitness, httpx, iis_shortnames, ntlm, nuclei, robots, smuggler, speculate, telerik, url_manipulation, vhost, wafw00f, web_report | gowitness, httpx | +| URL_HINT | 1 | 1 | ffuf_shortnames | iis_shortnames | +| URL_UNVERIFIED | 6 | 18 | code_repository, filedownload, httpx, oauth, social, speculate | azure_realm, bevigil, bucket_file_enum, dnsbimi, dnscaa, dnstlsrpt, dockerhub, excavate, ffuf, ffuf_shortnames, github_codesearch, gowitness, hunterio, robots, securitytxt, urlscan, wayback, wpscan | +| USERNAME | 1 | 2 | speculate | credshed, dehashed | +| VHOST | 1 | 1 | web_report | vhost | +| VULNERABILITY | 2 | 13 | asset_inventory, web_report | ajaxpro, baddns, baddns_direct, baddns_zone, badsecrets, dastardly, dotnetnuke, generic_ssrf, internetdb, nuclei, telerik, trufflehog, wpscan | +| WAF | 1 | 1 | asset_inventory | wafw00f | +| WEBSCREENSHOT | 0 | 1 | | gowitness | +| WEB_PARAMETER | 4 | 4 | hunt, paramminer_cookies, paramminer_getparams, paramminer_headers | excavate, paramminer_cookies, paramminer_getparams, paramminer_headers | ## Findings Vs. Vulnerabilities diff --git a/docs/scanning/presets_list.md b/docs/scanning/presets_list.md index 416e163c52..11407fead5 100644 --- a/docs/scanning/presets_list.md +++ b/docs/scanning/presets_list.md @@ -8,13 +8,13 @@ Run all baddns modules and submodules. ??? note "`baddns-thorough.yml`" ```yaml title="~/.bbot/presets/baddns-thorough.yml" description: Run all baddns modules and submodules. - - + + modules: - baddns - baddns_zone - baddns_direct - + config: modules: baddns: @@ -32,10 +32,10 @@ Enumerate cloud resources such as storage buckets, etc. ??? note "`cloud-enum.yml`" ```yaml title="~/.bbot/presets/cloud-enum.yml" description: Enumerate cloud resources such as storage buckets, etc. - + include: - subdomain-enum - + flags: - cloud-enum ``` @@ -51,7 +51,7 @@ Enumerate Git repositories, Docker images, etc. ??? note "`code-enum.yml`" ```yaml title="~/.bbot/presets/code-enum.yml" description: Enumerate Git repositories, Docker images, etc. - + flags: - code-enum ``` @@ -67,17 +67,17 @@ Recursive web directory brute-force (aggressive) ??? note "`dirbust-heavy.yml`" ```yaml title="~/.bbot/presets/web/dirbust-heavy.yml" description: Recursive web directory brute-force (aggressive) - + include: - spider - + flags: - iis-shortnames - + modules: - ffuf - wayback - + config: modules: iis_shortnames: @@ -118,13 +118,13 @@ Basic web directory brute-force (surface-level directories only) ??? note "`dirbust-light.yml`" ```yaml title="~/.bbot/presets/web/dirbust-light.yml" description: Basic web directory brute-force (surface-level directories only) - + include: - iis-shortnames - + modules: - ffuf - + config: modules: ffuf: @@ -143,11 +143,11 @@ Comprehensive scan for all IIS/.NET specific modules and module settings ??? note "`dotnet-audit.yml`" ```yaml title="~/.bbot/presets/web/dotnet-audit.yml" description: Comprehensive scan for all IIS/.NET specific modules and module settings - - + + include: - iis-shortnames - + modules: - httpx - badsecrets @@ -156,14 +156,13 @@ Comprehensive scan for all IIS/.NET specific modules and module settings - telerik - ajaxpro - dotnetnuke - + config: modules: ffuf: extensions: asp,aspx,ashx,asmx,ascx telerik: exploit_RAU_crypto: True - ``` Category: web @@ -177,10 +176,10 @@ Enumerate email addresses from APIs, web crawling, etc. ??? note "`email-enum.yml`" ```yaml title="~/.bbot/presets/email-enum.yml" description: Enumerate email addresses from APIs, web crawling, etc. - + flags: - email-enum - + output_modules: - emails ``` @@ -196,10 +195,10 @@ Scan only the provided targets as fast as possible - no extra discovery ??? note "`fast.yml`" ```yaml title="~/.bbot/presets/fast.yml" description: Scan only the provided targets as fast as possible - no extra discovery - + exclude_modules: - excavate - + config: # only scan the exact targets specified scope: @@ -224,10 +223,10 @@ Recursively enumerate IIS shortnames ??? note "`iis-shortnames.yml`" ```yaml title="~/.bbot/presets/web/iis-shortnames.yml" description: Recursively enumerate IIS shortnames - + flags: - iis-shortnames - + config: modules: iis_shortnames: @@ -246,7 +245,7 @@ Everything everywhere all at once ??? note "`kitchen-sink.yml`" ```yaml title="~/.bbot/presets/kitchen-sink.yml" description: Everything everywhere all at once - + include: - subdomain-enum - cloud-enum @@ -258,13 +257,11 @@ Everything everywhere all at once - dirbust-light - web-screenshots - baddns-thorough - + config: modules: baddns: enable_references: True - - ``` @@ -278,13 +275,13 @@ Discover new web parameters via brute-force ??? note "`paramminer.yml`" ```yaml title="~/.bbot/presets/web/paramminer.yml" description: Discover new web parameters via brute-force - + flags: - web-paramminer - + modules: - httpx - + config: web: spider_distance: 1 @@ -302,14 +299,14 @@ Recursive web spider ??? note "`spider.yml`" ```yaml title="~/.bbot/presets/spider.yml" description: Recursive web spider - + modules: - httpx - + blacklist: # Prevent spider from invalidating sessions by logging out - "RE:/.*(sign|log)[_-]?out" - + config: web: # how many links to follow in a row @@ -331,15 +328,15 @@ Enumerate subdomains via APIs, brute-force ??? note "`subdomain-enum.yml`" ```yaml title="~/.bbot/presets/subdomain-enum.yml" description: Enumerate subdomains via APIs, brute-force - + flags: # enable every module with the subdomain-enum flag - subdomain-enum - + output_modules: # output unique subdomains to TXT file - subdomains - + config: dns: threads: 25 @@ -365,10 +362,10 @@ Quick web scan ??? note "`web-basic.yml`" ```yaml title="~/.bbot/presets/web-basic.yml" description: Quick web scan - + include: - iis-shortnames - + flags: - web-basic ``` @@ -384,10 +381,10 @@ Take screenshots of webpages ??? note "`web-screenshots.yml`" ```yaml title="~/.bbot/presets/web-screenshots.yml" description: Take screenshots of webpages - + flags: - web-screenshots - + config: modules: gowitness: @@ -410,11 +407,11 @@ Aggressive web scan ??? note "`web-thorough.yml`" ```yaml title="~/.bbot/presets/web-thorough.yml" description: Aggressive web scan - + include: # include the web-basic preset - web-basic - + flags: - web-thorough ```