Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dev --> Stable (2.1.0) #1724

Open
wants to merge 116 commits into
base: stable
Choose a base branch
from
Open

Dev --> Stable (2.1.0) #1724

wants to merge 116 commits into from

Conversation

TheTechromancer
Copy link
Collaborator

@TheTechromancer TheTechromancer commented Aug 30, 2024
edited
Loading

BREAKING CHANGES

  • Events now have a two new attributes: uuid and parent_uuid. Unlike id, which is a hash of the event type + its data, uuid is a universally unique value which is different for every event.
    • This is useful for situations like ASM where there are lots of identical events, and we need to track parents precisely.
  • event.parent_chain is now made up of these UUIDs.

New Modules

Improvements

Bugfixes

colin-stubbs and others added 18 commits August 4, 2024 11:30
@colin-stubbs
initial commit for securitytxt module
84583b3
@colin-stubbs
Remove unnecessary distance modifier adjustment
12a4287
small error-handling / speed improvement
ab70dbd
@TheTechromancer
Merge branch 'dev' into securitytxt
41a1fed
@TheTechromancer
Merge branch 'dev' into securitytxt
3c0e9fc
@TheTechromancer
Merge branch 'dev' into securitytxt
e9d2b74
separate discovery_context <-> parent_chain
3a4b7ce
blacked
a648b1c
fix csv
4af877d
fix json tests
3d74ac5
@colin-stubbs
Merge branch 'dev' into securitytxt
beb48a8
clean commit
1a6918b
WIP DNS optimizations
5c5f2f6
more DNS WIP
d3ad8fe
bugfixing
be70ae3
@colin-stubbs
Merge pull request #3 from blacklanternsecurity/securitytxt-scope-tweak
63caba6 
Securitytxt - use builtin search distance
@TheTechromancer
Merge pull request #1670 from blacklanternsecurity/event-json-format
348c6a5 
Elastic-friendly Event JSON
@TheTechromancer
Merge pull request #1628 from colin-stubbs/securitytxt
bac9442 
Address #1622, add securitytxt module
@codecov Codecov
Copy link

codecov bot commented Aug 30, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 89.78166% with 117 lines in your changes missing coverage. Please review.

Project coverage is 93%. Comparing base (b169b14) to head (074cfa1).

Files with missing lines Patch % Lines
bbot/core/helpers/depsinstaller/sudo_askpass.py 0% 29 Missing ⚠️
bbot/modules/postman_download.py 83% 26 Missing ⚠️
bbot/core/helpers/depsinstaller/installer.py 55% 19 Missing ⚠️
bbot/modules/postman.py 63% 13 Missing ⚠️
bbot/modules/output/teams.py 80% 12 Missing ⚠️
bbot/core/helpers/dns/engine.py 96% 5 Missing ⚠️
bbot/modules/internal/dnsresolve.py 98% 4 Missing ⚠️
bbot/modules/internal/excavate.py 43% 4 Missing ⚠️
bbot/modules/securitytxt.py 92% 4 Missing ⚠️
bbot/core/helpers/dns/brute.py 91% 1 Missing ⚠️
Additional details and impacted files 
@@           Coverage Diff           @@
##           stable   #1724    +/-   ##
=======================================
+ Coverage      93%     93%    +1%     
=======================================
  Files         341     346     +5     
  Lines       26096   26674   +578     
=======================================
+ Hits        24042   24579   +537     
- Misses       2054    2095    +41

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

github-actions and others added 11 commits August 30, 2024 17:30
more WIP dns rework
ead400b
fix tests
5047deb
remove hugeinfo
485d827
fix stats tests
910980e
more work on tests
05e3918
more work on tests
0c3587a
fix download error
02b65dd
prevent subdomain enum modules from touching wildcard-suspicious domains
98b1253
make sure system nameservers are excluded from use by DNS brute force
dd70fa1
@dependabot
Bump mkdocstrings from 0.25.1 to 0.26.0
e389d40 
Bumps [mkdocstrings](https://github.com/mkdocstrings/mkdocstrings) from 0.25.1 to 0.26.0.
- [Release notes](https://github.com/mkdocstrings/mkdocstrings/releases)
- [Changelog](https://github.com/mkdocstrings/mkdocstrings/blob/main/CHANGELOG.md)
- [Commits](mkdocstrings/mkdocstrings@0.25.1...0.26.0)

---
updated-dependencies:
- dependency-name: mkdocstrings
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump cloudcheck from 5.0.1.515 to 5.0.1.537
f33c2e7 
Bumps [cloudcheck](https://github.com/blacklanternsecurity/cloudcheck) from 5.0.1.515 to 5.0.1.537.
- [Commits](https://github.com/blacklanternsecurity/cloudcheck/commits)

---
updated-dependencies:
- dependency-name: cloudcheck
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
github-actions and others added 27 commits September 9, 2024 10:09
update eventjson order
ef55df4
@TheTechromancer
Merge pull request #1754 from domwhewell-sage/postman-module-changes
cd76c8a 
Rework postman module to raise code repository events
fix json tests
8b1c094
@TheTechromancer
Merge pull request #1750 from domwhewell-sage/wpscan_speedup
2f3ea2d 
Change the wpscan defaults
flaked
ba3fab0
@TheTechromancer
Merge pull request #1752 from blacklanternsecurity/event-uuids
4a06dc9 
Event UUIDs
fix neo4j warning
b9b57d0
@liquidsec
fixing excavate hostname rule bug, tests, happy little accidents
03d4e54
@TheTechromancer
Merge pull request #1768 from blacklanternsecurity/excavate-bug
3df0cde 
Fix yara rule hostname generation bug
@TheTechromancer
Merge pull request #1765 from blacklanternsecurity/update-neo4j
47c338a 
Fix Neo4j deprecation warning
@web-flow
Update trufflehog
d6d0392
@TheTechromancer
Merge pull request #1769 from blacklanternsecurity/update-trufflehog
c30f1b6 
Update trufflehog to 3.82.1
@web-flow
Update trufflehog
ebcfc40
@TheTechromancer
Merge pull request #1770 from blacklanternsecurity/update-trufflehog
54b9eee 
Update trufflehog to 3.82.2
@dependabot
Bump poetry-dynamic-versioning from 1.2.0 to 1.4.1
2eb5207 
Bumps [poetry-dynamic-versioning](https://github.com/mtkennerly/poetry-dynamic-versioning) from 1.2.0 to 1.4.1.
- [Release notes](https://github.com/mtkennerly/poetry-dynamic-versioning/releases)
- [Changelog](https://github.com/mtkennerly/poetry-dynamic-versioning/blob/master/CHANGELOG.md)
- [Commits](mtkennerly/poetry-dynamic-versioning@v1.2.0...v1.4.1)

---
updated-dependencies:
- dependency-name: poetry-dynamic-versioning
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump pytest from 8.3.2 to 8.3.3
dde291e 
Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.3.2 to 8.3.3.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@8.3.2...8.3.3)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump regex from 2024.7.24 to 2024.9.11
0138dd6 
Bumps [regex](https://github.com/mrabarnett/mrab-regex) from 2024.7.24 to 2024.9.11.
- [Changelog](https://github.com/mrabarnett/mrab-regex/blob/hg/changelog.txt)
- [Commits](mrabarnett/mrab-regex@2024.7.24...2024.9.11)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump idna from 3.8 to 3.10
0338e7f 
Bumps [idna](https://github.com/kjd/idna) from 3.8 to 3.10.
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v3.8...v3.10)

---
updated-dependencies:
- dependency-name: idna
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump pydantic from 2.9.0 to 2.9.1
3f5cf30 
Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.9.0 to 2.9.1.
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](pydantic/pydantic@v2.9.0...v2.9.1)

---
updated-dependencies:
- dependency-name: pydantic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@TheTechromancer
Merge pull request #1772 from blacklanternsecurity/dependabot/pip/dev…
dc79b31 
…/poetry-dynamic-versioning-1.4.1

Bump poetry-dynamic-versioning from 1.2.0 to 1.4.1
@TheTechromancer
Merge pull request #1773 from blacklanternsecurity/dependabot/pip/dev…
cc476a3 
…/pytest-8.3.3

Bump pytest from 8.3.2 to 8.3.3
@TheTechromancer
Merge pull request #1774 from blacklanternsecurity/dependabot/pip/dev…
daa9955 
…/regex-2024.9.11

Bump regex from 2024.7.24 to 2024.9.11
@TheTechromancer
Merge pull request #1776 from blacklanternsecurity/dependabot/pip/dev…
d07fa56 
…/idna-3.10

Bump idna from 3.8 to 3.10
@TheTechromancer
Merge pull request #1777 from blacklanternsecurity/dependabot/pip/dev…
023ae04 
…/pydantic-2.9.1

Bump pydantic from 2.9.0 to 2.9.1
@domwhewell-sage
Add a new module to download postman workspaces
b1bed05
@domwhewell-sage
Add a description for the api_key
e19416d
@TheTechromancer
Merge pull request #1782 from domwhewell-sage/postman_download_module
074cfa1 
New Module: Download Postman Workspaces
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
BBOT 2.1.0 - sudden_teresa
Development

Successfully merging this pull request may close these issues.
7 participants
@TheTechromancer @colin-stubbs @domwhewell-sage @blsaccess @dogancanbakir @liquidsec @web-flow