Paul Mueller

icon company Black Lantern Security, LLC

Results 88 comments of Paul Mueller

BBOT 2.0 URL Excavation TODOs

As far as the first point, we've discussed this some offline, but i'll summarize a few points for consideration: 1. There is very little overlap, really only one YARA rule...

BBOT 2.0 URL Excavation TODOs

closing since only remaining checkbox has a separate issue already

Excavate: error sanitizing URLs

fixed with https://github.com/blacklanternsecurity/bbot/pull/2104

Lots of duplicate _wildcard domains from excavate

Observing the same behavior for this one: ``` [DNS_NAME] _wildcard.csinet.ca crt (a-record, a-wildcard, cloud-amazon, in-scope, ns-record, ns-wildcard, soa-record, soa-wildcard, subdomain, wildcard) ```

Rustification - Web Library

merging with https://github.com/blacklanternsecurity/bbot/issues/1569

Extractous Error

@domwhewell-sage

Add legba module for bruteforcing various services

> Saw that you are in the process of deprecate `vulnerability` events in favor of `finding` events [here](https://github.com/blacklanternsecurity/bbot/pull/2620). Changed code accordingly. Even if `severity` and `confidence` are not yet supported...

Remove Whitelist - Replace with Target and Seeds / allow Target Seeds distance-1

Easy to reproduce example: ``` poetry run bbot -m dnsbrute -t blacklanternsecurity.com -w 172.64.151.232 104.18.36.24 ``` The IPs are for blog.blacklanternsecurity.com. It does not find it. Finds it with: ```...

Remove Whitelist - Replace with Target and Seeds / allow Target Seeds distance-1

Im gonna update this issue to reflect the agreed upon solution

Errors thrown for non-HTTP URLs

What do we expect here? Do we want to actually emit these or discard?