Bbot

This project is an open-source intelligence reconnaissance framework and recursive attack surface mapper. It functions as a containerized security scanner designed to map public-facing infrastructure, perform subdomain enumeration, and automate the gathering of open-source intelligence.

The system employs a recursive discovery engine to iteratively explore target infrastructure, utilizing a plugin-based module architecture to extend scanning capabilities. It integrates third-party APIs for data enrichment and applies YARA rules across discovered assets to identify specific vulnerability patterns.

The framework covers a broad range of reconnaissance activities, including web application scanning, email address enumeration, and public infrastructure mapping. It maintains a state-persistent asset inventory and provides capabilities for web screenshot capture, parameter extraction, and real-time event streaming.

Data is managed through an event-driven pipeline that supports external data export to databases and logging platforms, as well as notification delivery via webhooks to chat platforms.

Features

Recursive Discovery Engines - Iteratively maps target infrastructure by feeding discovered assets back into the scanning queue.

Attack Surface Management - Provides a platform for discovering, inventorying, and monitoring internet-facing assets to maintain visibility into the external security posture.

Reconnaissance and OSINT - Automates the gathering of intelligence and mapping of attack surfaces through recursive scanning and APIs.

Asset Inventory Management - Maintains a state-persistent database of discovered hosts and metadata to prevent redundant scanning.

Event-Driven Data Pipelines - Streams discovery findings as JSON events through a pipeline for real-time processing and export.

OSINT Automation Frameworks - Offers a framework for automating intelligence gathering from public data sources and third-party APIs.

Scan Configurations - Allows users to define reconnaissance boundaries using DNS names, IP ranges, and email addresses.

Infrastructure Scanning - Scans internet infrastructure recursively to discover and index all public-facing assets associated with a target.

Attack Surface Mappers - Identifies and catalogs internet-facing infrastructure through recursive DNS discovery and scanning.

Intelligence Enrichment - Combines discovery results with external intelligence by calling third-party reconnaissance provider APIs.

Attack Surface Mapping - Crawls DNS names, IP ranges, and organizations to discover all reachable public-facing infrastructure.

Subdomain Enumeration Tools - Implements utilities for generating and discovering subdomains to expand the attack surface during security assessments.

Plugin-Based Architectures - Extends scanning capabilities via a modular architecture that loads independent reconnaissance plugins.

Containerized Security Environments - Provides a pre-configured containerized environment for consistent deployment of security scanning and reconnaissance tools.

Parameter Discovery - Captures web parameters during discovery and saves them for use in brute-forcing activities.

Subdomain Discovery - Maps a domain footprint by combining passive API sources with DNS brute-forcing and name mutations.

Application Discovery - Crawls web assets to find hidden directories, parameters, and vulnerabilities while capturing visual snapshots.

Web Vulnerability Scanning - Identifies vulnerabilities and hidden content using recursive spidering, directory busting, and parameter mining.

YARA Rule Execution - Applies custom YARA signatures across the discovered attack surface to identify specific patterns or vulnerabilities.

Programmatic Scanning APIs - Provides synchronous and asynchronous Python interfaces to programmatically execute scans and consume events.

Containerized Deployments - Supports packaging the environment into portable images to ensure consistent deployment across hosts.

Containerized Environments - Packages the scanner and its dependencies into portable container images for consistent execution.

YARA-Based Scanning - Applies YARA rules across a discovered attack surface to find specific security patterns.

Third-Party Integrations - Orchestrates multiple third-party intelligence providers using non-blocking asynchronous requests.

Pattern-Based Detection - Applies YARA rules to scan the discovered attack surface for specific files, patterns, or known software vulnerabilities.

Web Asset Probing - Performs automated connectivity checks and offensive probing of web services to document the attack surface.

Visual Snapshot Capture - Generates visual snapshots of discovered web assets to facilitate rapid triage of the attack surface.

OSINT Frameworks - Automation framework for reconnaissance and intelligence gathering.

Reconnaissance - Recursive internet scanning for bug bounty and penetration testing.

Reconnaissance Tools - Recursive internet scanning for bug bounty and pentesting.

Subdomain Enumeration - Recursive internet scanner for security research.

blacklanternsecuritybbot

Features

Star history