Friend
Professional
- Messages
- 2,671
- Reaction score
- 1,104
- Points
- 113
YARA integration and optimization of DNS / HTTP engines significantly improved the tool's performance.
On the eve of the DEF CON 32 conference, a new release of BBOT 2.0 was presented, which promises to significantly simplify the use of the tool and speed up the scanning process. BBOT (Bighuge BLS OSINT Tool) has become known for its ability to find more subdomains than any other similar tool. Today, it has already reached 400 thousand downloads, which underlines its relevance and popularity among users, especially in the field of vulnerability search.
BBOT was developed two years ago. The main purpose of its creation is to help you find vulnerabilities, which is especially important in the field of bug bounty. The community actively supports the development of BBOT by contributing to the development of new modules and features. As a result, the number of commits in the project repository exceeded 4000, which is even more than that of its predecessor Spiderfoot, which was developed for ten years.
The main innovations in BBOT 2.0 include three key features: Presets, a DNS vulnerability detection tool called BadDNS, and speed optimization.
To use presets, just run the bbot-p command, where -p indicates the desired preset. Users can also create their own custom configurations that include multiple presets at the same time.
BadDNS is integrated into BBOT 2.0 and has become an important part of the updated tool. This module provides users with the ability not only to find vulnerabilities, but also to analyze their nature, which is especially useful for security professionals.
Source
On the eve of the DEF CON 32 conference, a new release of BBOT 2.0 was presented, which promises to significantly simplify the use of the tool and speed up the scanning process. BBOT (Bighuge BLS OSINT Tool) has become known for its ability to find more subdomains than any other similar tool. Today, it has already reached 400 thousand downloads, which underlines its relevance and popularity among users, especially in the field of vulnerability search.
BBOT was developed two years ago. The main purpose of its creation is to help you find vulnerabilities, which is especially important in the field of bug bounty. The community actively supports the development of BBOT by contributing to the development of new modules and features. As a result, the number of commits in the project repository exceeded 4000, which is even more than that of its predecessor Spiderfoot, which was developed for ten years.
The main innovations in BBOT 2.0 include three key features: Presets, a DNS vulnerability detection tool called BadDNS, and speed optimization.
Presets
One of the main innovations in BBOT 2.0 is the preset function. It allows users to save the entire scan configuration in a single YAML file, which greatly simplifies the process of working with the tool. In previous versions, BBOT was highly customizable, which, on the one hand, gave ample opportunities, but on the other hand, complicated the process of creating commands. Now you can easily and quickly run the necessary scans using presets, combining various settings and modules.To use presets, just run the bbot-p command, where -p indicates the desired preset. Users can also create their own custom configurations that include multiple presets at the same time.
BadDNS
The BadDNS tool, created by the developer under the pseudonym @paulmmueller, replaces the old subdomain_hijack module and significantly expands the capabilities of BBOT in detecting DNS vulnerabilities. It can be used to detect various vulnerabilities, including dangerous records that can cause hacking.BadDNS is integrated into BBOT 2.0 and has become an important part of the updated tool. This module provides users with the ability not only to find vulnerabilities, but also to analyze their nature, which is especially useful for security professionals.
Speed optimization
Other key improvements to BBOT 2.0 include numerous optimizations that make scanning almost 10 times faster than the previous version. The main acceleration of the tool was achieved by integrating YARA and updated engines for processing DNS and HTTP requests.YARA Integration
Initially, BBOT used the standard Python library for working with regular expressions, which slowed down the scanning process. In version 2.0, the excavate module was completely redesigned and now uses YARA, which gave a significant increase in speed. YARA also allows you to add custom rules, which makes the tool even more flexible and powerful.New DNS / HTTP engines
Early versions of BBOT used asyncio, which provided stability and performance. However, as the volume of requests increased, asyncio was found to reach its maximum throughput on a single CPU core. To solve this problem, BBOT 2.0 introduced optimizations that allocate separate processes for working with DNS and HTTP, which significantly increases the speed of request processing.Source
