Skip to content

BBOT 3.0 - blazed_elijah #2007

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 214 commits into
base: dev
Choose a base branch
from
Open

BBOT 3.0 - blazed_elijah #2007

wants to merge 214 commits into from

Conversation

@TheTechromancer
Copy link
Collaborator

@TheTechromancer TheTechromancer commented Nov 22, 2024
edited
Loading

Summary

BBOT 3.0 "blazed_elijah" contains changes needed to store BBOT data in a persistent database. The idea is to release it alongside BBOT server, a tiny CLI-only database. This will be paired with a series of blog posts showing how BBOT server can be used on the command line to script out bug bounty hunting, threat intel, and ASM (i.e. running scheduled scans, exporting to CSV, diffing results over time, etc.).

Together, BBOT 3.0 and BBOT server will give us a solid foundation to build a bunch of other useful tooling, like asset inventory. Sometime in the future, it may also be useful to frontend.

Breaking changes

1. .data and .data_json event fields

The main breaking change in BBOT 3.0 is that the name of the .data field is different based on whether it's a str or dict.

  • .data: string
  • .data_json: dictionary

The siem_friendly option has been removed, since BBOT data is now SIEM-friendly by default.

2. Changes to vulnerabilities

The VULNERABILITY event type has been removed in favor of FINDING, which now has several improvements:

  • A name field which holds a generic description common to all findings of the same type. This makes it easier to collapse and categorize them.
  • A confidence field
  • A severity field

Features

Potential changes

@TheTechromancer TheTechromancer changed the base branch from stable to dev November 22, 2024 01:58
@TheTechromancer TheTechromancer self-assigned this Nov 22, 2024
@codecov
Copy link

codecov bot commented Nov 22, 2024
edited
Loading

Codecov Report

❌ Patch coverage is 91.46341% with 98 lines in your changes missing coverage. Please review.
✅ Project coverage is 92%. Comparing base (09d018c) to head (8baab1d).
⚠️ Report is 2 commits behind head on dev.

Files with missing lines Patch % Lines
bbot/modules/base.py 37% 14 Missing ⚠️
bbot/constants.py 71% 11 Missing ⚠️
bbot/scanner/scanner.py 85% 11 Missing ⚠️
bbot/modules/output/nats.py 80% 7 Missing ⚠️
bbot/models/pydantic.py 94% 6 Missing ⚠️
bbot/modules/output/mongo.py 90% 6 Missing ⚠️
bbot/core/event/base.py 89% 5 Missing ⚠️
bbot/modules/internal/excavate.py 80% 5 Missing ⚠️
bbot/core/config/logger.py 20% 4 Missing ⚠️
bbot/modules/output/zeromq.py 88% 4 Missing ⚠️
... and 11 more
Additional details and impacted files 
@@          Coverage Diff           @@
##             dev   #2007    +/-   ##
======================================
+ Coverage     92%     92%    +1%     
======================================
  Files        410     426    +16     
  Lines      33826   34525   +699     
======================================
+ Hits       30851   31492   +641     
- Misses      2975    3033    +58

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@github-actions
Copy link
Contributor

github-actions bot commented Oct 1, 2025
edited
Loading

📊 Performance Benchmark Report

Comparing dev (baseline) vs 3.0 (current)

📈 Detailed Results (All Benchmarks)

📋 Complete results for all benchmarks - includes both significant and insignificant changes

🧪 Test Name 📏 Base 📏 Current 📈 Change 🎯 Status
Bloom Filter Dns Mutation Tracking Performance 4.17ms 4.21ms +0.9%
Bloom Filter Large Scale Dns Brute Force 17.73ms 17.75ms +0.1%
Large Closest Match Lookup 357.41ms 349.38ms -2.2%
Realistic Closest Match Workload 193.69ms 190.06ms -1.9%
Event Validation Full Scan Startup Small Batch 444.90ms 464.41ms +4.4%
Event Validation Full Scan Startup Large Batch 798.01ms 806.52ms +1.1%
Make Event Autodetection Small 31.48ms 30.64ms -2.7%
Make Event Autodetection Large 317.96ms 314.98ms -0.9%
Make Event Explicit Types 14.09ms 13.81ms -2.0%
Excavate Single Thread Small 4.009s 4.040s +0.8%
Excavate Single Thread Large 9.478s 9.408s -0.7%
Excavate Parallel Tasks Small 4.224s 4.215s -0.2%
Excavate Parallel Tasks Large 7.116s 7.127s +0.2%
Is Ip Performance 3.20ms 3.19ms -0.4%
Make Ip Type Performance 11.48ms 11.71ms +2.0%
Mixed Ip Operations 4.60ms 4.49ms -2.4%
Typical Queue Shuffle 62.69µs 63.80µs +1.8%
Priority Queue Shuffle 706.39µs 720.84µs +2.0%

🎯 Performance Summary

No significant performance changes detected (all changes <10%)

🐍 Python Version 3.11.14

@liquidsec
Copy link
Collaborator

liquidsec commented Oct 30, 2025

@TheTechromancer we should now add to the list of breaking changes, the removal of vulnerability event type and the addition of severity and confidence as attributes on finding types

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@liquidsec liquidsec Awaiting requested review from liquidsec

At least 1 approving review is required to merge this pull request.

Assignees

@TheTechromancer TheTechromancer

Labels

None yet

Projects

None yet

Milestone

BBOT 3.0 - blazed_elijah

Development

Successfully merging this pull request may close these issues.

3 participants

@TheTechromancer @liquidsec