You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description
Which feature would you like to see added to BBOT? What are its use cases?
A Content Search Module would be used to identify specific strings of data within scanned websites. Ideally this would be used by passing a REGEX query to the module to identify the content.
The ideal output would either be a specified event type or a to tag with a specified value.
There should also be a means for the module to accept multiple REGEX queries paired with the preferred output for that REGEX match.
The text was updated successfully, but these errors were encountered:
[FINDING] {"description": "A match was found using the custom regex ['pwd:\s(.*)']", "host": "blah.test.com", "url": "http://blah.test.com/"} httpx->content_search (in-scope, custom_tag)
@liquidsec is already hard at work on this in bbot-2.0. Excavate is getting a complete rework using Yara, which will allow us to scale up these kinds of regex searches to a much bigger scale, including searching text extracted from @domwhewell-sage's unstructured module.
A side effect of this new excavate rewrite will hopefully be the ability to load custom Yara rules, which will fulfill the need for a content search module.
Description
Which feature would you like to see added to BBOT? What are its use cases?
A Content Search Module would be used to identify specific strings of data within scanned websites. Ideally this would be used by passing a REGEX query to the module to identify the content.
The ideal output would either be a specified event type or a to tag with a specified value.
There should also be a means for the module to accept multiple REGEX queries paired with the preferred output for that REGEX match.
The text was updated successfully, but these errors were encountered: