Skip to content

BBOT 3.0 - blazed_elijah#2007

Open
TheTechromancer wants to merge 311 commits intodevfrom
3.0
Open

BBOT 3.0 - blazed_elijah#2007
TheTechromancer wants to merge 311 commits intodevfrom
3.0

Conversation

@TheTechromancer
Copy link
Collaborator

@TheTechromancer TheTechromancer commented Nov 22, 2024
edited
Loading

Summary

BBOT 3.0 "blazed_elijah" contains changes needed to store BBOT data in a persistent database. The idea is to release it alongside BBOT server, a tiny CLI-only database. This will be paired with a series of blog posts showing how BBOT server can be used on the command line to script out bug bounty hunting, threat intel, and ASM (i.e. running scheduled scans, exporting to CSV, diffing results over time, etc.).

Together, BBOT 3.0 and BBOT server will give us a solid foundation to build a bunch of other useful tooling, like asset inventory. Sometime in the future, it may also be useful to frontend.

Breaking changes

1. .data and .data_json event fields

The main breaking change in BBOT 3.0 is that the name of the .data field is different based on whether it's a str or dict.

  • .data: string
  • .data_json: dictionary

The siem_friendly option has been removed, since BBOT data is now SIEM-friendly by default.

2. Changes to vulnerabilities

The VULNERABILITY event type has been removed in favor of FINDING, which now has several improvements:

  • A name field which holds a generic description common to all findings of the same type. This makes it easier to collapse and categorize them.
  • A confidence field
  • A severity field

Features

Potential changes

@TheTechromancer TheTechromancer changed the base branch from stable to dev November 22, 2024 01:58
@TheTechromancer TheTechromancer self-assigned this Nov 22, 2024
@codecov
Copy link

codecov bot commented Nov 22, 2024
edited
Loading

Codecov Report

❌ Patch coverage is 92.43441% with 124 lines in your changes missing coverage. Please review.
✅ Project coverage is 92%. Comparing base (a62462b) to head (86fb46d).
⚠️ Report is 2 commits behind head on dev.

Files with missing lines Patch % Lines
bbot/modules/base.py 62% 13 Missing ⚠️
bbot/modules/kreuzberg.py 46% 13 Missing ⚠️
bbot/constants.py 71% 11 Missing ⚠️
bbot/scanner/scanner.py 87% 11 Missing ⚠️
bbot/core/helpers/depsinstaller/installer.py 62% 10 Missing ⚠️
bbot/modules/output/nats.py 80% 7 Missing ⚠️
bbot/core/event/base.py 88% 6 Missing ⚠️
bbot/models/pydantic.py 94% 6 Missing ⚠️
bbot/modules/output/mongo.py 90% 6 Missing ⚠️
bbot/modules/internal/excavate.py 80% 5 Missing ⚠️
... and 15 more
Additional details and impacted files 
@@          Coverage Diff           @@
##             dev   #2007    +/-   ##
======================================
+ Coverage     92%     92%    +1%     
======================================
  Files        416     434    +18     
  Lines      34690   35501   +811     
======================================
+ Hits       31653   32399   +746     
- Misses      3037    3102    +65

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

TheTechromancer and others added 18 commits February 17, 2026 15:45
@liquidsec liquidsec mentioned this pull request Feb 26, 2026
Closed
@github-actions
Copy link
Contributor

github-actions bot commented Feb 27, 2026
edited
Loading

📊 Performance Benchmark Report

Comparing dev (baseline) vs 3.0 (current)

📈 Detailed Results (All Benchmarks)

📋 Complete results for all benchmarks - includes both significant and insignificant changes

🧪 Test Name 📏 Base 📏 Current 📈 Change 🎯 Status
Bloom Filter Dns Mutation Tracking Performance 4.13ms 4.19ms +1.4%
Bloom Filter Large Scale Dns Brute Force 17.17ms 17.30ms +0.7%
Large Closest Match Lookup 354.70ms 351.73ms -0.8%
Realistic Closest Match Workload 192.38ms 191.28ms -0.6%
Event Validation Full Scan Startup Small Batch 476.93ms 502.06ms +5.3%
Event Validation Full Scan Startup Large Batch 812.48ms 907.30ms +11.7% 🟡🟡 ⚠️
Make Event Autodetection Small 31.07ms 30.35ms -2.3%
Make Event Autodetection Large 313.59ms 311.28ms -0.7%
Make Event Explicit Types 13.82ms 13.76ms -0.5%
Excavate Single Thread Small 3.990s 4.038s +1.2%
Excavate Single Thread Large 9.625s 9.654s +0.3%
Excavate Parallel Tasks Small 4.167s 4.180s +0.3%
Excavate Parallel Tasks Large 7.250s 7.261s +0.2%
Is Ip Performance 3.16ms 3.17ms +0.3%
Make Ip Type Performance 11.42ms 11.35ms -0.6%
Mixed Ip Operations 4.44ms 4.50ms +1.2%
Typical Queue Shuffle 61.58µs 62.20µs +1.0%
Priority Queue Shuffle 706.65µs 706.48µs -0.0%

🎯 Performance Summary

! 1 regression ⚠️
  17 unchanged ✅

🔍 Significant Changes (>10%)

  • Event Validation Full Scan Startup Large Batch: 11.7% 🐌 slower

🐍 Python Version 3.11.14

@liquidsec
Fix install_core_deps running ansible on every test invocation
5537ce4 
openssl_dev_headers is not a real binary, so which() always fails,
causing the full ansible playbook + ansible-galaxy collection install
to run every time (~15s). Added _core_dep_satisfied() to check for
the actual header file instead. Also deferred ansible/tldextract/sudo
setup to only run when there's actually something to install.

Reduces single module test time from ~17s to ~2s.
@liquidsec
fix benchmark report: uv.lock conflict, duplicate comments, broken fo…
2a3900d 
…rmatting

- git clean before branch checkout to prevent uv.lock conflicts when
  switching between Poetry/UV branches
- refactor comment posting so both success and failure paths search for
  existing comments before creating new ones
- fix fallback message using template literal instead of .join('\\n')
  which produced literal \n characters instead of newlines
@liquidsec
fix lint: remove extraneous f-string prefix
081586d
@liquidsec
Merge pull request #2932 from blacklanternsecurity/fix-benchmarks-3-0
5098cef 
Fix benchmark report: uv.lock conflict, duplicate comments, broken formatting
@liquidsec
Merge pull request #2931 from blacklanternsecurity/fix-core-deps-cache
38d90f2 
Fix install_core_deps running ansible on every test invocation
@liquidsec
Fix community.general collection install skipped when core deps alrea…
86fb46d 
…dy satisfied
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@liquidsec liquidsec liquidsec approved these changes

At least 1 approving review is required to merge this pull request.

Assignees

@TheTechromancer TheTechromancer

Labels

None yet

Projects

None yet

Milestone

BBOT 3.0 - blazed_elijah

Development

Successfully merging this pull request may close these issues.

2 participants

@TheTechromancer @liquidsec