Skip to content

Added trajan module#2966

Open
N7WEra wants to merge 1 commit intoblacklanternsecurity:stablefrom
N7WEra:stable
Open

Added trajan module#2966
N7WEra wants to merge 1 commit intoblacklanternsecurity:stablefrom
N7WEra:stable

Conversation

@N7WEra
Copy link

@N7WEra N7WEra commented Mar 11, 2026

added module for trajan (https://github.com/praetorian-inc/trajan)

example:

$ bbot -t https://github.com/praetorian-inc/trajan -m trajan -c modules.trajan.github_token=github_pat_1REDACTED -y
  ______  _____   ____ _______
 |  ___ \|  __ \ / __ \__   __|
 | |___) | |__) | |  | | | |
 |  ___ <|  __ <| |  | | | |
 | |___) | |__) | |__| | | |
 |______/|_____/ \____/  |_|
 BIGHUGE BLS OSINT TOOL 0.0.0

www.blacklanternsecurity.com/bbot

[INFO] Scan seeded with 1 seed(s) (1 in target)
[INFO] Loaded 1/1 scan modules (trajan)
[INFO] Loaded 6/6 internal modules (aggregate,cloudcheck,dnsresolve,excavate,speculate,unarchive)
[INFO] Loaded 5/5 output modules, (csv,json,python,stdout,txt)
[INFO] internal.speculate: No portscanner enabled. Assuming open ports: 80, 443
[SUCC] Setup succeeded for 12/12 modules.
[SUCC] Starting scan vigorous_sophia
[SCAN]                  vigorous_sophia (SCAN:67407cf18d89bca404eecc216226c350666ba75c) SEED
[URL_UNVERIFIED]        https://github.com/praetorian-inc/trajan        SEED    (cdn, cdn-github, cloud, cloud-microsoft, endpoint, github-domain, github-ip, in-scope, microsoft-domain, seed, target)
[DNS_NAME]              ns-1707.awsdns-21.co.uk NS      (a-record, aaaa-record, affiliate, amazon-ip, cdn, cdn-cloudfront, cloud, cloud-amazon, cloudfront-ip, distance-1, subdomain)
[DNS_NAME]              alt4.aspmx.l.google.com MX      (a-record, aaaa-record, affiliate, cloud, cloud-google, distance-1, google-domain, google-ip, subdomain)
[DNS_NAME]              dns1.p08.nsone.net      SOA     (a-record, aaaa-record, affiliate, distance-1, subdomain)
[DNS_NAME]              mktomail.com    TXT     (a-record, affiliate, distance-1, domain)
[DNS_NAME]              servers.mcsv.net        TXT     (a-record, affiliate, distance-1, subdomain)
[DNS_NAME]              dns3.p08.nsone.net      NS      (a-record, aaaa-record, affiliate, distance-1, subdomain)
[DNS_NAME]              github.com      host    (a-record, cdn, cdn-github, cloud, cloud-microsoft, domain, github-domain, github-ip, in-scope, microsoft-domain, mx-record, ns-record, seed, soa-record, txt-record)
[DNS_NAME]              dns1.p08.nsone.net      NS      (a-record, aaaa-record, affiliate, distance-1, subdomain)
[DNS_NAME]              mail.zendesk.com        TXT     (a-record, affiliate, amazon-ip, cdn, cdn-cloudfront, cloud, cloud-amazon, cloudfront-ip, distance-1, subdomain)
[DNS_NAME]              ns-1283.awsdns-32.org   NS      (a-record, aaaa-record, affiliate, amazon-ip, cdn, cdn-cloudfront, cloud, cloud-amazon, cloudfront-ip, distance-1, subdomain)
[DNS_NAME]              dns2.p08.nsone.net      NS      (a-record, aaaa-record, affiliate, distance-1, subdomain)
[DNS_NAME]              alt2.aspmx.l.google.com MX      (a-record, aaaa-record, affiliate, cloud, cloud-google, distance-1, google-domain, google-ip, subdomain)
[DNS_NAME]              alt3.aspmx.l.google.com MX      (a-record, aaaa-record, affiliate, cloud, cloud-google, distance-1, google-domain, google-ip, subdomain)
[DNS_NAME]              alt1.aspmx.l.google.com MX      (a-record, aaaa-record, affiliate, cloud, cloud-google, distance-1, google-domain, google-ip, subdomain)
[DNS_NAME]              ns-421.awsdns-52.com    NS      (a-record, aaaa-record, affiliate, amazon-ip, cdn, cdn-cloudfront, cloud, cloud-amazon, cloudfront-ip, distance-1, subdomain)
[DNS_NAME]              dns4.p08.nsone.net      NS      (a-record, aaaa-record, affiliate, distance-1, subdomain)
[DNS_NAME]              aspmx.l.google.com      MX      (a-record, aaaa-record, affiliate, cloud, cloud-google, distance-1, google-domain, google-ip, subdomain)
[DNS_NAME]              ns-520.awsdns-01.net    NS      (a-record, aaaa-record, affiliate, amazon-ip, cdn, cdn-cloudfront, cloud, cloud-amazon, cloudfront-ip, distance-1, subdomain)
[ORG_STUB]              github  speculate
[DNS_NAME]              o1.sgmail.github.com    PTR     (a-record, cdn, cdn-github, cloud, cloud-microsoft, github-domain, in-scope, microsoft-domain, mx-record, subdomain)
[DNS_NAME]              o3.sgmail.github.com    PTR     (a-record, cdn, cdn-github, cloud, cloud-microsoft, github-domain, in-scope, microsoft-domain, mx-record, subdomain)
[DNS_NAME]              lb-140-82-112-3-iad.github.com  PTR     (a-record, cdn, cdn-github, cloud, cloud-microsoft, github-domain, github-ip, in-scope, microsoft-domain, subdomain)
[DNS_NAME]              o2.sgmail.github.com    PTR     (a-record, cdn, cdn-github, cloud, cloud-microsoft, github-domain, in-scope, microsoft-domain, mx-record, subdomain)
[DNS_NAME]              o6.sgmail.github.com    PTR     (a-record, cdn, cdn-github, cloud, cloud-microsoft, github-domain, in-scope, microsoft-domain, mx-record, subdomain)
[DNS_NAME]              o5.sgmail.github.com    PTR     (a-record, cdn, cdn-github, cloud, cloud-microsoft, github-domain, in-scope, microsoft-domain, mx-record, subdomain)
[DNS_NAME]              mxa.mailgun.org MX      (a-record, affiliate, cloud, cloud-google, distance-1, google-ip, subdomain)
[DNS_NAME]              mxa.mailgun.org MX      (a-record, affiliate, cloud, cloud-google, distance-1, google-ip, subdomain)
[DNS_NAME]              mxa.mailgun.org MX      (a-record, affiliate, cloud, cloud-google, distance-1, google-ip, subdomain)
[DNS_NAME]              mxb.mailgun.org MX      (a-record, affiliate, cloud, cloud-google, distance-1, google-ip, subdomain)
[DNS_NAME]              mxa.mailgun.org MX      (a-record, affiliate, cloud, cloud-google, distance-1, google-ip, subdomain)
[DNS_NAME]              mxb.mailgun.org MX      (a-record, affiliate, cloud, cloud-google, distance-1, google-ip, subdomain)
[DNS_NAME]              mxb.mailgun.org MX      (a-record, affiliate, cloud, cloud-google, distance-1, google-ip, subdomain)
[DNS_NAME]              mxb.mailgun.org MX      (a-record, affiliate, cloud, cloud-google, distance-1, google-ip, subdomain)
[DNS_NAME]              mxa.mailgun.org MX      (a-record, affiliate, cloud, cloud-google, distance-1, google-ip, subdomain)
[DNS_NAME]              mxb.mailgun.org MX      (a-record, affiliate, cloud, cloud-google, distance-1, google-ip, subdomain)
[DNS_NAME]              github.com      speculate       (a-record, cdn, cdn-github, cloud, cloud-microsoft, domain, github-domain, github-ip, in-scope, microsoft-domain, mx-record, ns-record, soa-record, txt-record)
[DNS_NAME]              sgmail.github.com       speculate       (a-record, cdn, cdn-github, cloud, cloud-microsoft, github-domain, in-scope, microsoft-domain, mx-record, subdomain, txt-record)
**[FINDING]               {"confidence": "MODERATE", "description": "Deployment job 'Create Tag' lacks environment protection. This allows deployments without required approvals. (Workflow: .github/workflows/release.yaml)", "host": "github.com", "name": "Trajan - environment_bypass", "severity": "HIGH"}  trajan  (cdn, cdn-github, cloud, cloud-microsoft, confidence-moderate, github-domain, github-ip, in-scope, microsoft-domain, severity-high)
[FINDING]               {"confidence": "MODERATE", "description": "Deployment job 'Create Tag' lacks environment protection. This allows deployments without required approvals. (Workflow: .github/workflows/release.yaml)", "host": "github.com", "name": "Trajan - environment_bypass", "severity": "HIGH"}  trajan  (cdn, cdn-github, cloud, cloud-microsoft, confidence-moderate, github-domain, github-ip, in-scope, microsoft-domain, severity-high)
[FINDING]               {"confidence": "MODERATE", "description": "Deployment job 'Cleanup on Failure' lacks environment protection. This allows deployments without required approvals. (Workflow: .github/workflows/release.yaml)", "host": "github.com", "name": "Trajan - environment_bypass", "severity": "HIGH"}  trajan  (cdn, cdn-github, cloud, cloud-microsoft, confidence-moderate, github-domain, github-ip, in-scope, microsoft-domain, severity-high)
[FINDING]               {"confidence": "MODERATE", "description": "Deployment job 'Cleanup on Failure' lacks environment protection. This allows deployments without required approvals. (Workflow: .github/workflows/release.yaml)", "host": "github.com", "name": "Trajan - environment_bypass", "severity": "HIGH"}  trajan  (cdn, cdn-github, cloud, cloud-microsoft, confidence-moderate, github-domain, github-ip, in-scope, microsoft-domain, severity-high)**
[DNS_NAME]              mx.sendgrid.net MX      (a-record, affiliate, amazon-ip, cdn, cdn-cloudfront, cdn-github, cloud, cloud-amazon, cloudfront-ip, distance-1, github-ip, subdomain)
[DNS_NAME]              sendgrid.net    TXT     (a-record, affiliate, amazon-ip, cdn, cdn-cloudfront, cdn-github, cloud, cloud-amazon, cloudfront-ip, distance-1, domain, github-ip)
[DNS_NAME]              github.com      host    (a-record, cdn, cdn-github, cloud, cloud-microsoft, domain, github-domain, github-ip, in-scope, microsoft-domain, mx-record, ns-record, soa-record, txt-record)
[INFO] Finishing scan
[SCAN]                  vigorous_sophia (SCAN:67407cf18d89bca404eecc216226c350666ba75c) SEED
[INFO] aggregate: +------------+------------------------------+------------------------------------------+
[INFO] aggregate: | Module     | Produced                     | Consumed                                 |
[INFO] aggregate: +============+==============================+==========================================+
[INFO] aggregate: | MX         | 16 (16 DNS_NAME)             | 0                                        |
[INFO] aggregate: +------------+------------------------------+------------------------------------------+
[INFO] aggregate: | TXT        | 9 (4 DNS_NAME, 5 IP_ADDRESS) | 0                                        |
[INFO] aggregate: +------------+------------------------------+------------------------------------------+
[INFO] aggregate: | NS         | 8 (8 DNS_NAME)               | 0                                        |
[INFO] aggregate: +------------+------------------------------+------------------------------------------+
[INFO] aggregate: | PTR        | 6 (6 DNS_NAME)               | 0                                        |
[INFO] aggregate: +------------+------------------------------+------------------------------------------+
[INFO] aggregate: | speculate  | 3 (2 DNS_NAME, 1 ORG_STUB)   | 48 (28 DNS_NAME, 5 DNS_NAME_UNRESOLVED,  |
[INFO] aggregate: |            |                              | 14 IP_ADDRESS, 1 URL_UNVERIFIED)         |
[INFO] aggregate: +------------+------------------------------+------------------------------------------+
[INFO] aggregate: | trajan     | 2 (2 FINDING)                | 1 (1 URL_UNVERIFIED)                     |
[INFO] aggregate: +------------+------------------------------+------------------------------------------+
[INFO] aggregate: | host       | 2 (2 DNS_NAME)               | 0                                        |
[INFO] aggregate: +------------+------------------------------+------------------------------------------+
[INFO] aggregate: | SOA        | 1 (1 DNS_NAME)               | 0                                        |
[INFO] aggregate: +------------+------------------------------+------------------------------------------+
[INFO] aggregate: | A          | 1 (1 IP_ADDRESS)             | 0                                        |
[INFO] aggregate: +------------+------------------------------+------------------------------------------+
[INFO] aggregate: | dnsresolve | 0                            | 88 (58 DNS_NAME, 2 FINDING, 27           |
[INFO] aggregate: |            |                              | IP_ADDRESS, 1 URL_UNVERIFIED)            |
[INFO] aggregate: +------------+------------------------------+------------------------------------------+
[INFO] aggregate: | cloudcheck | 0                            | 88 (46 DNS_NAME, 12 DNS_NAME_UNRESOLVED, |
[INFO] aggregate: |            |                              | 2 FINDING, 27 IP_ADDRESS, 1              |
[INFO] aggregate: |            |                              | URL_UNVERIFIED)                          |
[INFO] aggregate: +------------+------------------------------+------------------------------------------+
[INFO] output.csv: Saved CSV output to /home/USER/.bbot/scans/vigorous_sophia/output.csv
[INFO] output.json: Saved JSON output to /home/USER/.bbot/scans/vigorous_sophia/output.json
[INFO] output.txt: Saved TXT output to /home/USER/.bbot/scans/vigorous_sophia/output.txt

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@N7WEra