add profundis

[dogancanbakir]

closes #1681

Summary by CodeRabbit

• New Features

  • Added Profundis API as a new passive subdomain reconnaissance source, enabled by default.
  • Requires an API key for use; does not provide recursive enumeration.

• Tests

  • Updated test expectations to include Profundis in default and all-source lists.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Added a new Profundis passive subdomain source with a streaming HTTP integration, registered it in the passive sources list, and updated tests to include "profundis" in expected source sets.

Changes

Cohort / File(s)	Summary
Source Registration pkg/passive/sources.go, pkg/passive/sources_test.go	Imported the profundis source and added profundis.Source to the AllSources slice; updated tests to include "profundis" in expectedAllSources and expectedDefaultSources.
Profundis Source Implementation pkg/subscraping/sources/profundis/profundis.go	New Source implementation that selects an API key, issues a POST to the Profundis subdomain enumeration endpoint with Accept: text/event-stream, streams and scans response lines emitting subdomain results, handles HTTP and scanner errors, supports context cancellation, and exposes methods: Run, Name, IsDefault, HasRecursiveSupport, NeedsKey, AddApiKeys, Statistics.

Sequence Diagram(s)

sequenceDiagram
    participant Caller as Runner
    participant Source as profundis.Source
    participant Session as Session (results/ch)
    participant Profundis as Profundis API
    Note over Source,Profundis: New streaming subdomain flow

    Caller->>Source: Run(ctx, domain, session)
    Source->>Source: select random API key
    alt no API key
        Source->>Session: send Result{Type: Error/Skip}
        Source->>Caller: close channel
    else has API key
        Source->>Profundis: HTTP POST /subdomain-enumeration {domain} (X-API-KEY, Accept: text/event-stream)
        Profundis-->>Source: 200 (streaming body)
        loop for each line
            Profundis-->>Source: event-stream line (subdomain or ping)
            Source->>Session: send Result{Type: Subdomain, Value: line}
            Note right of Session: respects ctx cancellation
        end
        alt scanner error
            Source->>Session: send Result{Type: Error}
        end
        Source->>Caller: close channel
    end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• Pay attention to:
  • Correct Profundis endpoint URL, request body, and headers (Content-Type, X-API-KEY, Accept)
  • Handling of missing API keys (skip behavior) and error emission
  • Streaming read loop: context cancellation, scanner error handling, and result counting/statistics

Poem

🐰 A new source hops in with a curious grin,
It listens to streams where the subdomains spin,
Keys twinkle like carrots, results bounce in a row,
Errors are tiny pebbles, timeTaken keeps low,
I nibble on bytes and watch the discoveries grow ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'add profundis' is too vague and generic, using minimal descriptive language that doesn't clearly convey the nature of the change to someone scanning history.	Consider a more descriptive title like 'Add Profundis as a passive subdomain enumeration source' to better communicate the change's purpose.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check	✅ Passed	The pull request successfully implements Profundis integration as a passive subdomain enumeration source, meeting the core requirement from issue #1681.
Out of Scope Changes check	✅ Passed	All changes are directly related to adding Profundis as a passive subdomain source; no extraneous modifications detected.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch 1681_add_profundis

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 074497b and 037d063.

📒 Files selected for processing (1)

• pkg/subscraping/sources/profundis/profundis.go (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• pkg/subscraping/sources/profundis/profundis.go

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: Test Builds (ubuntu-latest)
• GitHub Check: Test Builds (windows-latest)
• GitHub Check: Test Builds (macOS-latest)
• GitHub Check: Analyze (go)

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

pkg/passive/sources_test.go (1)

46-103: Align recursive-source expectations with HasRecursiveSupport() for profundis

You’ve correctly added "profundis" to both expectedAllSources and expectedDefaultSources, but expectedDefaultRecursiveSources (lines 105–119) does not include "profundis" while profundis.Source.HasRecursiveSupport() currently returns true. In TestSourceCategorization, recursiveSources is built from all sources where HasRecursiveSupport() is true, so this will cause the assert.ElementsMatch on expectedDefaultRecursiveSources to fail.

Decide whether profundis should participate in recursive runs:

• If yes (likely, given it’s a large passive dataset), update the test list to include it, e.g.:

 expectedDefaultRecursiveSources = []string{
 	"alienvault",
 	"bufferover",
 	"certspotter",
 	"crtsh",
 	"dnsdb",
 	"digitorus",
 	"driftnet",
 	"hackertarget",
 	"securitytrails",
 	"virustotal",
 	"leakix",
 	"facebook",
+	"profundis",
 }

• If no, then profundis.Source.HasRecursiveSupport() should return false instead.

Right now tests won’t pass until these are made consistent.

🧹 Nitpick comments (2)

pkg/passive/sources.go (1)

29-41: Profundis wiring into AllSources and env‑var handling looks correct

The new profundis import and &profundis.Source{} entry in AllSources are consistent with the existing pattern. With Name() returning "profundis", Agent.New will look for PROFUNDIS_API_KEY, which matches the usual ${SOURCE}_API_KEY convention.

From a passive-source wiring perspective this is good to go; just ensure the new env var name is documented for users of the new source.

Also applies to: 61-111

pkg/subscraping/sources/profundis/profundis.go (1)

55-95: Harden streaming logic: HTTP status handling and event-stream format

The core streaming logic is sound, but a few tweaks would make it more robust:

• HTTP status handling: You don’t check resp.StatusCode. If the API returns a non‑2xx with a body (auth error, quota exceeded, etc.), the scanner will happily emit those lines as Subdomain results. It’s safer to treat non‑success statuses as errors and bail out:

-	resp, err := session.Post(ctx, "https://api.profundis.io/api/v2/common/data/subdomains", "",
-		headers, bytes.NewReader(requestBody))
+	resp, err := session.Post(ctx, "https://api.profundis.io/api/v2/common/data/subdomains", "",
+		headers, bytes.NewReader(requestBody))
 
 	if err != nil {
 		results <- subscraping.Result{Source: s.Name(), Type: subscraping.Error, Error: err}
 		s.errors++
 		session.DiscardHTTPResponse(resp)
 		return
 	}
+
+	if resp.StatusCode < 200 || resp.StatusCode >= 300 {
+		session.DiscardHTTPResponse(resp)
+		results <- subscraping.Result{
+			Source: s.Name(),
+			Type:   subscraping.Error,
+			Error:  fmt.Errorf("profundis: unexpected status code %d", resp.StatusCode),
+		}
+		s.errors++
+		return
+	}

(You’d need a fmt import here or reuse whatever pattern other sources use.)

• Event‑stream vs plain lines: You advertise Accept: text/event-stream but treat each line as a raw subdomain. If Profundis responds with standard SSE (data: <value>), you’ll end up emitting the data: prefix. Please confirm the response format; if it is SSE, strip the data: prefix (and ignore other event/control lines) before treating a line as a subdomain.

• Context‑aware error sends (nice‑to‑have): In error paths (marshal error, Post error, scanner error, body close error), you send directly on results without checking ctx.Done(). If the consumer stops reading when the context is canceled, these could block the goroutine. Mirroring the select you already use in the scan loop would avoid that, but it’s more of a robustness tweak than a blocker.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between deccd62 and 074497b.

📒 Files selected for processing (3)

• pkg/passive/sources.go (3 hunks)
• pkg/passive/sources_test.go (2 hunks)
• pkg/subscraping/sources/profundis/profundis.go (1 hunks)

🧰 Additional context used

🧬 Code graph analysis (1)

pkg/passive/sources.go (2)

pkg/subscraping/sources/profundis/profundis.go (1)

• Source (16-22)

pkg/subscraping/sources/domainsproject/domainsproject.go (1)

• Source (16-22)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: Test Builds (macOS-latest)
• GitHub Check: Test Builds (ubuntu-latest)
• GitHub Check: Test Builds (windows-latest)
• GitHub Check: Analyze (go)
• GitHub Check: release-test

🔇 Additional comments (1)

pkg/subscraping/sources/profundis/profundis.go (1)

100-127: Source metadata and API‑key plumbing are consistent with the passive framework

Name(), IsDefault(), NeedsKey(), AddApiKeys(), and Statistics() all line up with the existing subscraping.Source contract:

• Name() returns "profundis", matching the test expectations and env‑var derivation (PROFUNDIS_API_KEY).
• IsDefault() returning true makes Profundis participate in default runs, which fits the intent for a large passive dataset.
• HasRecursiveSupport() returning true ensures it’s eligible for recursive mode; once you update the tests as noted in sources_test.go, this will be fully aligned.
• Statistics() correctly exposes the internal counters you maintain in Run.

No changes needed here beyond keeping the recursion behavior/tests in sync.

[Mzack9999]

lgtm!