Make BBOT compatible with Ax/Axiom #1145
Replies: 9 comments 3 replies
-
This is a good idea. I'll look into axiom. |
Beta Was this translation helpful? Give feedback.
-
Axiom also can make processes parallel. For example, paramminer is a slow module, so we run it on 5 instances at the same time to finish it sooner. Maybe possible to make something like this as built-in in bbot. Same as "file splitter" in Trickest. In trickest, if we put file splitter before of any module, then that module will run on several machines concurrently. So, maybe the whole bbot can have axiom compatibility or some slow modules can run on several instances at the same time. Thanks 🙏 |
Beta Was this translation helpful? Give feedback.
-
Or maybe shadowclone This actually can be used also as WAF bypass method |
Beta Was this translation helpful? Give feedback.
-
The new tool in this category is If something like iis scanner, bypass 403, ffuf ... can execute at the end as serverless functions, can reduce the bbot scanning time significantly. |
Beta Was this translation helpful? Give feedback.
-
The defparam version is 404, but there are some forks available. Recently I have disabled some bbot modules such as shortscan or ffuf or bypass403 and doing these in lemma/shadowclone , I know it's not recursive on my side anymore but the reduction in scan time is significant. I was thinking if possible to integrate this ability as an option in bbot, that possible to enable/disable it and do some of the operations in aws lambda, bbot will go in another level. Imagine, ffuf, bypass403, shortscan ... in 1000 parallel executions, how much fast can bbot be. |
Beta Was this translation helpful? Give feedback.
-
hey @amiremami were you able to run bbot with shadowclone? that would be awesome but I couldn't figure out a way to make it work (getting errors of 'wrong command') |
Beta Was this translation helpful? Give feedback.
-
Being able to distribute things like port scans/ffuf/gowitness/nuclei with axiom would be so awesome. It's probably the one thing holding us back from using bbot full time. (particularly on large scopes) |
Beta Was this translation helpful? Give feedback.
-
I will add Ax framwork to the mix. It’s from the same author of AXIOM, he moved to work on Ax instead of Axiom. |
Beta Was this translation helpful? Give feedback.
-
Axiom / Ax would be awesome! From Axiom Github:
Agree with the recommendations - I think you should consider integrating into one of them, similar to what reconFTW did. The ability to distribute scans across multiple VPSs could make BBOT the king of all time :) Note regarding the provider: AWS as alone isn’t enough, options like Linode, DigitalOcean, or my favorite- Hetzner (offer strong specs at a low cost) is also needed. |
Beta Was this translation helpful? Give feedback.
-
When I run BBOT, I need a very powerful server, but when it's not in process, I need a very cheap server to manage the data. I was thinking that would be awesome if possible to make BBOT compatible with AXIOM, so when we run it, it creates a powerful server and when it is finished, terminate that server and (move data to my main server?). Not sure if there is any other solution for this, axiom came to my mind. Maybe kubernete? (I have never worked with it)
https://github.com/pry0cc/axiom
Beta Was this translation helpful? Give feedback.
All reactions