Output.ndjson WAF finding field names.

blacklanternsecurity / bbot

A recursive internet scanner for hackers.

https://www.blacklanternsecurity.com/bbot/

GNU General Public License v3.0

4.19k stars 381 forks source link

Output.ndjson WAF finding field names. #1304

Closed CarsonHrusovsky closed 3 months ago

CarsonHrusovsky commented 3 months ago

Describe the bug While using --siem-friendly output, within output.ndjson, we find findings like this:

{"WAF": {"url": "https://www.thisismysite.com/", "host": "www.thisismysite.com", "WAF": "This is our waf"}}

Expected behavior Following the capitalization scheme used for event types, the second "WAF" should be lowercased because it is not an event type.

TheTechromancer commented 3 months ago

Added in https://github.com/blacklanternsecurity/bbot/pull/1306.

TheTechromancer commented 3 months ago

Change has been merged into dev.