Closed amiremami closed 3 months ago
On second thought, it makes sense to build this on top of the massdns rewrite: https://github.com/blacklanternsecurity/bbot/pull/1303 and merge it into our BBOT 2.0 branch: https://github.com/blacklanternsecurity/bbot/pull/1235.
Before starting BBOT, I gather a lot of hostnames from other tools or sites. Then will add these alltogether as target. However, I noticed, unresolved events will go through massdns instead of first checking if the hostname is valid or not.
For example, here massdns is bruteforcing all those hostnames regardless of if they are valid or not. There is no DNS record for px29ftp2.statefarm.com