Closed colin-stubbs closed 3 months ago
@TheTechromancer with this one... I have a branch ready here: https://github.com/colin-stubbs/bbot/tree/dnscaa
Any suggestions on changes before I open a PR?
@colin-stubbs go ahead and open a draft, it's easier to see that way.
I took a look at your branch and I see you dug into the core code and took the time to write module tests. That's awesome!
Besides a few small things it looks good. We can go over it in more detail when you open the PR.
Closing as this was merged in https://github.com/blacklanternsecurity/bbot/pull/1402.
Description
Process DNS CAA records, extract anything useful we find.
Usually low value, but sometimes includes interesting email addresses or URL's.
Approved public CA's that have web portals may also be of interest.
https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization
apple.com provides a useful example, as from their CAA records we would currently expect to get the following additional information:
Given "pki.apple.com" is a sub-domain that does not have any A/AAAA/CNAME records ( though it does have TXT's... more on that later :-) ), bbot should at present filter it out from any final results.
Example,