Skip to content

Releases: Developer-Army/BBPTS

v1.5.0

Choose a tag to compare

@github-actions github-actions released this 30 Jun 16:52

Changelog

[1.5.0] — 2026-06-30

Added

  • Program Intelligence Engine: Added program intelligence engine and hunting playbook generator.
  • Advanced Testing Tools: Added ReDoS, supply chain, and multi-tenant isolation testing tools.
  • Coverage Heatmap: Added endpoint coverage heatmap with DB schema and query methods.
  • Second-Order Injection: Added detector for stored XSS, SSTI, SQLi.
  • Smart Wordlist Generator: Added tool with tech/industry vocabulary.
  • Business Logic Test Suite: Added tests for amount, coupon, quantity manipulation.
  • Blind Injection Hub: Added tool for XSS, SSTI, CMDi, SSRF via OOB.
  • Rate Limit Bypass: Added detection tool for rate limiting bypasses.
  • Auth Matrix Tool: Added IDOR and broken access control detection.
  • Specialized Scanners: Added SOAP, mobile manifest, and cloud credentials scanners.

Commit History

  • b4ba489 Add -draft-report CLI flag for AI-assisted report drafting
  • 3685075 Add AI JS analysis testing infrastructure
  • 3a25d81 Add AI tools to presets and update tests
  • 6cc3469 Add AI triage engine for false positive filtering
  • 81fc05a Add AI vulnerability detection for prompt injection
  • adc464e Add AI-powered JavaScript analysis for endpoint discovery
  • 77ec33d Add ASN, CVE, gRPC, Git scan tools and companion server APIs
  • 430b549 Add Arjun wrapper for hidden parameter discovery in scan stage 3
  • af951ae Add CORS OPTIONS preflight test
  • 8eda8de Add GitHub org member enumeration, expand chain builder, wire IDOR Obsidian export, fix lint
  • 0c2b997 Add GraphQL introspection bypass probes
  • 5972477 Add IDOR assistant for parameter clustering and testing
  • e48860c Add JWT HTTP response scanning and RS256 to HS256 confusion test
  • 1fd9c23 Add LLM integration infrastructure
  • e442f0f Add ReDoS, supply chain, and multi-tenant isolation testing tools
  • 6b19eeb Add SOAP, mobile manifest, and cloud credentials scanners
  • 8087f73 Add Web3, paste, cert, price, and dependency audit scan tools
  • bb5a225 Add auth matrix tool for IDOR and broken access control detection
  • 06dadff Add blind injection hub tool for XSS, SSTI, CMDi, SSRF via OOB
  • b29d818 Add business logic test suite for amount, coupon, quantity manipulation
  • cc5ebe0 Add custom adapter guide, case study, and update README links
  • cb2fa74 Add dynamic tool gating with shouldSkipTool in orchestrator
  • 945a2e7 Add email enumeration and swagger parser services
  • 21c33ed Add encoding bypasses to 403 bypass tester
  • aee677e Add endpoint coverage heatmap with DB schema and query methods
  • b23e6e6 Add false positive confidence scoring and filtering to reports
  • 3a80038 Add interactsh OOB URL context and first-run execution
  • 0603d9d Add multiple payload formats for AI prompt injection testing
  • cbe7c17 Add native Go security scanners: CORS, 403 bypass, JWT, open redirect
  • f5fc9f4 Add program intelligence engine and hunting playbook generator
  • 4ce11c5 Add rate limit bypass detection tool
  • d6488ef Add second-order injection detector for stored XSS, SSTI, SQLi
  • 5b3ac29 Add smart wordlist generator tool with tech/industry vocabulary
  • af38fe7 Add unit tests for dynamic tool gating logic
  • 230d90f Add validate-config CLI option and resolve make validate target
  • a639548 Decouple security tools from services and implement domain/recon ScanContext
  • 6f7708d Downgrade Go version to 1.23 and adjust Grype DB age limit
  • e22c8da Enrich Diff struct with ChangeReasons for context-aware diffs
  • 8bde20f Expand GraphQL scanner with query batching, mutations, and IDOR testing
  • db75b04 Fix CI issue
  • a90e372 Fix IDE lint warnings and update secret scanner patterns
  • ba6324e Fix bypass403 false positive rate and OpenAI chat completions delegation
  • 609696e Fix code problems, lints, and CI workflow errors
  • 01e074e Implement CPU scaling and process niceness for low-resource mode
  • bcdd273 Implement Gemini-powered LLM report drafting in app_output.go
  • 6bb0d20 Implement HTTP Request Smuggling detector for CL.TE and TE.CL
  • dd1024a Implement HackerOne and Bugcrowd API program profile auto-loader
  • b56d5cb Implement JS change detection and diff reporting in JSAnalyzer
  • 15b5f39 Implement LLM-assisted noise triage engine for scan findings
  • c440f94 Implement OAuth 2.0 flow tester for CSRF, open redirects, and PKCE bypass
  • 2c370d0 Implement Prototype Pollution detector with client and server-side testing
  • 598f5bd Implement Race Condition tester for state-changing endpoints
  • 002f81b Implement WebSocket security tester for CSWSH and Origin validation
  • 35c4af1 Implement auto CTEM transitions and integrate scanner presets
  • 972396f Implement contextual AI bug bounty report drafting
  • f990b99 Implement false positive confidence scoring engine with corroboration and configurable threshold
  • 7eff4c1 Implement host header injection and cache poisoning detector
  • 6404b76 Implement loopback auto-authentication for web dashboard
  • f4cd7df Implement tech stack fingerprinting and targeted nuclei mapping
  • 4b8e997 Implement vulnerability chain analysis and attack path reporting
  • 870210a Increase test coverage for scope engine and raise CI threshold
  • c3ffe09 Inject custom header context into Gowitness adapter scans
  • b8053e9 Merge cache into main SQLite database and batch worker pool queries
  • 206f72b Optimize TUI, resolve client data races, upgrade dependencies, and register active probe tools
  • 735651d Redesign dashboard with dark cybersecurity theme and update docs
  • cab3bbf Refactor dashboard frontend into standalone embedded static files
  • 9dd114f Refactor domain recon code for cleaner implementation
  • bbf3d2e Refactor report generator by splitting god-class
  • 94f288f Refactor scorer environment switch for cleaner code
  • d241f59 Refactor server entrypoint into lifecycle, routing, and middleware
  • ad4bfc2 Register CORS, 403 bypass, JWT, open redirect adapters in registry
  • 7c9e619 Register GraphQL and OAuth flow tester as default tools and doctor diagnostics
  • 372bcf6 Remove false-positive shodan_key pattern from secrets scanner
  • 8a7ffeb Update TUI demo recording to terminal.gif
  • 7bad0d6 Wire interactsh OOB URL to nuclei and dalfox
  • 799c372 chore: prepare v1.5.0 release

v1.4.0

Choose a tag to compare

@Developer-Army Developer-Army released this 19 Jun 16:06

[1.4.0] — 2026-06-18

Added

  • CI/CD Pipeline Mode: Integrated --ci and --fail-on flags to exit with non-zero exit codes when findings matching or exceeding the target severity threshold are discovered.
  • Scope Enforcement Engine: Added the --scope-file flag to load and enforce domain allow/exclude wildcards prior to scanning.
  • CVSS 3.1 Scoring: Implemented a standalone, standard-compliant CVSS 3.1 base score and severity rating calculator.
  • Playwright Diagnostics: Automated Playwright browser installation in scripts/setup.sh and added cache/binary validation to -doctor diagnostics.
  • Enterprise CTEM Risk Engine (Alpha): Hardened risk engine using advanced 7-factor risk scoring, real-time telemetry, ownership models, blast radius evaluation, and NATS JetStream event architecture.
  • Secure Server-side Sessions: Migrated dashboard authentication from client-side localStorage to secure server-side HttpOnly cookies.
  • Database Query Tracing: Implemented distributed trace spans, query duration tracking, and Prometheus metrics for storage and message queue.

Changed

  • SSRF Enforcement: Wired security.IsPrivateAddr into both the low-level and high-level StealthClient network pipelines for strict SSRF mitigation.
  • CTEM State transitions: Deleted the redundant internal/domain/workflows package, consolidating compliance state machine transitions directly inside the CTEM storage engine (ctem.go).

v1.3.0

Choose a tag to compare

@Developer-Army Developer-Army released this 11 Jun 08:36

Full Changelog: v1.1.1...v1.3.0

v1.1.2

Choose a tag to compare

@Developer-Army Developer-Army released this 05 Jun 11:45

[1.1.2] — 2026-06-05

Added

  • Configurable Port List: Naabu port list moved from hardcoded to config.json ("ports" field). Empty = built-in default.
  • Tool Exclusions: New -exclude-tools / -x CLI flag to skip specific tools without editing presets.
  • Batch Parallelism: New -batch-size / -b flag and batch_size config field for concurrent multi-domain scanning.
  • Log Level Control: New -log-level flag (debug, info, warn, error) for fine-grained log verbosity.
  • Custom Report Templates: New -report-template flag and report_template config field for user-supplied Go text/template HTML reports.
  • Containerization Guide: New docs/CONTAINERIZATION.md with Docker usage, volume mounts, and per-tool container roadmap.

Changed

  • Dockerfile: Updated with ldflags version injection, massdns binary copy, wordlists, healthcheck, and dnsutils runtime dependency.
  • Version: Bumped to v1.1.2.
  • README: Overhauled the README.md with better documentation and formatting.

v1.1.1

Choose a tag to compare

@Developer-Army Developer-Army released this 04 Jun 14:35

[1.1.1] — 2026-06-04

Added

  • TUI Settings Editor: Interactive configuration menu accessible via /configure (or /setup / /keys) to update API keys and notification webhooks.
  • TUI Command Listing Hotkey: Typing / inside an empty target input box immediately outputs all available commands.
  • Beginner Quick Start Guide: Added a step-by-step setup and testing guide at the top of the HTML report.
  • Clickable Target & Evidence Links: Target domains and all evidence URLs in the HTML report are now clickable links.
  • Interactive Checklists: Recommended testing checklist is now rendered with interactive checkboxes.
  • Action Steps by Severity: Context-aware "Next Action" guide added to findings based on risk level.
  • Sleek Dark Mode: Designed a premium, modern dark mode theme for the HTML report.
  • Global Asset Copying: make install and make install-user targets copy configs and wordlists to ~/.bbpts for global out-of-the-box execution.
  • Verify Command: Introduced cmd/verify/main.go and validation framework test suite.

Changed

  • Config & Rules Fallbacks: Wordlists and rules path fallbacks automatically redirect search path to ~/.bbpts if missing locally.
  • Parallel Recon Optimization: Redesigned Gobuster, Ffuf, and Dalfox runners with worker pool concurrency and dynamic timeout limits under low-resource environments.
  • Resource Limit Controls: Enforce CPU and memory limits inside resource_guard.

Fixed

  • Fake result - There was known issue that was fixed that fake result/data appears in TUI

v1.1.0

Choose a tag to compare

@Developer-Army Developer-Army released this 04 Jun 14:14

[1.1.0] — 2026-05-24

Error: This version contain fake data which is fixed in v1.1.1

Added

  • TUI overhaul (tui/model.go): Interactive target-input wizard, real-time scan-abort via ScanAbortChan, per-stage tool-list display, scrollable event feed with type/properties, rich progress panels, and animated status indicators.
  • TUI bridge (tui/bridge.go): PromptForTarget, SendInitialTargets, ReportStageTools, and enriched SendEvent(source, target, eventType, properties) for full bidirectional orchestrator↔TUI communication.
  • Target pre-validation (cli/app.go): validateTargetsWithHTTPX — DNS resolution + httpx liveness probe before any scan stage begins.
  • Global results directory (cli/app.go): All reports (CSV, HackerOne, Bugcrowd, evidence bundle, HTML/JSON/Burp/Caido/ZAP) mirrored to ~/.bbpts/results/ in addition to the local run directory.
  • Persistent SQLite database moved to ~/.bbpts/bbpts.db for cross-run persistence.
  • ProxyInsecure config field (services/orchestrator.go): Disables TLS verification for intercepting proxies (Burp Suite, mitmproxy).
  • ReportStageTools interface method (services/orchestrator.go): Orchestrator now reports tool names per stage to any ProgressReporter.
  • Stage-4 mock port-scan events (services/mock_tools.go): Mock pipeline now emits naabu port_open events for api.* and mail.* subdomains.
  • resource_guard.go (shared/utils/): New utility for resource lifecycle management.
  • cache_test.go (application/services/): Test coverage for the service cache layer.
  • db_test.go (infrastructure/storage/): Test coverage for the storage database layer.
  • Rate limiting for Shodan queries to prevent API request throttling.
  • Unified target normalization for host-based stage-2 tools (dnsx, naabu, shodan).

Changed

  • Mock data sanitized: All example.com / Example Inc. placeholders replaced with acme-corp.io / Acme Corp Ltd. across mock tools, command outputs, and ~60 test files.
  • reportEvent signature (services/orchestrator.go): Now passes full Event struct instead of loose source, target strings, enabling downstream property enrichment.
  • Target normalization (services/orchestrator.go): prepareTargetsForTool refactored — dnsx, naabu, and shodan always receive host-normalised targets regardless of stage number.
  • Context propagation (cli/app.go): runCtx now derived from abortCtx (abort-signal aware); scan mode injected via services.WithScanMode.
  • Timeout scaling (cli/app.go): Scan timeout now multiplied by number of tools in the preset.
  • --db-type now accepts both "sqlite3" and "sqlite" as valid values.
  • Cache write errors (services/orchestrator.go): Previously silenced cache.Put errors now emit slog.Warn.
  • Naabu port comment (services/naabu.go): Hardcoded port list is now explicitly documented as a known limitation pending config migration.
  • NATS bus, checkpoint, lease, stream, storage refactored for internal consistency.
  • Normalizer (shared/normalize/normalizer.go): Improved scope guard and host normalisation logic.
  • Improved target WHOIS normalization to strip protocol, path, and port suffixes.
  • Enhanced WHOIS parser to handle case-insensitive outputs and registrar key aliases.
  • Removed unused stub types and fields from queue stubs and UI model.

Fixed

  • ims.Store / de.StoreResult return values in diff_engine_test.go were silently discarded — now handled with _ =.
  • ReportEvent interface mismatch between bridge and orchestrator resolved — both now use the 4-argument enriched signature.
  • Bus, checkpoint, lease, and queue stubs updated to match the new API surface.
  • Resolved unhandled error return linter warnings across queue, lease, browser, cache, and test suites.

v1.0.0

Choose a tag to compare

@Developer-Army Developer-Army released this 22 May 05:06

It is the initial commit.