Open
Conversation
Contributor
Performance Benchmark Report
|
- Update deps_pip and pyproject.toml to baddns~=2.1.0 - Pass self.scan.helpers.dns.blastdns as dns_client (was .resolver) - Replace MODERATE confidence level with MEDIUM to match baddns 2.1.0
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## dev #3042 +/- ##
======================================
- Coverage 91% 91% -0%
======================================
Files 440 438 -2
Lines 37697 37174 -523
======================================
- Hits 34116 33612 -504
+ Misses 3581 3562 -19 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Collaborator
Author
|
This new implementation is fast, but one annoying bug is that due to the retry mechanism, black-holed / misconfigured DNS zones clog up the pipes and cause DNS resolution to slow to a crawl: The obvious solution is to add more resolvers to your /etc/resolv.conf. But is there anything we can do to make this less bad? |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
|
|
||
| # is_wildcard_domain reports the wildcard pool per parent | ||
| wildcard_domains = await scan.helpers.dns.is_wildcard_domain("asdf.test.evilcorp.com", ["A", "AAAA"]) | ||
| assert "test.evilcorp.com" in wildcard_domains |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Replace dnspython + the
EngineClient/EngineServersubprocess architecture with blastdns, a Rust-backed async DNS client. DNS resolution now runs in Rust threads directly in the main process — no more subprocess IPC.What changed
dns.py:DNSHelperno longer inherits fromEngineClient. Wraps ablastdns.Clientdirectly. Wildcard detection,dns_omit_queries, error tracking, and connectivity checks ported fromengine.py.helpers.py:extract_targets()andrecord_to_text()now delegate to Rust (record.extract_targets(),record.to_text()) instead of manually parsing rdata dicts in Python. TXT hostname extraction (SPF/DKIM) stays in Python.engine.py,mock.py: Deleted. blastdns handles caching, retries, and mocking natively.dnsresolve.py:resolve_raw_batch()replaced withresolve_multi_full()(one host, many rdtypes — resolved concurrently in Rust).dnsbimi.py,dnstlsrpt.py,dnscaa.py:resolve_raw()replaced withresolve_full(). CAA module reads structured rdata directly instead of regex-parsing zone-format text.custom_lookup_fnreplaced with blastdnsregex:mock patterns.pyproject.toml: Addedblastdnsdependency.Deleted
bbot/core/helpers/dns/engine.py(~660 lines)bbot/core/helpers/dns/mock.py(~75 lines)