Merge pull request #3036 from blacklanternsecurity/logging-cleanup

liquidsec · web-flow · commit cc7e5615293c · 2026-05-18T18:47:50.000-04:00
Reduce debug logging noise
diff --git a/bbot/core/helpers/diff.py b/bbot/core/helpers/diff.py
@@ -100,7 +100,6 @@ async def _baseline(self):
                 baseline_1_json = xmltodict.parse(baseline_1.text)
                 baseline_2_json = xmltodict.parse(baseline_2.text)
             except ExpatError:
-                log.debug(f"Can't HTML parse for {self.baseline_url}. Switching to text parsing as a backup")
                 baseline_1_json = baseline_1.text.split("\n")
                 baseline_2_json = baseline_2.text.split("\n")
 
@@ -141,7 +140,6 @@ def compare_headers(self, headers_1, headers_2):
             for header, value in list(headers.items()):
                 if header.lower() in self.baseline_ignore_headers:
                     with suppress(KeyError):
-                        log.debug(f'found ignored header "{header}" in headers_{i + 1} and removed')
                         del headers[header]
 
         ddiff = DeepDiff(headers_1, headers_2, ignore_order=True, view="tree", threshold_to_diff_deeper=0)
@@ -251,24 +249,18 @@ def _compare_sync(self, subject_response, subject):
         try:
             subject_json = xmltodict.parse(subject_response.text)
         except ExpatError:
-            log.debug(f"Can't HTML parse for {subject.split('?')[0]}. Switching to text parsing as a backup")
             subject_json = subject_response.text.split("\n")
 
         diff_reasons = []
 
         if self.baseline.status_code != subject_response.status_code:
-            log.debug(
-                f"status code was different [{str(self.baseline.status_code)}] -> [{str(subject_response.status_code)}], no match"
-            )
             diff_reasons.append("code")
 
         different_headers = self.compare_headers(self.baseline.headers, subject_response.headers)
         if different_headers:
-            log.debug("headers were different, no match")
             diff_reasons.append("header")
 
         if self.compare_body(self.baseline_json, subject_json) is False:
-            log.debug("difference in HTML body, no match")
             diff_reasons.append("body")
 
         return diff_reasons
diff --git a/bbot/modules/base.py b/bbot/modules/base.py
@@ -661,7 +661,6 @@ async def _events_waiting(self, batch_size=None):
                 break
             try:
                 event = self.incoming_event_queue.get_nowait()
-                self.debug(f"Got {event} from {getattr(event, 'module', 'unknown_module')}")
                 async with self._task_counter.count(f"event_postcheck({event})"):
                     acceptable, reason = await self._event_postcheck(event)
                 if acceptable:
@@ -767,7 +766,6 @@ async def _worker(self):
                                 break
                         except asyncio.queues.QueueEmpty:
                             continue
-                        self.debug(f"Got {event} from {getattr(event, 'module', 'unknown_module')}")
                         try:
                             async with self._task_counter.count(f"event_postcheck({event})"):
                                 acceptable, reason = await self._event_postcheck(event)
@@ -782,7 +780,7 @@ async def _worker(self):
                                 else:
                                     context = f"{self.name}.handle_event({event})"
                                     self.scan.stats.event_consumed(event, self)
-                                    self.debug(f"Handling {event}")
+                                    self.debug(f"Handling {event} from {getattr(event, 'module', 'unknown_module')}")
                                     try:
                                         await self.run_task(self.handle_event(event), context)
                                     except asyncio.CancelledError:
@@ -939,7 +937,6 @@ async def _event_postcheck_inner(self, event):
             if not filter_result:
                 return False, msg
 
-        self.debug(f"{event} passed post-check")
         return True, ""
 
     def _scope_distance_check(self, event):
@@ -1026,8 +1023,6 @@ async def queue_event(self, event):
                 if reason and reason != "its type is not in watched_events":
                     self.debug(f"Not queueing {event} because {reason}")
                 return
-            else:
-                self.debug(f"Queueing {event} because {reason}")
             try:
                 self.incoming_event_queue.put_nowait(event)
                 event._module_consumers += 1
@@ -1863,7 +1858,6 @@ async def _worker(self):
                     async with self._task_counter.count(f"event_precheck({event})"):
                         precheck_pass, reason = self._event_precheck(event)
                     if not precheck_pass:
-                        self.debug(f"Not intercepting {event} because precheck failed ({reason})")
                         acceptable = False
                     else:
                         async with self._task_counter.count(f"event_postcheck({event})"):
@@ -1893,7 +1887,6 @@ async def _worker(self):
                             self.debug(f"Not forwarding {event} because {forward_event_reason}")
                             continue
 
-                    self.debug(f"Forwarding {event}")
                     await self.forward_event(event, kwargs)
 
         except asyncio.CancelledError:
diff --git a/bbot/modules/lightfuzz/submodules/serial.py b/bbot/modules/lightfuzz/submodules/serial.py
@@ -142,11 +142,8 @@ async def fuzz(self):
                     continue
 
                 if matches_baseline:
-                    self.debug(f"Payload {payload_type} matches baseline, skipping")
                     continue
 
-                self.debug(f"Probe result for {payload_type}: {response}")
-
                 status_code = getattr(response, "status_code", 0)
                 if status_code == 0:
                     continue
@@ -159,8 +156,6 @@ async def fuzz(self):
                     self.debug(f"Status code {status_code} not in (200, 500), skipping")
                     continue
 
-                # if the status code changed to 200, and the response doesn't match our general error exclusions, we have a finding
-                self.debug(f"Potential finding detected for {payload_type}, needs confirmation")
                 if (
                     status_code == 200
                     and "code" in diff_reasons
@@ -199,7 +194,6 @@ def get_title(text):
                 # if the first case doesn't match, we check for a telltale error string like "java.io.optionaldataexception" in the response.
                 # but only if the response is a 500, or a 200 with a body diff
                 elif status_code == 500 or (status_code == 200 and diff_reasons == ["body"]):
-                    self.debug(f"500 status code or body match for {payload_type}")
                     for serialization_error in serialization_errors:
                         # check for the error string, but also ensure the error string isn't just always present in the response
                         if (
diff --git a/bbot/modules/paramminer_headers.py b/bbot/modules/paramminer_headers.py
@@ -227,7 +227,6 @@ async def handle_event(self, event):
                     if self.global_blacklist_prefixes and lower_name.startswith(self.global_blacklist_prefixes):
                         return
                 if parameter_name not in self.wl:  # Ensure it's not already in the wordlist
-                    self.debug(f"Adding {parameter_name} to wordlist")
                     self.extracted_words_master.add(parameter_name)
 
         elif event.type == "HTTP_RESPONSE":
@@ -290,7 +289,7 @@ def build_count_test_request(self, url, count):
     async def binary_search(self, compare_helper, url, group, reasons=None, reflection=False):
         if reasons is None:
             reasons = []
-        self.debug(f"Entering recursive binary_search with {len(group):,} sized group")
+            self.debug(f"Entering binary_search with {len(group):,} sized group for URL [{url}]")
         if len(group) == 1 and len(reasons) > 0:
             yield group[0], reasons, reflection
         elif len(group) > 1 or (len(group) == 1 and len(reasons) == 0):
@@ -299,10 +298,6 @@ async def binary_search(self, compare_helper, url, group, reasons=None, reflecti
                 if match is False:
                     async for r in self.binary_search(compare_helper, url, group_slice, reasons, reflection):
                         yield r
-        else:
-            self.debug(
-                f"binary_search() failed to start with group of size {str(len(group))} and {str(len(reasons))} length reasons"
-            )
 
     async def check_batch(self, compare_helper, url, header_list):
         rand = self.rand_string()
diff --git a/bbot/modules/telerik.py b/bbot/modules/telerik.py
@@ -258,7 +258,6 @@ async def handle_event(self, event):
                         if base_url not in self.RAUConfirmed:
                             self.RAUConfirmed.append(base_url)
                             root_tool_path = self.scan.helpers.tools_dir / "telerik"
-                            self.debug(root_tool_path)
 
                             for version in self.telerikVersions:
                                 command = [
