macOS
brew install bbotlocal Homebrew formula metadata
brew
OSINT automation tool. Version 2.8.4 via Homebrew; verified 2026-06-15.
install
brew install bbotlocal Homebrew formula metadata
nix profile install nixpkgs#bbotnixpkgs package indexes · pkgs/by-name/bb/bbot/package.nix · source: api.github.com
overview
OSINT automation tool
history
BBOT is Black Lantern Security's OSINT, reconnaissance, bug-bounty, and attack-surface-management automation tool. It packages many passive and active discovery modules behind a single `bbot` scanner and preset system.
The upstream README describes BBOT as inspired by SpiderFoot and built to automate recon, bug bounties, and ASM. Its examples emphasize repeatable presets for subdomain enumeration, web crawling, email gathering, and web scanning.
The PyPI release metadata shows a 1.0.0 package upload on 2022-08-18. By the current upstream README, the project has stable and development installation tracks, Docker distribution, a public documentation site, and a community Discord.
BBOT's adoption follows the modern Python security-tool path: PyPI and pipx for primary installation, Docker for isolated runs, GitHub for development, and Homebrew/Nix formulas for users who expect security tooling in system package managers.
Operators use BBOT by giving it targets and presets such as `subdomain-enum`, `spider`, `email-enum`, `web-basic`, or `web-thorough`. Configuration stores module options and API keys, so the same scan recipes can be repeated across assessments.
BBOT is interesting in package history because it is a high-churn security automation tool that still reaches general package managers. It shows how OSINT tooling has moved from one-off scripts toward modular scanners with presets, docs, containers, PyPI packages, and native package-manager entries.
security posture
No matching local secret-handling manifest was found for bbot. Nucleus package metadata is still published here so future coverage has a stable package URL.
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Config paths the tool may read or write during local use.
~/.config/bbot/bbot.ymlCredential-bearing paths to review before unattended agent runs.
~/.config/bbot/bbot.ymlexecutables
| Command | Kind | Exposure | Note |
|---|---|---|---|
bbot | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://www.blacklanternsecurity.com/bbot/
install metadata
| Package key | brew:bbot |
|---|---|
| Version | 2.8.4 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/bbot |
| Homepage | https://www.blacklanternsecurity.com/bbot/ |
| Repository | https://github.com/blacklanternsecurity/bbot |
| Upstream docs | https://www.blacklanternsecurity.com/bbot/Stable |
| License | AGPL-3.0-only |
| Source archive | https://files.pythonhosted.org/packages/6a/83/24a0087894d853703f64ab2044927ef56c831edb379295a873b05f34eb92/bbot-2.8.4.tar.gz |
| Last updated | 2026-06-15T10:20:10-04:00 |
| Pulse | updated |
| Dependencies | certifi, cryptography, libyaml, openssl@3, pydantic, python@3.14, zeromq |
| Build dependencies | cmake, ninja, openjdk, pkgconf, rust |
| Uses from macOS | libxml2, libxslt |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | bbot |
| Version Scheme | 0 |
| Revision | 6 |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
bbot
nix profile install nixpkgs#bbotsource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.