fix large entity

2025-09-13 16:09:10 +02:00
parent 612f414d2a
commit 717f103596
3 changed files with 47 additions and 18 deletions
--- a/core/scanner.py
+++ b/core/scanner.py
@@ -753,13 +753,14 @@ class Scanner:
        return discovered_targets

    def _create_large_entity(self, source: str, provider_name: str, results: List, current_depth: int) -> None:
-        """Create a large entity node for forensic tracking."""
-        entity_id = f"Large Entity: {provider_name}"
+        """Create a large entity node and process its contents with the DNS provider."""
+        entity_id = f"Large Collection from {provider_name}"
        
-        # Extract targets from results
        targets = []
        node_type = 'unknown'
        
+        dns_provider = next((p for p in self.providers if p.get_name() == 'dns'), None)
+
        for rel in results:
            if len(rel) > 1:
                target = rel[1]
@@ -769,11 +770,16 @@ class Scanner:
                if _is_valid_domain(target):
                    node_type = 'domain'
                    self.graph.add_node(target, NodeType.DOMAIN)
+                    if dns_provider:
+                        dns_results = dns_provider.query_domain(target)
+                        self._process_provider_results_forensic(target, dns_provider, dns_results, defaultdict(lambda: defaultdict(list)), current_depth)
                elif _is_valid_ip(target):
                    node_type = 'ip'
                    self.graph.add_node(target, NodeType.IP)
-        
-        # Create large entity metadata
+                    if dns_provider:
+                        dns_results = dns_provider.query_ip(target)
+                        self._process_provider_results_forensic(target, dns_provider, dns_results, defaultdict(lambda: defaultdict(list)), current_depth)
+
        metadata = {
            'count': len(targets),
            'nodes': targets,
@@ -784,18 +790,14 @@ class Scanner:
            'forensic_note': f'Large entity created due to {len(targets)} results from {provider_name}'
        }
        
-        # Create the node and edge
        self.graph.add_node(entity_id, NodeType.LARGE_ENTITY, metadata=metadata)
        
-        # Use first result's relationship type for the edge
        if results:
            rel_type = results[0][2]
            self.graph.add_edge(source, entity_id, rel_type, 0.9, provider_name, 
                              {'large_entity_info': f'Contains {len(targets)} {node_type}s'})
        
-        # Forensic logging
        self.logger.logger.warning(f"Large entity created: {entity_id} contains {len(targets)} targets from {provider_name}")
-        
        print(f"Created large entity {entity_id} for {len(targets)} {node_type}s from {provider_name}")

    def _collect_node_metadata_forensic(self, node_id: str, provider_name: str, rel_type: RelationshipType,