Add Hudson Rock infostealer intelligence module

[0xdevhere]

Summary

• Adds a new passive subdomain enumeration module (hudsonrock) that queries Hudson Rock's free Cavalier API for URLs associated with a domain
• Data is sourced from computers infected with infostealer malware, surfacing URLs that typically cannot be found through conventional means
• Follows the same structure and event flow as the existing urlscan module (produces DNS_NAME and URL_UNVERIFIED events, supports the urls option toggle)
• Censored/redacted URLs (containing *) from the free API tier are automatically filtered out

Resolves #1456

Test plan

• Verified module loads and is recognized by bbot (bbot -l | grep hudson)
• Tested against tesla.com — produces 2 DNS_NAME events (auth.tesla.com, sso.tesla.com) and 9 URL_UNVERIFIED events
• Confirmed events flow correctly through the bbot pipeline (dnsresolve, cloudcheck, output modules)
• Verified no impact on existing modules

Made with Cursor

[liquidsec]

Hi, thanks for the PR. Since we are approaching 3.0 release, any new modules at this point need to be targeted to the 3.0 branch. I'll go ahead and change the target branch in the PR.