fushin 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +9 -1
- data/fushin.gemspec +1 -0
- data/lib/fushin/models/btc.rb +6 -6
- data/lib/fushin/models/website.rb +3 -1
- data/lib/fushin/version.rb +1 -1
- metadata +16 -3
- data/lib/fushin/http/headers.rb +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f402cb7c3070e77bb107ced253fd8e45523cc3b3b9959513f7f433bc09b509f4
|
|
4
|
+
data.tar.gz: ec513abb9b13997529979700eb708512265d5c5453ea5fe66f95dee6588f18f6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a7fdd518f8563d0ad64fc10d26040ba9d28148592d3aa76163d0bd7007bc3b54c9f3271b8e6b29029f2220503cdd6973da622edccf9c95bdf3419b3cc71d7efc
|
|
7
|
+
data.tar.gz: 5d66cc5cedd1cbc2d8e940a90f1bda5405a1bccaac070a9fd27690d4f9b9b2e4ce0a112688f29c61f3a191976c957c5ea429b3a96d0edb3926da3e335a3b555f
|
data/README.md
CHANGED
|
@@ -12,7 +12,7 @@ A malicious blog posts monitoring tool.
|
|
|
12
12
|
- [x] Extract IoCs(BTC, URL) from a blog post
|
|
13
13
|
- [x] Post extracted IoCs to Slack (or STDOUT) with enrichment
|
|
14
14
|
- [x] Attachment handling
|
|
15
|
-
- Scan a URL
|
|
15
|
+
- Scan a URL on Hybrid Analysis
|
|
16
16
|
|
|
17
17
|
## Supported blog types
|
|
18
18
|
|
|
@@ -28,6 +28,14 @@ A malicious blog posts monitoring tool.
|
|
|
28
28
|
gem install fushin
|
|
29
29
|
```
|
|
30
30
|
|
|
31
|
+
## Configuration
|
|
32
|
+
|
|
33
|
+
Please set the following environment variables:
|
|
34
|
+
|
|
35
|
+
- `SLACK_WEBHOOK_URL`: Slack Webhook URL
|
|
36
|
+
- `SLACK_CHANNEL`: Slack channel name
|
|
37
|
+
- `HA_API_KEY`: Hybrid Analysis API key
|
|
38
|
+
|
|
31
39
|
## Usage
|
|
32
40
|
|
|
33
41
|
```shell
|
data/fushin.gemspec
CHANGED
|
@@ -33,6 +33,7 @@ Gem::Specification.new do |spec|
|
|
|
33
33
|
spec.add_development_dependency "webmock", "~> 3.5"
|
|
34
34
|
|
|
35
35
|
spec.add_dependency "charlock_holmes", '~> 0.7'
|
|
36
|
+
spec.add_dependency "embiggen", "~> 1.5"
|
|
36
37
|
spec.add_dependency "http", "~> 4.0"
|
|
37
38
|
spec.add_dependency "lightly", "~> 0.3"
|
|
38
39
|
spec.add_dependency "oga", "~> 2.15"
|
data/lib/fushin/models/btc.rb
CHANGED
|
@@ -12,18 +12,18 @@ module Fushin
|
|
|
12
12
|
"BTC: #{address}"
|
|
13
13
|
end
|
|
14
14
|
|
|
15
|
-
def
|
|
16
|
-
"https://www.
|
|
15
|
+
def bitcoin_abuse_link
|
|
16
|
+
"https://www.bitcoinabuse.com/reports/#{address}"
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def to_attachements
|
|
20
20
|
[
|
|
21
21
|
{
|
|
22
|
-
fallback: "
|
|
22
|
+
fallback: "bitcoinabuse.com link",
|
|
23
23
|
title: title,
|
|
24
|
-
title_link:
|
|
25
|
-
footer: "
|
|
26
|
-
footer_icon: "http://www.google.com/s2/favicons?domain=
|
|
24
|
+
title_link: bitcoin_abuse_link,
|
|
25
|
+
footer: "bitcoinabuse.com",
|
|
26
|
+
footer_icon: "http://www.google.com/s2/favicons?domain=bitcoinabuse.com"
|
|
27
27
|
}
|
|
28
28
|
]
|
|
29
29
|
end
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
require "embiggen"
|
|
3
4
|
require "digest/sha2"
|
|
4
5
|
require "uri"
|
|
5
6
|
|
|
@@ -8,7 +9,8 @@ module Fushin
|
|
|
8
9
|
class Website < Model
|
|
9
10
|
attr_reader :url
|
|
10
11
|
def initialize(url)
|
|
11
|
-
|
|
12
|
+
uri = Embiggen::URI(url)
|
|
13
|
+
@url = uri.expand.to_s
|
|
12
14
|
end
|
|
13
15
|
|
|
14
16
|
def uri
|
data/lib/fushin/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fushin
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Manabu Niseki
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-02-
|
|
11
|
+
date: 2019-02-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -122,6 +122,20 @@ dependencies:
|
|
|
122
122
|
- - "~>"
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
124
|
version: '0.7'
|
|
125
|
+
- !ruby/object:Gem::Dependency
|
|
126
|
+
name: embiggen
|
|
127
|
+
requirement: !ruby/object:Gem::Requirement
|
|
128
|
+
requirements:
|
|
129
|
+
- - "~>"
|
|
130
|
+
- !ruby/object:Gem::Version
|
|
131
|
+
version: '1.5'
|
|
132
|
+
type: :runtime
|
|
133
|
+
prerelease: false
|
|
134
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
135
|
+
requirements:
|
|
136
|
+
- - "~>"
|
|
137
|
+
- !ruby/object:Gem::Version
|
|
138
|
+
version: '1.5'
|
|
125
139
|
- !ruby/object:Gem::Dependency
|
|
126
140
|
name: http
|
|
127
141
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -229,7 +243,6 @@ files:
|
|
|
229
243
|
- lib/fushin/cache.rb
|
|
230
244
|
- lib/fushin/config/whitelisted_domains.yml
|
|
231
245
|
- lib/fushin/erros.rb
|
|
232
|
-
- lib/fushin/http/headers.rb
|
|
233
246
|
- lib/fushin/hybrid_analysis.rb
|
|
234
247
|
- lib/fushin/item.rb
|
|
235
248
|
- lib/fushin/models/attachment.rb
|
data/lib/fushin/http/headers.rb
DELETED
|
File without changes
|