fushin 0.3.1 → 0.3.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/fushin/models/website.rb +3 -3
- data/lib/fushin/monitor.rb +0 -1
- data/lib/fushin/posts/post.rb +10 -16
- data/lib/fushin/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: eaed16618a5b214257cde6a34a750b61786c40adcddca7ebb8bb80b3e91014ce
|
|
4
|
+
data.tar.gz: c7593de893e79d23c042e03026902e04152552d0db79cbf63daba199d8567940
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 45db8c8062c76b474eef6d7d0c80554fc402ef320df9fbd4645d64f982ad178a6d853b79fafdda01d63b0399228cbf65dadef8948de53b2fdcefb8bff304209a
|
|
7
|
+
data.tar.gz: e17eca676c394e5900baa609641de46e6c8033b3b3ccf2c8d9257678982717082a5b51eb66672586bdf933c8c4e55a513bc4c49be46524d473373716a3ba4a5b
|
|
@@ -25,12 +25,12 @@ module Fushin
|
|
|
25
25
|
"https://urlscan.io/domain/#{domain}"
|
|
26
26
|
end
|
|
27
27
|
|
|
28
|
-
def
|
|
29
|
-
uri.path.empty? ? "#{url}/" : url
|
|
28
|
+
def normalized_url
|
|
29
|
+
@normalized_url ||= uri.path.empty? ? "#{url}/" : url
|
|
30
30
|
end
|
|
31
31
|
|
|
32
32
|
def vt_link
|
|
33
|
-
"https://www.virustotal.com/#/url/#{Digest::SHA256.hexdigest(
|
|
33
|
+
"https://www.virustotal.com/#/url/#{Digest::SHA256.hexdigest(normalized_url)}"
|
|
34
34
|
end
|
|
35
35
|
|
|
36
36
|
def to_attachements
|
data/lib/fushin/monitor.rb
CHANGED
|
@@ -14,7 +14,6 @@ module Fushin
|
|
|
14
14
|
attachements = [].tap do |out|
|
|
15
15
|
out << item.post.btcs.map(&:to_attachements)
|
|
16
16
|
out << item.post.urls.map(&:to_attachements)
|
|
17
|
-
out << item.post.links.map(&:to_attachements)
|
|
18
17
|
out << item.post.attachements.map(&:to_attachements)
|
|
19
18
|
end.flatten
|
|
20
19
|
attachements << { text: "IoC is not found." } if attachements.empty?
|
data/lib/fushin/posts/post.rb
CHANGED
|
@@ -28,33 +28,26 @@ module Fushin
|
|
|
28
28
|
end.first
|
|
29
29
|
end
|
|
30
30
|
|
|
31
|
-
def main_text
|
|
32
|
-
@main_text ||= [].tap do |out|
|
|
33
|
-
detection = CharlockHolmes::EncodingDetector.detect(main.text)
|
|
34
|
-
out << CharlockHolmes::Converter.convert(main.text, detection[:encoding], "UTF-8")
|
|
35
|
-
end.first
|
|
36
|
-
end
|
|
37
|
-
|
|
38
31
|
def btcs
|
|
39
|
-
@btcs ||=
|
|
32
|
+
@btcs ||= main.text.scan(/\b[13][a-km-zA-HJ-NP-Z0-9]{26,33}\b/).uniq.map do |address|
|
|
40
33
|
Models::BTC.new(address)
|
|
41
34
|
end
|
|
42
35
|
end
|
|
43
36
|
|
|
44
37
|
def urls
|
|
45
|
-
@urls ||=
|
|
38
|
+
@urls ||= (urls_in_text + links).uniq.map do |url|
|
|
46
39
|
next if whitelisted_domain?(url)
|
|
47
40
|
|
|
48
41
|
Models::Website.new(url)
|
|
49
|
-
end.compact
|
|
42
|
+
end.compact.uniq(&:normalized_url)
|
|
50
43
|
end
|
|
51
44
|
|
|
52
|
-
def
|
|
53
|
-
@
|
|
54
|
-
|
|
45
|
+
def urls_in_text
|
|
46
|
+
@urls_in_text ||= main.text.scan(UrlRegex.get(scheme_required: true, mode: :parsing))
|
|
47
|
+
end
|
|
55
48
|
|
|
56
|
-
|
|
57
|
-
|
|
49
|
+
def links
|
|
50
|
+
@links ||= main.css("a").map { |a| a.get("href") }.compact
|
|
58
51
|
end
|
|
59
52
|
|
|
60
53
|
def attachements
|
|
@@ -90,7 +83,8 @@ module Fushin
|
|
|
90
83
|
res = HTTP.get(url)
|
|
91
84
|
return nil unless res.code == 200
|
|
92
85
|
|
|
93
|
-
res.body.to_s
|
|
86
|
+
detection = CharlockHolmes::EncodingDetector.detect(res.body.to_s)
|
|
87
|
+
CharlockHolmes::Converter.convert(res.body.to_s, detection[:encoding], "UTF-8")
|
|
94
88
|
end
|
|
95
89
|
end
|
|
96
90
|
end
|
data/lib/fushin/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fushin
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Manabu Niseki
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-02-
|
|
11
|
+
date: 2019-02-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|