greynoise 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: a0aaed790f898a678caa7db7632a0324b73bcfb7b2fa8f986fe5e23ba4ac9932
4
+ data.tar.gz: 2eafa81198fcc88f902b66ddc9afc6de66b232e2ecf374624c4b507bf1c5c17e
5
+ SHA512:
6
+ metadata.gz: f42b5a74e4d7b626749b11f99e804f664e86fbd5af377611d2f19f71d5ebf3f5ddf618a2ec7e58f1fd7bbbce733bba5ec0518d8dd6088a36786b373341150bbf
7
+ data.tar.gz: 6ab1ff0c748e2290f08642bd5c95db7328dcf3ea2f1d9f93b57cb1764f6e629263ca2e451033f97de1a28e712a39f26b939b0007b5fb98c242f561aff1d72bda
@@ -0,0 +1,58 @@
1
+ *.gem
2
+ *.rbc
3
+ /.config
4
+ /coverage/
5
+ /InstalledFiles
6
+ /pkg/
7
+ /spec/reports/
8
+ /spec/examples.txt
9
+ /test/tmp/
10
+ /test/version_tmp/
11
+ /tmp/
12
+
13
+ # Used by dotenv library to load environment variables.
14
+ # .env
15
+
16
+ # Ignore Byebug command history file.
17
+ .byebug_history
18
+
19
+ ## Specific to RubyMotion:
20
+ .dat*
21
+ .repl_history
22
+ build/
23
+ *.bridgesupport
24
+ build-iPhoneOS/
25
+ build-iPhoneSimulator/
26
+
27
+ ## Specific to RubyMotion (use of CocoaPods):
28
+ #
29
+ # We recommend against adding the Pods directory to your .gitignore. However
30
+ # you should judge for yourself, the pros and cons are mentioned at:
31
+ # https://guides.cocoapods.org/using/using-cocoapods.html#should-i-check-the-pods-directory-into-source-control
32
+ #
33
+ # vendor/Pods/
34
+
35
+ ## Documentation cache and generated files:
36
+ /.yardoc/
37
+ /_yardoc/
38
+ /doc/
39
+ /rdoc/
40
+
41
+ ## Environment normalization:
42
+ /.bundle/
43
+ /vendor/bundle
44
+ /lib/bundler/man/
45
+
46
+ # for a library or gem, you might want to ignore these files since the code is
47
+ # intended to run in multiple environments; otherwise, check them in:
48
+ Gemfile.lock
49
+ .ruby-version
50
+ .ruby-gemset
51
+
52
+ # unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
53
+ .rvmrc
54
+
55
+ # Used by RuboCop. Remote config files pulled in from inherit_from directive.
56
+ # .rubocop-https?--*
57
+
58
+ .rspec_status
data/.rspec ADDED
@@ -0,0 +1,3 @@
1
+ --format documentation
2
+ --color
3
+ --require spec_helper
@@ -0,0 +1,6 @@
1
+ ---
2
+ language: ruby
3
+ cache: bundler
4
+ rvm:
5
+ - 2.6
6
+ before_install: gem install bundler -v 2.1
data/Gemfile ADDED
@@ -0,0 +1,6 @@
1
+ # frozen_string_literal: true
2
+
3
+ source "https://rubygems.org"
4
+
5
+ # Specify your gem's dependencies in greynoise.gemspec
6
+ gemspec
data/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2020 Manabu Niseki
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
@@ -0,0 +1,37 @@
1
+ # greynoise
2
+
3
+ [![Build Status](https://travis-ci.com/ninoseki/greynoise.svg?branch=master)](https://travis-ci.com/ninoseki/greynoise)
4
+ [![Coverage Status](https://coveralls.io/repos/github/ninoseki/greynoise/badge.svg?branch=master)](https://coveralls.io/github/ninoseki/greynoise?branch=master)
5
+ [![CodeFactor](https://www.codefactor.io/repository/github/ninoseki/greynoise/badge)](https://www.codefactor.io/repository/github/ninoseki/greynoise)
6
+
7
+ GreyNoise API wrapper for Ruby.
8
+
9
+ ## Installation
10
+
11
+ ```bash
12
+ gem install greynoise
13
+ ```
14
+
15
+ ## Usage
16
+
17
+ ```ruby
18
+ require "greynoise"
19
+
20
+ # when given nothing, it tries to load your API key via ENV["GREYNOISE_API_KEY"]
21
+ api = GreyNoise::API.new
22
+ # or you can set it manually
23
+ api = GreyNoise::API.new(key: YOUR_API_KEY)
24
+
25
+ api.experimental.gnql(query)
26
+ api.experimental.gnql_stats(query)
27
+
28
+ api.noise.context(ip)
29
+ api.noise.quick(ip)
30
+ api.noise.multi_quick("1.1.1.1", "8.8.8.8")
31
+
32
+ api.meta.metadata
33
+ ```
34
+
35
+ ## License
36
+
37
+ The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
@@ -0,0 +1,8 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "bundler/gem_tasks"
4
+ require "rspec/core/rake_task"
5
+
6
+ RSpec::Core::RakeTask.new(:spec)
7
+
8
+ task default: :spec
@@ -0,0 +1,15 @@
1
+ #!/usr/bin/env ruby
2
+ # frozen_string_literal: true
3
+
4
+ require "bundler/setup"
5
+ require "greynoise"
6
+
7
+ # You can add fixtures and/or initialization code here to make experimenting
8
+ # with your gem easier. You can also use a different console, if you like.
9
+
10
+ # (If you use this, don't forget to add pry to your Gemfile!)
11
+ # require "pry"
12
+ # Pry.start
13
+
14
+ require "irb"
15
+ IRB.start(__FILE__)
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
@@ -0,0 +1,36 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative 'lib/greynoise/version'
4
+
5
+ Gem::Specification.new do |spec|
6
+ spec.name = "greynoise"
7
+ spec.version = GreyNoise::VERSION
8
+ spec.authors = ["Manabu Niseki"]
9
+ spec.email = ["manabu.niseki@gmail.com"]
10
+
11
+ spec.summary = "GreyNoise API wrapper for Ruby"
12
+ spec.description = "GreyNoise API wrapper for Ruby"
13
+ spec.homepage = "https://github.com/ninoseki/greynoise"
14
+ spec.license = "MIT"
15
+ spec.required_ruby_version = Gem::Requirement.new(">= 2.3.0")
16
+
17
+ spec.metadata["homepage_uri"] = spec.homepage
18
+ spec.metadata["source_code_uri"] = "https://github.com/ninoseki/greynoise"
19
+ spec.metadata["changelog_uri"] = "https://github.com/ninoseki/greynoise/CHANGELOG.md"
20
+
21
+ # Specify which files should be added to the gem when it is released.
22
+ # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
23
+ spec.files = Dir.chdir(File.expand_path(__dir__)) do
24
+ `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
25
+ end
26
+ spec.bindir = "exe"
27
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
28
+ spec.require_paths = ["lib"]
29
+
30
+ spec.add_development_dependency "bundler", "~> 2.1"
31
+ spec.add_development_dependency "coveralls", "~> 0.8"
32
+ spec.add_development_dependency "rake", "~> 13.0"
33
+ spec.add_development_dependency "rspec", "~> 3.9"
34
+ spec.add_development_dependency "vcr", "~> 5.0"
35
+ spec.add_development_dependency "webmock", "~> 3.8"
36
+ end
@@ -0,0 +1,15 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "greynoise/version"
4
+
5
+ require "greynoise/clients/client"
6
+
7
+ require "greynoise/clients/experimental"
8
+ require "greynoise/clients/noise"
9
+ require "greynoise/clients/meta"
10
+
11
+ require "greynoise/api"
12
+
13
+ module GreyNoise
14
+ class Error < StandardError; end
15
+ end
@@ -0,0 +1,21 @@
1
+ # frozen_string_literal: true
2
+
3
+ module GreyNoise
4
+ class API
5
+ def initialize(key: ENV["GREYNOISE_API_KEY"])
6
+ @key = key
7
+ end
8
+
9
+ def experimental
10
+ @experimental ||= Clients::Experimental.new(@key)
11
+ end
12
+
13
+ def meta
14
+ @meta ||= Clients::Meta.new(@key)
15
+ end
16
+
17
+ def noise
18
+ @noise ||= Clients::Noise.new(@key)
19
+ end
20
+ end
21
+ end
@@ -0,0 +1,73 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "json"
4
+ require "net/https"
5
+ require "uri"
6
+
7
+ module GreyNoise
8
+ module Clients
9
+ class Client
10
+ HOST = "api.greynoise.io"
11
+ VERSION = "v2"
12
+ BASE_URL = "https://#{HOST}/#{VERSION}"
13
+
14
+ attr_reader :key
15
+
16
+ def initialize(key)
17
+ @key = key
18
+ end
19
+
20
+ private
21
+
22
+ def url_for(path)
23
+ URI(BASE_URL + path)
24
+ end
25
+
26
+ def https_options
27
+ if proxy = ENV["HTTPS_PROXY"] || ENV["https_proxy"]
28
+ uri = URI(proxy)
29
+ {
30
+ proxy_address: uri.hostname,
31
+ proxy_port: uri.port,
32
+ proxy_from_env: false,
33
+ use_ssl: true
34
+ }
35
+ else
36
+ { use_ssl: true }
37
+ end
38
+ end
39
+
40
+ def request(req)
41
+ Net::HTTP.start(HOST, 443, https_options) do |http|
42
+ req["key"] = key
43
+
44
+ response = http.request(req)
45
+
46
+ code = response.code.to_i
47
+ body = response.body
48
+ json = JSON.parse(body) if response["Content-Type"].to_s.include?("application/json")
49
+
50
+ case code
51
+ when 200
52
+ if json
53
+ yield json
54
+ else
55
+ yield body
56
+ end
57
+ else
58
+ status = json ? json.dig("status") : body
59
+ raise Error, "Unsupported response code returned: #{code} - #{status}"
60
+ end
61
+ end
62
+ end
63
+
64
+ def _get(path, params = {}, &block)
65
+ uri = url_for(path)
66
+ uri.query = URI.encode_www_form(params)
67
+ get = Net::HTTP::Get.new(uri)
68
+
69
+ request(get, &block)
70
+ end
71
+ end
72
+ end
73
+ end
@@ -0,0 +1,41 @@
1
+ # frozen_string_literal: true
2
+
3
+ module GreyNoise
4
+ module Clients
5
+ class Experimental < Client
6
+ #
7
+ # GNQL (GreyNoise Query Language) is a domain-specific query language that uses Lucene deep under the hood
8
+ #
9
+ # @param [String] query GNQL query string
10
+ # @param [Integer, nil] size Maximum amount of results to grab
11
+ # @param [Integer, nil] scroll Scroll token to paginate through results
12
+ #
13
+ # @return [Hash]
14
+ #
15
+ def gnql(query, size: nil, scroll: nil)
16
+ params = {
17
+ query: query,
18
+ size: size,
19
+ scroll: scroll
20
+ }.compact
21
+ _get("/experimental/gnql", params) { |json| json }
22
+ end
23
+
24
+ #
25
+ # Get aggregate statistics for the top organizations, actors, tags, ASNs, countries, classifications, and operating systems of all the results of a given GNQL query.
26
+ #
27
+ # @param [String] query GNQL query string
28
+ # @param [Integer, nil] count Number of top aggregates to grab
29
+ #
30
+ # @return [Hash]
31
+ #
32
+ def gnql_stats(query, count: nil)
33
+ params = {
34
+ query: query,
35
+ count: count
36
+ }.compact
37
+ _get("/experimental/gnql/stats", params) { |json| json }
38
+ end
39
+ end
40
+ end
41
+ end
@@ -0,0 +1,18 @@
1
+ # frozen_string_literal: true
2
+
3
+ module GreyNoise
4
+ module Clients
5
+ class Meta < Client
6
+ #
7
+ # Get more information about a given IP address.
8
+ #
9
+ # @param [String] ip an IP address
10
+ #
11
+ # @return [Hash]
12
+ #
13
+ def metadata
14
+ _get("/meta/metadata") { |json| json }
15
+ end
16
+ end
17
+ end
18
+ end
@@ -0,0 +1,43 @@
1
+ # frozen_string_literal: true
2
+
3
+ module GreyNoise
4
+ module Clients
5
+ class Noise < Client
6
+ #
7
+ # Get more information about a given IP address.
8
+ #
9
+ # @param [String] ip an IP address
10
+ #
11
+ # @return [Hash]
12
+ #
13
+ def context(ip)
14
+ _get("/noise/context/#{ip}") { |json| json }
15
+ end
16
+
17
+ #
18
+ # Check whether a given IP address is “Internet background noise”, or has been observed scanning or attacking devices across the Internet.
19
+ #
20
+ # @param [String] ip an IP address
21
+ #
22
+ # @return [Hash]
23
+ #
24
+ def quick(ip)
25
+ _get("/noise/quick/#{ip}") { |json| json }
26
+ end
27
+
28
+ #
29
+ # Check whether a set of IP addresses are "Internet background noise", or have been observed scanning or attacking devices across the Internet.
30
+ #
31
+ # @param [Array<String>] *ips a set of IP address
32
+ #
33
+ # @return [Array]
34
+ #
35
+ def multi_quick(*ips)
36
+ params = {
37
+ ips: ips.join(",")
38
+ }
39
+ _get("/noise/multi/quick", params) { |json| json }
40
+ end
41
+ end
42
+ end
43
+ end
@@ -0,0 +1,5 @@
1
+ # frozen_string_literal: true
2
+
3
+ module GreyNoise
4
+ VERSION = "0.1.0"
5
+ end
metadata ADDED
@@ -0,0 +1,147 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: greynoise
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Manabu Niseki
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2020-01-27 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: bundler
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '2.1'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '2.1'
27
+ - !ruby/object:Gem::Dependency
28
+ name: coveralls
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '0.8'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '0.8'
41
+ - !ruby/object:Gem::Dependency
42
+ name: rake
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '13.0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '13.0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rspec
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '3.9'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '3.9'
69
+ - !ruby/object:Gem::Dependency
70
+ name: vcr
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: '5.0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: '5.0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: webmock
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: '3.8'
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - "~>"
95
+ - !ruby/object:Gem::Version
96
+ version: '3.8'
97
+ description: GreyNoise API wrapper for Ruby
98
+ email:
99
+ - manabu.niseki@gmail.com
100
+ executables: []
101
+ extensions: []
102
+ extra_rdoc_files: []
103
+ files:
104
+ - ".gitignore"
105
+ - ".rspec"
106
+ - ".travis.yml"
107
+ - Gemfile
108
+ - LICENSE
109
+ - README.md
110
+ - Rakefile
111
+ - bin/console
112
+ - bin/setup
113
+ - greynoise.gemspec
114
+ - lib/greynoise.rb
115
+ - lib/greynoise/api.rb
116
+ - lib/greynoise/clients/client.rb
117
+ - lib/greynoise/clients/experimental.rb
118
+ - lib/greynoise/clients/meta.rb
119
+ - lib/greynoise/clients/noise.rb
120
+ - lib/greynoise/version.rb
121
+ homepage: https://github.com/ninoseki/greynoise
122
+ licenses:
123
+ - MIT
124
+ metadata:
125
+ homepage_uri: https://github.com/ninoseki/greynoise
126
+ source_code_uri: https://github.com/ninoseki/greynoise
127
+ changelog_uri: https://github.com/ninoseki/greynoise/CHANGELOG.md
128
+ post_install_message:
129
+ rdoc_options: []
130
+ require_paths:
131
+ - lib
132
+ required_ruby_version: !ruby/object:Gem::Requirement
133
+ requirements:
134
+ - - ">="
135
+ - !ruby/object:Gem::Version
136
+ version: 2.3.0
137
+ required_rubygems_version: !ruby/object:Gem::Requirement
138
+ requirements:
139
+ - - ">="
140
+ - !ruby/object:Gem::Version
141
+ version: '0'
142
+ requirements: []
143
+ rubygems_version: 3.0.3
144
+ signing_key:
145
+ specification_version: 4
146
+ summary: GreyNoise API wrapper for Ruby
147
+ test_files: []