mihari 0.13.0 → 0.13.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/mihari.rb +1 -0
- data/lib/mihari/analyzers/base.rb +12 -7
- data/lib/mihari/analyzers/censys.rb +1 -1
- data/lib/mihari/analyzers/circl.rb +1 -1
- data/lib/mihari/analyzers/passivetotal.rb +1 -1
- data/lib/mihari/analyzers/securitytrails.rb +1 -1
- data/lib/mihari/analyzers/securitytrails_domain_feed.rb +3 -3
- data/lib/mihari/analyzers/urlscan.rb +1 -1
- data/lib/mihari/analyzers/virustotal.rb +1 -1
- data/lib/mihari/analyzers/zoomeye.rb +1 -1
- data/lib/mihari/emitters/base.rb +5 -0
- data/lib/mihari/errors.rb +1 -0
- data/lib/mihari/retriable.rb +17 -0
- data/lib/mihari/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: df5ec8a92b6bf1622274b5b488aa544520d15f0360e5274ba466f324f49d0e0e
|
|
4
|
+
data.tar.gz: eb6149534d02b0ee551f37b7f01a65e3c936851fdb589bf21b1b938cb2f9d963
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 51bd37cf056ad05ba6c5abd499b045ef963de6bb30414168229826a390ff0ee66a751204d6210336e668092a397f4d879c3a0ad39fcd84b381f11c77b42d7c74
|
|
7
|
+
data.tar.gz: c1ad6709246b86ede8a204b2db51af678149fd5bccfec2701c6562cf52123b1215c18a644091e49f23f352e8d248bc40e1fc84523491c5893670b9bb8f3ee7d8
|
data/lib/mihari.rb
CHANGED
|
@@ -6,6 +6,7 @@ module Mihari
|
|
|
6
6
|
module Analyzers
|
|
7
7
|
class Base
|
|
8
8
|
include Configurable
|
|
9
|
+
include Retriable
|
|
9
10
|
|
|
10
11
|
# @return [Array<String>, Array<Mihari::Artifact>]
|
|
11
12
|
def artifacts
|
|
@@ -30,16 +31,13 @@ module Mihari
|
|
|
30
31
|
def run
|
|
31
32
|
set_unique_artifacts
|
|
32
33
|
|
|
33
|
-
Parallel.each(
|
|
34
|
-
emitter = emitter_class.new
|
|
35
|
-
next unless emitter.valid?
|
|
36
|
-
|
|
34
|
+
Parallel.each(valid_emitters) do |emitter|
|
|
37
35
|
run_emitter emitter
|
|
38
36
|
end
|
|
39
37
|
end
|
|
40
38
|
|
|
41
39
|
def run_emitter(emitter)
|
|
42
|
-
emitter.
|
|
40
|
+
emitter.run(title: title, description: description, artifacts: unique_artifacts, tags: tags)
|
|
43
41
|
rescue StandardError => e
|
|
44
42
|
puts "Emission by #{emitter.class} is failed: #{e}"
|
|
45
43
|
end
|
|
@@ -60,7 +58,7 @@ module Mihari
|
|
|
60
58
|
|
|
61
59
|
# @return [Array<Mihari::Artifact>]
|
|
62
60
|
def normalized_artifacts
|
|
63
|
-
@normalized_artifacts ||= artifacts.compact.uniq.map do |artifact|
|
|
61
|
+
@normalized_artifacts ||= artifacts.compact.uniq.sort.map do |artifact|
|
|
64
62
|
artifact.is_a?(Artifact) ? artifact : Artifact.new(artifact)
|
|
65
63
|
end.select(&:valid?)
|
|
66
64
|
end
|
|
@@ -79,11 +77,18 @@ module Mihari
|
|
|
79
77
|
end
|
|
80
78
|
|
|
81
79
|
def set_unique_artifacts
|
|
82
|
-
unique_artifacts
|
|
80
|
+
retry_on_timeout { unique_artifacts }
|
|
83
81
|
rescue ArgumentError => _e
|
|
84
82
|
klass = self.class.to_s.split("::").last.to_s
|
|
85
83
|
raise Error, "Please configure #{klass} API settings properly"
|
|
86
84
|
end
|
|
85
|
+
|
|
86
|
+
def valid_emitters
|
|
87
|
+
@valid_emitters ||= Mihari.emitters.map do |klass|
|
|
88
|
+
emitter = klass.new
|
|
89
|
+
emitter.valid? ? emitter : nil
|
|
90
|
+
end.compact
|
|
91
|
+
end
|
|
87
92
|
end
|
|
88
93
|
end
|
|
89
94
|
end
|
|
@@ -41,7 +41,7 @@ module Mihari
|
|
|
41
41
|
when "hash"
|
|
42
42
|
passive_ssl_lookup
|
|
43
43
|
else
|
|
44
|
-
raise
|
|
44
|
+
raise InvalidInputError, "#{@query}(type: #{@type || 'unknown'}) is not supported."
|
|
45
45
|
end
|
|
46
46
|
rescue ::PassiveCIRCL::Error => _e
|
|
47
47
|
nil
|
|
@@ -52,7 +52,7 @@ module Mihari
|
|
|
52
52
|
when "hash"
|
|
53
53
|
ssl_lookup
|
|
54
54
|
else
|
|
55
|
-
raise
|
|
55
|
+
raise InvalidInputError, "#{query}(type: #{type || 'unknown'}) is not supported." unless valid_type?
|
|
56
56
|
end
|
|
57
57
|
rescue ::PassiveTotal::Error => _e
|
|
58
58
|
nil
|
|
@@ -50,7 +50,7 @@ module Mihari
|
|
|
50
50
|
when "mail"
|
|
51
51
|
mail_lookup
|
|
52
52
|
else
|
|
53
|
-
raise
|
|
53
|
+
raise InvalidInputError, "#{query}(type: #{type || 'unknown'}) is not supported." unless valid_type?
|
|
54
54
|
end
|
|
55
55
|
rescue ::SecurityTrails::Error => _e
|
|
56
56
|
nil
|
|
@@ -17,8 +17,8 @@ module Mihari
|
|
|
17
17
|
@_regexp = regexp
|
|
18
18
|
@type = type
|
|
19
19
|
|
|
20
|
-
raise
|
|
21
|
-
raise
|
|
20
|
+
raise InvalidInputError, "#{@_regexp} is not a valid regexp" unless regexp
|
|
21
|
+
raise InvalidInputError, "#{type} is not a valid type" unless valid_type?
|
|
22
22
|
|
|
23
23
|
@title = title || "SecurityTrails domain feed lookup"
|
|
24
24
|
@description = description || "Regexp = /#{@_regexp}/"
|
|
@@ -45,7 +45,7 @@ module Mihari
|
|
|
45
45
|
|
|
46
46
|
def regexp
|
|
47
47
|
@regexp ||= Regexp.compile(@_regexp)
|
|
48
|
-
rescue
|
|
48
|
+
rescue InvalidInputError => _e
|
|
49
49
|
nil
|
|
50
50
|
end
|
|
51
51
|
|
|
@@ -20,7 +20,7 @@ module Mihari
|
|
|
20
20
|
@tags = tags
|
|
21
21
|
@target_type = target_type
|
|
22
22
|
|
|
23
|
-
raise
|
|
23
|
+
raise InvalidInputError, "type should be url, domain or ip." unless valid_target_type?
|
|
24
24
|
end
|
|
25
25
|
|
|
26
26
|
def artifacts
|
|
@@ -48,7 +48,7 @@ module Mihari
|
|
|
48
48
|
when "ip"
|
|
49
49
|
ip_lookup
|
|
50
50
|
else
|
|
51
|
-
raise
|
|
51
|
+
raise InvalidInputError, "#{indicator}(type: #{type || 'unknown'}) is not supported." unless valid_type?
|
|
52
52
|
end
|
|
53
53
|
rescue ::VirusTotal::Error => _e
|
|
54
54
|
nil
|
data/lib/mihari/emitters/base.rb
CHANGED
|
@@ -4,6 +4,7 @@ module Mihari
|
|
|
4
4
|
module Emitters
|
|
5
5
|
class Base
|
|
6
6
|
include Configurable
|
|
7
|
+
include Retriable
|
|
7
8
|
|
|
8
9
|
def self.inherited(child)
|
|
9
10
|
Mihari.emitters << child
|
|
@@ -14,6 +15,10 @@ module Mihari
|
|
|
14
15
|
raise NotImplementedError, "You must implement #{self.class}##{__method__}"
|
|
15
16
|
end
|
|
16
17
|
|
|
18
|
+
def run(**params)
|
|
19
|
+
retry_on_timeout { emit(params) }
|
|
20
|
+
end
|
|
21
|
+
|
|
17
22
|
def emit(*)
|
|
18
23
|
raise NotImplementedError, "You must implement #{self.class}##{__method__}"
|
|
19
24
|
end
|
data/lib/mihari/errors.rb
CHANGED
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Mihari
|
|
4
|
+
module Retriable
|
|
5
|
+
def retry_on_timeout(times: 3, interval: 10)
|
|
6
|
+
try = 0
|
|
7
|
+
begin
|
|
8
|
+
try += 1
|
|
9
|
+
yield
|
|
10
|
+
rescue Timeout::Error => _e
|
|
11
|
+
sleep interval
|
|
12
|
+
retry if try < times
|
|
13
|
+
raise
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
data/lib/mihari/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: mihari
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.13.
|
|
4
|
+
version: 0.13.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Manabu Niseki
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-10-
|
|
11
|
+
date: 2019-10-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -494,6 +494,7 @@ files:
|
|
|
494
494
|
- lib/mihari/notifiers/base.rb
|
|
495
495
|
- lib/mihari/notifiers/exception_notifier.rb
|
|
496
496
|
- lib/mihari/notifiers/slack.rb
|
|
497
|
+
- lib/mihari/retriable.rb
|
|
497
498
|
- lib/mihari/status.rb
|
|
498
499
|
- lib/mihari/the_hive.rb
|
|
499
500
|
- lib/mihari/the_hive/alert.rb
|