mihari 0.13.0 → 0.13.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/mihari.rb +1 -0
- data/lib/mihari/analyzers/base.rb +12 -7
- data/lib/mihari/analyzers/censys.rb +1 -1
- data/lib/mihari/analyzers/circl.rb +1 -1
- data/lib/mihari/analyzers/passivetotal.rb +1 -1
- data/lib/mihari/analyzers/securitytrails.rb +1 -1
- data/lib/mihari/analyzers/securitytrails_domain_feed.rb +3 -3
- data/lib/mihari/analyzers/urlscan.rb +1 -1
- data/lib/mihari/analyzers/virustotal.rb +1 -1
- data/lib/mihari/analyzers/zoomeye.rb +1 -1
- data/lib/mihari/emitters/base.rb +5 -0
- data/lib/mihari/errors.rb +1 -0
- data/lib/mihari/retriable.rb +17 -0
- data/lib/mihari/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: df5ec8a92b6bf1622274b5b488aa544520d15f0360e5274ba466f324f49d0e0e
|
|
4
|
+
data.tar.gz: eb6149534d02b0ee551f37b7f01a65e3c936851fdb589bf21b1b938cb2f9d963
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 51bd37cf056ad05ba6c5abd499b045ef963de6bb30414168229826a390ff0ee66a751204d6210336e668092a397f4d879c3a0ad39fcd84b381f11c77b42d7c74
|
|
7
|
+
data.tar.gz: c1ad6709246b86ede8a204b2db51af678149fd5bccfec2701c6562cf52123b1215c18a644091e49f23f352e8d248bc40e1fc84523491c5893670b9bb8f3ee7d8
|
data/lib/mihari.rb
CHANGED
|
@@ -6,6 +6,7 @@ module Mihari
|
|
|
6
6
|
module Analyzers
|
|
7
7
|
class Base
|
|
8
8
|
include Configurable
|
|
9
|
+
include Retriable
|
|
9
10
|
|
|
10
11
|
# @return [Array<String>, Array<Mihari::Artifact>]
|
|
11
12
|
def artifacts
|
|
@@ -30,16 +31,13 @@ module Mihari
|
|
|
30
31
|
def run
|
|
31
32
|
set_unique_artifacts
|
|
32
33
|
|
|
33
|
-
Parallel.each(
|
|
34
|
-
emitter = emitter_class.new
|
|
35
|
-
next unless emitter.valid?
|
|
36
|
-
|
|
34
|
+
Parallel.each(valid_emitters) do |emitter|
|
|
37
35
|
run_emitter emitter
|
|
38
36
|
end
|
|
39
37
|
end
|
|
40
38
|
|
|
41
39
|
def run_emitter(emitter)
|
|
42
|
-
emitter.
|
|
40
|
+
emitter.run(title: title, description: description, artifacts: unique_artifacts, tags: tags)
|
|
43
41
|
rescue StandardError => e
|
|
44
42
|
puts "Emission by #{emitter.class} is failed: #{e}"
|
|
45
43
|
end
|
|
@@ -60,7 +58,7 @@ module Mihari
|
|
|
60
58
|
|
|
61
59
|
# @return [Array<Mihari::Artifact>]
|
|
62
60
|
def normalized_artifacts
|
|
63
|
-
@normalized_artifacts ||= artifacts.compact.uniq.map do |artifact|
|
|
61
|
+
@normalized_artifacts ||= artifacts.compact.uniq.sort.map do |artifact|
|
|
64
62
|
artifact.is_a?(Artifact) ? artifact : Artifact.new(artifact)
|
|
65
63
|
end.select(&:valid?)
|
|
66
64
|
end
|
|
@@ -79,11 +77,18 @@ module Mihari
|
|
|
79
77
|
end
|
|
80
78
|
|
|
81
79
|
def set_unique_artifacts
|
|
82
|
-
unique_artifacts
|
|
80
|
+
retry_on_timeout { unique_artifacts }
|
|
83
81
|
rescue ArgumentError => _e
|
|
84
82
|
klass = self.class.to_s.split("::").last.to_s
|
|
85
83
|
raise Error, "Please configure #{klass} API settings properly"
|
|
86
84
|
end
|
|
85
|
+
|
|
86
|
+
def valid_emitters
|
|
87
|
+
@valid_emitters ||= Mihari.emitters.map do |klass|
|
|
88
|
+
emitter = klass.new
|
|
89
|
+
emitter.valid? ? emitter : nil
|
|
90
|
+
end.compact
|
|
91
|
+
end
|
|
87
92
|
end
|
|
88
93
|
end
|
|
89
94
|
end
|
|
@@ -41,7 +41,7 @@ module Mihari
|
|
|
41
41
|
when "hash"
|
|
42
42
|
passive_ssl_lookup
|
|
43
43
|
else
|
|
44
|
-
raise
|
|
44
|
+
raise InvalidInputError, "#{@query}(type: #{@type || 'unknown'}) is not supported."
|
|
45
45
|
end
|
|
46
46
|
rescue ::PassiveCIRCL::Error => _e
|
|
47
47
|
nil
|
|
@@ -52,7 +52,7 @@ module Mihari
|
|
|
52
52
|
when "hash"
|
|
53
53
|
ssl_lookup
|
|
54
54
|
else
|
|
55
|
-
raise
|
|
55
|
+
raise InvalidInputError, "#{query}(type: #{type || 'unknown'}) is not supported." unless valid_type?
|
|
56
56
|
end
|
|
57
57
|
rescue ::PassiveTotal::Error => _e
|
|
58
58
|
nil
|
|
@@ -50,7 +50,7 @@ module Mihari
|
|
|
50
50
|
when "mail"
|
|
51
51
|
mail_lookup
|
|
52
52
|
else
|
|
53
|
-
raise
|
|
53
|
+
raise InvalidInputError, "#{query}(type: #{type || 'unknown'}) is not supported." unless valid_type?
|
|
54
54
|
end
|
|
55
55
|
rescue ::SecurityTrails::Error => _e
|
|
56
56
|
nil
|
|
@@ -17,8 +17,8 @@ module Mihari
|
|
|
17
17
|
@_regexp = regexp
|
|
18
18
|
@type = type
|
|
19
19
|
|
|
20
|
-
raise
|
|
21
|
-
raise
|
|
20
|
+
raise InvalidInputError, "#{@_regexp} is not a valid regexp" unless regexp
|
|
21
|
+
raise InvalidInputError, "#{type} is not a valid type" unless valid_type?
|
|
22
22
|
|
|
23
23
|
@title = title || "SecurityTrails domain feed lookup"
|
|
24
24
|
@description = description || "Regexp = /#{@_regexp}/"
|
|
@@ -45,7 +45,7 @@ module Mihari
|
|
|
45
45
|
|
|
46
46
|
def regexp
|
|
47
47
|
@regexp ||= Regexp.compile(@_regexp)
|
|
48
|
-
rescue
|
|
48
|
+
rescue InvalidInputError => _e
|
|
49
49
|
nil
|
|
50
50
|
end
|
|
51
51
|
|
|
@@ -20,7 +20,7 @@ module Mihari
|
|
|
20
20
|
@tags = tags
|
|
21
21
|
@target_type = target_type
|
|
22
22
|
|
|
23
|
-
raise
|
|
23
|
+
raise InvalidInputError, "type should be url, domain or ip." unless valid_target_type?
|
|
24
24
|
end
|
|
25
25
|
|
|
26
26
|
def artifacts
|
|
@@ -48,7 +48,7 @@ module Mihari
|
|
|
48
48
|
when "ip"
|
|
49
49
|
ip_lookup
|
|
50
50
|
else
|
|
51
|
-
raise
|
|
51
|
+
raise InvalidInputError, "#{indicator}(type: #{type || 'unknown'}) is not supported." unless valid_type?
|
|
52
52
|
end
|
|
53
53
|
rescue ::VirusTotal::Error => _e
|
|
54
54
|
nil
|
data/lib/mihari/emitters/base.rb
CHANGED
|
@@ -4,6 +4,7 @@ module Mihari
|
|
|
4
4
|
module Emitters
|
|
5
5
|
class Base
|
|
6
6
|
include Configurable
|
|
7
|
+
include Retriable
|
|
7
8
|
|
|
8
9
|
def self.inherited(child)
|
|
9
10
|
Mihari.emitters << child
|
|
@@ -14,6 +15,10 @@ module Mihari
|
|
|
14
15
|
raise NotImplementedError, "You must implement #{self.class}##{__method__}"
|
|
15
16
|
end
|
|
16
17
|
|
|
18
|
+
def run(**params)
|
|
19
|
+
retry_on_timeout { emit(params) }
|
|
20
|
+
end
|
|
21
|
+
|
|
17
22
|
def emit(*)
|
|
18
23
|
raise NotImplementedError, "You must implement #{self.class}##{__method__}"
|
|
19
24
|
end
|
data/lib/mihari/errors.rb
CHANGED
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Mihari
|
|
4
|
+
module Retriable
|
|
5
|
+
def retry_on_timeout(times: 3, interval: 10)
|
|
6
|
+
try = 0
|
|
7
|
+
begin
|
|
8
|
+
try += 1
|
|
9
|
+
yield
|
|
10
|
+
rescue Timeout::Error => _e
|
|
11
|
+
sleep interval
|
|
12
|
+
retry if try < times
|
|
13
|
+
raise
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
data/lib/mihari/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: mihari
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.13.
|
|
4
|
+
version: 0.13.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Manabu Niseki
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-10-
|
|
11
|
+
date: 2019-10-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -494,6 +494,7 @@ files:
|
|
|
494
494
|
- lib/mihari/notifiers/base.rb
|
|
495
495
|
- lib/mihari/notifiers/exception_notifier.rb
|
|
496
496
|
- lib/mihari/notifiers/slack.rb
|
|
497
|
+
- lib/mihari/retriable.rb
|
|
497
498
|
- lib/mihari/status.rb
|
|
498
499
|
- lib/mihari/the_hive.rb
|
|
499
500
|
- lib/mihari/the_hive/alert.rb
|