mihari 1.1.1 → 1.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +8 -1
- data/docker/Dockerfile +1 -1
- data/lib/mihari.rb +2 -0
- data/lib/mihari/analyzers/binaryedge.rb +4 -0
- data/lib/mihari/analyzers/otx.rb +74 -0
- data/lib/mihari/analyzers/passive_dns.rb +2 -1
- data/lib/mihari/analyzers/shodan.rb +4 -0
- data/lib/mihari/analyzers/spyse.rb +77 -0
- data/lib/mihari/analyzers/urlscan.rb +5 -1
- data/lib/mihari/cli.rb +25 -0
- data/lib/mihari/config.rb +6 -0
- data/lib/mihari/errors.rb +1 -0
- data/lib/mihari/retriable.rb +2 -2
- data/lib/mihari/version.rb +1 -1
- data/mihari.gemspec +4 -2
- data/renovate.json +5 -0
- metadata +37 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 512d3ee8179279b931bd9510c652693ead1108ead99c823e26880e2a75234b24
|
|
4
|
+
data.tar.gz: 81946c213ef30712644637e8ea5e01bea36956aad077ed37bdac60d0adf71f19
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d6e8b1e9a8791aebfe042de31b1f895fce4bc20d26a417672eaf4dafa83319f2cfb407ee635fe004f70a9d78441c43398c0af79cde01b3bb39bdcfb1dfd9e0c3
|
|
7
|
+
data.tar.gz: '09ad98242f96474358908d68ef24f2f8711206b698499d18419346004a853ed5cace40df63e1055e82444e43ac9160fa02fc40d0a662d7a17d290a0dee13fb50'
|
data/README.md
CHANGED
|
@@ -67,9 +67,11 @@ Mihari supports the following services by default.
|
|
|
67
67
|
- [DN Pedia](https://dnpedia.com/)
|
|
68
68
|
- [dnstwister](https://dnstwister.report/)
|
|
69
69
|
- [Onyphe](https://onyphe.io)
|
|
70
|
+
- [OTX](https://otx.alienvault.com/)
|
|
70
71
|
- [PassiveTotal](https://community.riskiq.com/)
|
|
71
72
|
- [SecurityTrails](https://securitytrails.com/)
|
|
72
73
|
- [Shodan](https://shodan.io)
|
|
74
|
+
- [Spyse](https://spyse.com)
|
|
73
75
|
- [urlscan.io](https://urlscan.io)
|
|
74
76
|
- [VirusTotal](http://virustotal.com)
|
|
75
77
|
- [ZoomEye](https://zoomeye.org)
|
|
@@ -89,6 +91,7 @@ Commands:
|
|
|
89
91
|
mihari http_hash # Cross search with search engines by a hash of an HTTP response (SHA256, MD5 and MurmurHash3)
|
|
90
92
|
mihari import_from_json # Give a JSON input via STDIN
|
|
91
93
|
mihari onyphe [QUERY] # Onyphe datascan search by a query
|
|
94
|
+
mihari otx [IP|DOMAIN] # OTX lookup by an IP or domain
|
|
92
95
|
mihari passive_dns [IP|DOMAIN] # Cross search with passive DNS services by an ip or domain
|
|
93
96
|
mihari passive_ssl [SHA1] # Cross search with passive SSL services by an SHA1 certificate fingerprint
|
|
94
97
|
mihari passivetotal [IP|DOMAIN|EMAIL|SHA1] # PassiveTotal lookup by an ip, domain, email or SHA1 certificate fingerprint
|
|
@@ -97,6 +100,7 @@ Commands:
|
|
|
97
100
|
mihari securitytrails [IP|DOMAIN|EMAIL] # SecurityTrails lookup by an ip, domain or email
|
|
98
101
|
mihari securitytrails_domain_feed [REGEXP] # SecurityTrails new domain feed search by a regexp
|
|
99
102
|
mihari shodan [QUERY] # Shodan host search by a query
|
|
103
|
+
mihari spyse [QUERY] # Spyse search by a query
|
|
100
104
|
mihari ssh_fingerprint [FINGERPRINT] # Cross search with search engines by an SSH fingerprint (e.g. dc:14:de:8e:d7:c1:15:43:23:82:25:81:d2:59:e8:c0)
|
|
101
105
|
mihari status # Show the current configuration status
|
|
102
106
|
mihari urlscan [QUERY] # urlscan search by a given query
|
|
@@ -116,7 +120,7 @@ You can get aggregated results by using the following commands.
|
|
|
116
120
|
|
|
117
121
|
| Command | Desc. |
|
|
118
122
|
|-----------------|---------------------------------------------------------------------------------------------------------|
|
|
119
|
-
| passive_dns | Passive DNS lookup with CIRCL passive DNS, PassiveTotal, Pulsedive, SecurityTrails and VirusTotal
|
|
123
|
+
| passive_dns | Passive DNS lookup with CIRCL passive DNS, OTX, PassiveTotal, Pulsedive, SecurityTrails and VirusTotal |
|
|
120
124
|
| passive_ssl | Passive SSL lookup with CIRCL passive SSL and PassiveTotal |
|
|
121
125
|
| reverse_whois | Revese Whois lookup with PassiveTotal and SecurityTrails |
|
|
122
126
|
| http_hash | HTTP response hash lookup with BinaryEdge(SHA256), Censys(SHA256), Onyphpe(MD5) and Shodan(MurmurHash3) |
|
|
@@ -211,6 +215,7 @@ Configuration can be done via environment variables or a YAML file.
|
|
|
211
215
|
| MISP_API_ENDPOINT | MISP URL | |
|
|
212
216
|
| MISP_API_KEY | MISP API key | |
|
|
213
217
|
| ONYPHE_API_KEY | Onyphe API key | |
|
|
218
|
+
| OTX_API_KEY | OTX API key | |
|
|
214
219
|
| PASSIVETOTAL_API_KEY | PassiveTotal API key | |
|
|
215
220
|
| PASSIVETOTAL_USERNAME | PassiveTotal username | |
|
|
216
221
|
| PULSEDIVE_API_KEY | Pulsedive API key | |
|
|
@@ -218,8 +223,10 @@ Configuration can be done via environment variables or a YAML file.
|
|
|
218
223
|
| SHODAN_API_KEY | Shodan API key | |
|
|
219
224
|
| SLACK_CHANNEL | Slack channel name | `#general` |
|
|
220
225
|
| SLACK_WEBHOOK_URL | Slack Webhook URL | |
|
|
226
|
+
| SPYSE_API_KEY | Spyse API key | |
|
|
221
227
|
| THEHIVE_API_ENDPOINT | TheHive URL | |
|
|
222
228
|
| THEHIVE_API_KEY | TheHive API key | |
|
|
229
|
+
| URLSCAN_API_KEY | urlscan.io API key | |
|
|
223
230
|
| VIRUSTOTAL_API_KEY | VirusTotal API key | |
|
|
224
231
|
| ZOOMEYE_PASSWORD | ZoomEye password | |
|
|
225
232
|
| ZOOMEYE_USERNAMME | ZoomEye username | |
|
data/docker/Dockerfile
CHANGED
data/lib/mihari.rb
CHANGED
|
@@ -50,11 +50,13 @@ require "mihari/analyzers/crtsh"
|
|
|
50
50
|
require "mihari/analyzers/dnpedia"
|
|
51
51
|
require "mihari/analyzers/dnstwister"
|
|
52
52
|
require "mihari/analyzers/onyphe"
|
|
53
|
+
require "mihari/analyzers/otx"
|
|
53
54
|
require "mihari/analyzers/passivetotal"
|
|
54
55
|
require "mihari/analyzers/pulsedive"
|
|
55
56
|
require "mihari/analyzers/securitytrails_domain_feed"
|
|
56
57
|
require "mihari/analyzers/securitytrails"
|
|
57
58
|
require "mihari/analyzers/shodan"
|
|
59
|
+
require "mihari/analyzers/spyse"
|
|
58
60
|
require "mihari/analyzers/urlscan"
|
|
59
61
|
require "mihari/analyzers/virustotal"
|
|
60
62
|
require "mihari/analyzers/zoomeye"
|
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "otx_ruby"
|
|
4
|
+
|
|
5
|
+
module Mihari
|
|
6
|
+
module Analyzers
|
|
7
|
+
class OTX < Base
|
|
8
|
+
attr_reader :query
|
|
9
|
+
attr_reader :type
|
|
10
|
+
|
|
11
|
+
attr_reader :title
|
|
12
|
+
attr_reader :description
|
|
13
|
+
attr_reader :tags
|
|
14
|
+
|
|
15
|
+
def initialize(query, title: nil, description: nil, tags: [])
|
|
16
|
+
super()
|
|
17
|
+
|
|
18
|
+
@query = query
|
|
19
|
+
@type = TypeChecker.type(query)
|
|
20
|
+
|
|
21
|
+
@title = title || "OTX lookup"
|
|
22
|
+
@description = description || "query = #{query}"
|
|
23
|
+
@tags = tags
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
def artifacts
|
|
27
|
+
lookup || []
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
private
|
|
31
|
+
|
|
32
|
+
def config_keys
|
|
33
|
+
%w(otx_api_key)
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
def domain_client
|
|
37
|
+
@domain_client ||= ::OTX::Domain.new(Mihari.config.otx_api_key)
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
def ip_client
|
|
41
|
+
@ip_client ||= ::OTX::IP.new(Mihari.config.otx_api_key)
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
def valid_type?
|
|
45
|
+
%w(ip domain).include? type
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def lookup
|
|
49
|
+
case type
|
|
50
|
+
when "domain"
|
|
51
|
+
domain_lookup
|
|
52
|
+
when "ip"
|
|
53
|
+
ip_lookup
|
|
54
|
+
else
|
|
55
|
+
raise InvalidInputError, "#{query}(type: #{type || 'unknown'}) is not supported." unless valid_type?
|
|
56
|
+
end
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
def domain_lookup
|
|
60
|
+
records = domain_client.get_passive_dns(query)
|
|
61
|
+
records.map do |record|
|
|
62
|
+
record.address if record.record_type == "A"
|
|
63
|
+
end.compact.uniq
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
def ip_lookup
|
|
67
|
+
records = ip_client.get_passive_dns(query)
|
|
68
|
+
records.map do |record|
|
|
69
|
+
record.hostname if record.record_type == "A"
|
|
70
|
+
end.compact.uniq
|
|
71
|
+
end
|
|
72
|
+
end
|
|
73
|
+
end
|
|
74
|
+
end
|
|
@@ -14,6 +14,7 @@ module Mihari
|
|
|
14
14
|
|
|
15
15
|
ANALYZERS = [
|
|
16
16
|
Mihari::Analyzers::CIRCL,
|
|
17
|
+
Mihari::Analyzers::OTX,
|
|
17
18
|
Mihari::Analyzers::PassiveTotal,
|
|
18
19
|
Mihari::Analyzers::Pulsedive,
|
|
19
20
|
Mihari::Analyzers::SecurityTrails,
|
|
@@ -55,7 +56,7 @@ module Mihari
|
|
|
55
56
|
analyzer.artifacts
|
|
56
57
|
rescue ArgumentError, InvalidInputError => _e
|
|
57
58
|
nil
|
|
58
|
-
rescue ::PassiveCIRCL::Error, ::PassiveTotal::Error, ::Pulsedive::ResponseError, ::SecurityTrails::Error, ::VirusTotal::Error => _e
|
|
59
|
+
rescue Faraday::Error, ::PassiveCIRCL::Error, ::PassiveTotal::Error, ::Pulsedive::ResponseError, ::SecurityTrails::Error, ::VirusTotal::Error => _e
|
|
59
60
|
nil
|
|
60
61
|
end
|
|
61
62
|
end
|
|
@@ -0,0 +1,77 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "spyse"
|
|
4
|
+
require "json"
|
|
5
|
+
|
|
6
|
+
module Mihari
|
|
7
|
+
module Analyzers
|
|
8
|
+
class Spyse < Base
|
|
9
|
+
attr_reader :query
|
|
10
|
+
attr_reader :type
|
|
11
|
+
|
|
12
|
+
attr_reader :title
|
|
13
|
+
attr_reader :description
|
|
14
|
+
attr_reader :tags
|
|
15
|
+
|
|
16
|
+
def initialize(query, title: nil, description: nil, tags: [], type: "domain")
|
|
17
|
+
super()
|
|
18
|
+
|
|
19
|
+
@query = query
|
|
20
|
+
|
|
21
|
+
@title = title || "Spyse lookup"
|
|
22
|
+
@description = description || "query = #{query}"
|
|
23
|
+
@tags = tags
|
|
24
|
+
@type = type
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
def artifacts
|
|
28
|
+
lookup || []
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
private
|
|
32
|
+
|
|
33
|
+
def search_params
|
|
34
|
+
@search_params ||= JSON.parse(query)
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
def config_keys
|
|
38
|
+
%w(spyse_api_key)
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
def api
|
|
42
|
+
@api ||= ::Spyse::API.new(Mihari.config.spyse_api_key)
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
def valid_type?
|
|
46
|
+
%w(ip domain cert).include? type
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
def domain_lookup
|
|
50
|
+
res = api.domain.search(search_params, limit: 100)
|
|
51
|
+
items = res.dig("data", "items") || []
|
|
52
|
+
items.map do |item|
|
|
53
|
+
item.dig("name")
|
|
54
|
+
end.uniq.compact
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
def ip_lookup
|
|
58
|
+
res = api.ip.search(search_params, limit: 100)
|
|
59
|
+
items = res.dig("data", "items") || []
|
|
60
|
+
items.map do |item|
|
|
61
|
+
item.dig("ip")
|
|
62
|
+
end.uniq.compact
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
def lookup
|
|
66
|
+
case type
|
|
67
|
+
when "domain"
|
|
68
|
+
domain_lookup
|
|
69
|
+
when "ip"
|
|
70
|
+
ip_lookup
|
|
71
|
+
else
|
|
72
|
+
raise InvalidInputError, "#{query}(type: #{type || 'unknown'}) is not supported." unless valid_type?
|
|
73
|
+
end
|
|
74
|
+
end
|
|
75
|
+
end
|
|
76
|
+
end
|
|
77
|
+
end
|
data/lib/mihari/cli.rb
CHANGED
|
@@ -7,6 +7,10 @@ module Mihari
|
|
|
7
7
|
class CLI < Thor
|
|
8
8
|
class_option :config, type: :string, desc: "path to config file"
|
|
9
9
|
|
|
10
|
+
def self.exit_on_failure?
|
|
11
|
+
true
|
|
12
|
+
end
|
|
13
|
+
|
|
10
14
|
desc "censys [QUERY]", "Censys IPv4 search by a query"
|
|
11
15
|
method_option :title, type: :string, desc: "title"
|
|
12
16
|
method_option :description, type: :string, desc: "description"
|
|
@@ -164,6 +168,27 @@ module Mihari
|
|
|
164
168
|
end
|
|
165
169
|
end
|
|
166
170
|
|
|
171
|
+
desc "otx [IP|DOMAIN]", "OTX lookup by an IP or domain"
|
|
172
|
+
method_option :title, type: :string, desc: "title"
|
|
173
|
+
method_option :description, type: :string, desc: "description"
|
|
174
|
+
method_option :tags, type: :array, desc: "tags"
|
|
175
|
+
def otx(domain)
|
|
176
|
+
with_error_handling do
|
|
177
|
+
run_analyzer Analyzers::OTX, query: refang(domain), options: options
|
|
178
|
+
end
|
|
179
|
+
end
|
|
180
|
+
|
|
181
|
+
desc "spyse [QUERY]", "Spyse search by a query"
|
|
182
|
+
method_option :title, type: :string, desc: "title"
|
|
183
|
+
method_option :description, type: :string, desc: "description"
|
|
184
|
+
method_option :tags, type: :array, desc: "tags"
|
|
185
|
+
method_option :type, type: :string, desc: "type to search (ip or domain)", default: "doamin"
|
|
186
|
+
def spyse(query)
|
|
187
|
+
with_error_handling do
|
|
188
|
+
run_analyzer Analyzers::Spyse, query: query, options: options
|
|
189
|
+
end
|
|
190
|
+
end
|
|
191
|
+
|
|
167
192
|
desc "passive_dns [IP|DOMAIN]", "Cross search with passive DNS services by an ip or domain"
|
|
168
193
|
method_option :title, type: :string, desc: "title"
|
|
169
194
|
method_option :description, type: :string, desc: "description"
|
data/lib/mihari/config.rb
CHANGED
|
@@ -12,6 +12,7 @@ module Mihari
|
|
|
12
12
|
attr_accessor :misp_api_endpoint
|
|
13
13
|
attr_accessor :misp_api_key
|
|
14
14
|
attr_accessor :onyphe_api_key
|
|
15
|
+
attr_accessor :otx_api_key
|
|
15
16
|
attr_accessor :passivetotal_api_key
|
|
16
17
|
attr_accessor :passivetotal_username
|
|
17
18
|
attr_accessor :pulsedive_api_key
|
|
@@ -19,8 +20,10 @@ module Mihari
|
|
|
19
20
|
attr_accessor :shodan_api_key
|
|
20
21
|
attr_accessor :slack_channel
|
|
21
22
|
attr_accessor :slack_webhook_url
|
|
23
|
+
attr_accessor :spyse_api_key
|
|
22
24
|
attr_accessor :thehive_api_endpoint
|
|
23
25
|
attr_accessor :thehive_api_key
|
|
26
|
+
attr_accessor :urlscan_api_key
|
|
24
27
|
attr_accessor :virustotal_api_key
|
|
25
28
|
attr_accessor :zoomeye_password
|
|
26
29
|
attr_accessor :zoomeye_username
|
|
@@ -40,6 +43,7 @@ module Mihari
|
|
|
40
43
|
@misp_api_endpoint = ENV["MISP_API_ENDPOINT"]
|
|
41
44
|
@misp_api_key = ENV["MISP_API_KEY"]
|
|
42
45
|
@onyphe_api_key = ENV["ONYPHE_API_KEY"]
|
|
46
|
+
@otx_api_key = ENV["OTX_API_KEY"]
|
|
43
47
|
@passivetotal_api_key = ENV["PASSIVETOTAL_API_KEY"]
|
|
44
48
|
@passivetotal_username = ENV["PASSIVETOTAL_USERNAME"]
|
|
45
49
|
@pulsedive_api_key = ENV["PULSEDIVE_API_KEY"]
|
|
@@ -47,8 +51,10 @@ module Mihari
|
|
|
47
51
|
@shodan_api_key = ENV["SHODAN_API_KEY"]
|
|
48
52
|
@slack_channel = ENV["SLACK_CHANNEL"]
|
|
49
53
|
@slack_webhook_url = ENV["SLACK_WEBHOOK_URL"]
|
|
54
|
+
@spyse_api_key = ENV["SPYSE_API_KEY"]
|
|
50
55
|
@thehive_api_endpoint = ENV["THEHIVE_API_ENDPOINT"]
|
|
51
56
|
@thehive_api_key = ENV["THEHIVE_API_KEY"]
|
|
57
|
+
@urlscan_api_key = ENV["URLSCAN_API_KEY"]
|
|
52
58
|
@virustotal_api_key = ENV["VIRUSTOTAL_API_KEY"]
|
|
53
59
|
@zoomeye_password = ENV["ZOOMEYE_PASSWORD"]
|
|
54
60
|
@zoomeye_username = ENV["ZOOMEYE_USERNAME"]
|
data/lib/mihari/errors.rb
CHANGED
data/lib/mihari/retriable.rb
CHANGED
|
@@ -7,10 +7,10 @@ module Mihari
|
|
|
7
7
|
begin
|
|
8
8
|
try += 1
|
|
9
9
|
yield
|
|
10
|
-
rescue Errno::ECONNRESET, Errno::ECONNABORTED, Errno::EPIPE, OpenSSL::SSL::SSLError, Timeout::Error =>
|
|
10
|
+
rescue Errno::ECONNRESET, Errno::ECONNABORTED, Errno::EPIPE, OpenSSL::SSL::SSLError, Timeout::Error, RetryableError => e
|
|
11
11
|
sleep interval
|
|
12
12
|
retry if try < times
|
|
13
|
-
raise
|
|
13
|
+
raise e
|
|
14
14
|
end
|
|
15
15
|
end
|
|
16
16
|
end
|
data/lib/mihari/version.rb
CHANGED
data/mihari.gemspec
CHANGED
|
@@ -31,8 +31,8 @@ Gem::Specification.new do |spec|
|
|
|
31
31
|
spec.add_development_dependency "pre-commit", "~> 0.39"
|
|
32
32
|
spec.add_development_dependency "rake", "~> 13.0"
|
|
33
33
|
spec.add_development_dependency "rspec", "~> 3.9"
|
|
34
|
-
spec.add_development_dependency "rubocop", "~> 0.
|
|
35
|
-
spec.add_development_dependency "rubocop-performance", "~> 1.
|
|
34
|
+
spec.add_development_dependency "rubocop", "~> 0.90"
|
|
35
|
+
spec.add_development_dependency "rubocop-performance", "~> 1.8"
|
|
36
36
|
spec.add_development_dependency "timecop", "~> 0.9"
|
|
37
37
|
spec.add_development_dependency "vcr", "~> 6.0"
|
|
38
38
|
spec.add_development_dependency "webmock", "~> 3.8"
|
|
@@ -52,6 +52,7 @@ Gem::Specification.new do |spec|
|
|
|
52
52
|
spec.add_dependency "murmurhash3", "~> 0.1"
|
|
53
53
|
spec.add_dependency "net-ping", "~> 2.0"
|
|
54
54
|
spec.add_dependency "onyphe", "~> 2.0"
|
|
55
|
+
spec.add_dependency "otx_ruby", "~> 0.9"
|
|
55
56
|
spec.add_dependency "parallel", "~> 1.19"
|
|
56
57
|
spec.add_dependency "passive_circl", "~> 0.1"
|
|
57
58
|
spec.add_dependency "passivetotalx", "~> 0.1"
|
|
@@ -61,6 +62,7 @@ Gem::Specification.new do |spec|
|
|
|
61
62
|
spec.add_dependency "securitytrails", "~> 1.0"
|
|
62
63
|
spec.add_dependency "shodanx", "~> 0.2"
|
|
63
64
|
spec.add_dependency "slack-notifier", "~> 2.3"
|
|
65
|
+
spec.add_dependency "spysex", "~> 0.1"
|
|
64
66
|
spec.add_dependency "sqlite3", "~> 1.4"
|
|
65
67
|
spec.add_dependency "thor", "~> 1.0"
|
|
66
68
|
spec.add_dependency "urlscan", "~> 0.5"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: mihari
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.3.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Manabu Niseki
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-09-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -114,28 +114,28 @@ dependencies:
|
|
|
114
114
|
requirements:
|
|
115
115
|
- - "~>"
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: '0.
|
|
117
|
+
version: '0.90'
|
|
118
118
|
type: :development
|
|
119
119
|
prerelease: false
|
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
121
|
requirements:
|
|
122
122
|
- - "~>"
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: '0.
|
|
124
|
+
version: '0.90'
|
|
125
125
|
- !ruby/object:Gem::Dependency
|
|
126
126
|
name: rubocop-performance
|
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
|
128
128
|
requirements:
|
|
129
129
|
- - "~>"
|
|
130
130
|
- !ruby/object:Gem::Version
|
|
131
|
-
version: '1.
|
|
131
|
+
version: '1.8'
|
|
132
132
|
type: :development
|
|
133
133
|
prerelease: false
|
|
134
134
|
version_requirements: !ruby/object:Gem::Requirement
|
|
135
135
|
requirements:
|
|
136
136
|
- - "~>"
|
|
137
137
|
- !ruby/object:Gem::Version
|
|
138
|
-
version: '1.
|
|
138
|
+
version: '1.8'
|
|
139
139
|
- !ruby/object:Gem::Dependency
|
|
140
140
|
name: timecop
|
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -388,6 +388,20 @@ dependencies:
|
|
|
388
388
|
- - "~>"
|
|
389
389
|
- !ruby/object:Gem::Version
|
|
390
390
|
version: '2.0'
|
|
391
|
+
- !ruby/object:Gem::Dependency
|
|
392
|
+
name: otx_ruby
|
|
393
|
+
requirement: !ruby/object:Gem::Requirement
|
|
394
|
+
requirements:
|
|
395
|
+
- - "~>"
|
|
396
|
+
- !ruby/object:Gem::Version
|
|
397
|
+
version: '0.9'
|
|
398
|
+
type: :runtime
|
|
399
|
+
prerelease: false
|
|
400
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
401
|
+
requirements:
|
|
402
|
+
- - "~>"
|
|
403
|
+
- !ruby/object:Gem::Version
|
|
404
|
+
version: '0.9'
|
|
391
405
|
- !ruby/object:Gem::Dependency
|
|
392
406
|
name: parallel
|
|
393
407
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -514,6 +528,20 @@ dependencies:
|
|
|
514
528
|
- - "~>"
|
|
515
529
|
- !ruby/object:Gem::Version
|
|
516
530
|
version: '2.3'
|
|
531
|
+
- !ruby/object:Gem::Dependency
|
|
532
|
+
name: spysex
|
|
533
|
+
requirement: !ruby/object:Gem::Requirement
|
|
534
|
+
requirements:
|
|
535
|
+
- - "~>"
|
|
536
|
+
- !ruby/object:Gem::Version
|
|
537
|
+
version: '0.1'
|
|
538
|
+
type: :runtime
|
|
539
|
+
prerelease: false
|
|
540
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
541
|
+
requirements:
|
|
542
|
+
- - "~>"
|
|
543
|
+
- !ruby/object:Gem::Version
|
|
544
|
+
version: '0.1'
|
|
517
545
|
- !ruby/object:Gem::Dependency
|
|
518
546
|
name: sqlite3
|
|
519
547
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -619,6 +647,7 @@ files:
|
|
|
619
647
|
- lib/mihari/analyzers/free_text.rb
|
|
620
648
|
- lib/mihari/analyzers/http_hash.rb
|
|
621
649
|
- lib/mihari/analyzers/onyphe.rb
|
|
650
|
+
- lib/mihari/analyzers/otx.rb
|
|
622
651
|
- lib/mihari/analyzers/passive_dns.rb
|
|
623
652
|
- lib/mihari/analyzers/passive_ssl.rb
|
|
624
653
|
- lib/mihari/analyzers/passivetotal.rb
|
|
@@ -627,6 +656,7 @@ files:
|
|
|
627
656
|
- lib/mihari/analyzers/securitytrails.rb
|
|
628
657
|
- lib/mihari/analyzers/securitytrails_domain_feed.rb
|
|
629
658
|
- lib/mihari/analyzers/shodan.rb
|
|
659
|
+
- lib/mihari/analyzers/spyse.rb
|
|
630
660
|
- lib/mihari/analyzers/ssh_fingerprint.rb
|
|
631
661
|
- lib/mihari/analyzers/urlscan.rb
|
|
632
662
|
- lib/mihari/analyzers/virustotal.rb
|
|
@@ -659,6 +689,7 @@ files:
|
|
|
659
689
|
- lib/mihari/type_checker.rb
|
|
660
690
|
- lib/mihari/version.rb
|
|
661
691
|
- mihari.gemspec
|
|
692
|
+
- renovate.json
|
|
662
693
|
- screenshots/alert.png
|
|
663
694
|
- screenshots/eyecatch.png
|
|
664
695
|
- screenshots/misp.png
|