mihari 1.3.0 → 1.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (47) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/test.yml +44 -0
  3. data/README.md +7 -7
  4. data/Rakefile +1 -0
  5. data/docker/Dockerfile +1 -1
  6. data/lib/mihari/alert_viewer.rb +3 -3
  7. data/lib/mihari/analyzers/base.rb +1 -1
  8. data/lib/mihari/analyzers/basic.rb +3 -4
  9. data/lib/mihari/analyzers/binaryedge.rb +8 -7
  10. data/lib/mihari/analyzers/censys.rb +3 -7
  11. data/lib/mihari/analyzers/circl.rb +3 -5
  12. data/lib/mihari/analyzers/crtsh.rb +2 -6
  13. data/lib/mihari/analyzers/dnpedia.rb +3 -6
  14. data/lib/mihari/analyzers/dnstwister.rb +4 -9
  15. data/lib/mihari/analyzers/free_text.rb +2 -6
  16. data/lib/mihari/analyzers/http_hash.rb +3 -11
  17. data/lib/mihari/analyzers/onyphe.rb +3 -6
  18. data/lib/mihari/analyzers/otx.rb +4 -9
  19. data/lib/mihari/analyzers/passive_dns.rb +4 -9
  20. data/lib/mihari/analyzers/passive_ssl.rb +4 -9
  21. data/lib/mihari/analyzers/passivetotal.rb +9 -14
  22. data/lib/mihari/analyzers/pulsedive.rb +7 -12
  23. data/lib/mihari/analyzers/reverse_whois.rb +4 -9
  24. data/lib/mihari/analyzers/securitytrails.rb +12 -17
  25. data/lib/mihari/analyzers/securitytrails_domain_feed.rb +3 -7
  26. data/lib/mihari/analyzers/shodan.rb +9 -8
  27. data/lib/mihari/analyzers/spyse.rb +6 -11
  28. data/lib/mihari/analyzers/ssh_fingerprint.rb +2 -6
  29. data/lib/mihari/analyzers/urlscan.rb +25 -9
  30. data/lib/mihari/analyzers/virustotal.rb +6 -11
  31. data/lib/mihari/analyzers/zoomeye.rb +7 -11
  32. data/lib/mihari/cli.rb +14 -7
  33. data/lib/mihari/config.rb +2 -24
  34. data/lib/mihari/database.rb +1 -1
  35. data/lib/mihari/emitters/misp.rb +4 -2
  36. data/lib/mihari/emitters/slack.rb +18 -7
  37. data/lib/mihari/emitters/the_hive.rb +2 -2
  38. data/lib/mihari/errors.rb +3 -0
  39. data/lib/mihari/models/artifact.rb +1 -1
  40. data/lib/mihari/notifiers/exception_notifier.rb +5 -5
  41. data/lib/mihari/retriable.rb +1 -1
  42. data/lib/mihari/status.rb +1 -1
  43. data/lib/mihari/type_checker.rb +4 -4
  44. data/lib/mihari/version.rb +1 -1
  45. data/mihari.gemspec +22 -23
  46. metadata +37 -51
  47. data/.travis.yml +0 -13
@@ -7,7 +7,7 @@ module Mihari
7
7
  begin
8
8
  try += 1
9
9
  yield
10
- rescue Errno::ECONNRESET, Errno::ECONNABORTED, Errno::EPIPE, OpenSSL::SSL::SSLError, Timeout::Error, ::Shodan::Error => e
10
+ rescue Errno::ECONNRESET, Errno::ECONNABORTED, Errno::EPIPE, OpenSSL::SSL::SSLError, Timeout::Error, RetryableError => e
11
11
  sleep interval
12
12
  retry if try < times
13
13
  raise e
data/lib/mihari/status.rb CHANGED
@@ -36,7 +36,7 @@ module Mihari
36
36
  status = instance.configured?
37
37
  message = instance.configuration_status
38
38
 
39
- message ? { status: status, message: message } : nil
39
+ message ? {status: status, message: message} : nil
40
40
  rescue ArgumentError => _e
41
41
  nil
42
42
  end
@@ -80,22 +80,22 @@ module Mihari
80
80
 
81
81
  # @return [true, false]
82
82
  def md5?
83
- data.match? /^[A-Fa-f0-9]{32}$/
83
+ data.match?(/^[A-Fa-f0-9]{32}$/)
84
84
  end
85
85
 
86
86
  # @return [true, false]
87
87
  def sha1?
88
- data.match? /^[A-Fa-f0-9]{40}$/
88
+ data.match?(/^[A-Fa-f0-9]{40}$/)
89
89
  end
90
90
 
91
91
  # @return [true, false]
92
92
  def sha256?
93
- data.match? /^[A-Fa-f0-9]{64}$/
93
+ data.match?(/^[A-Fa-f0-9]{64}$/)
94
94
  end
95
95
 
96
96
  # @return [true, false]
97
97
  def sha512?
98
- data.match? /^[A-Fa-f0-9]{128}$/
98
+ data.match?(/^[A-Fa-f0-9]{128}$/)
99
99
  end
100
100
  end
101
101
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Mihari
4
- VERSION = "1.3.0"
4
+ VERSION = "1.5.0"
5
5
  end
data/mihari.gemspec CHANGED
@@ -1,44 +1,42 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- lib = File.expand_path('lib', __dir__)
3
+ lib = File.expand_path("lib", __dir__)
4
4
  $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
5
5
  require "mihari/version"
6
6
 
7
7
  Gem::Specification.new do |spec|
8
- spec.name = "mihari"
9
- spec.version = Mihari::VERSION
10
- spec.authors = ["Manabu Niseki"]
11
- spec.email = ["manabu.niseki@gmail.com"]
8
+ spec.name = "mihari"
9
+ spec.version = Mihari::VERSION
10
+ spec.authors = ["Manabu Niseki"]
11
+ spec.email = ["manabu.niseki@gmail.com"]
12
12
 
13
- spec.summary = "A framework for continuous malicious hosts monitoring."
14
- spec.description = "A framework for continuous malicious hosts monitoring."
15
- spec.homepage = "https://github.com/ninoseki/mihari"
16
- spec.license = "MIT"
13
+ spec.summary = "A framework for continuous malicious hosts monitoring."
14
+ spec.description = "A framework for continuous malicious hosts monitoring."
15
+ spec.homepage = "https://github.com/ninoseki/mihari"
16
+ spec.license = "MIT"
17
17
 
18
18
  # Specify which files should be added to the gem when it is released.
19
19
  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
20
- spec.files = Dir.chdir(File.expand_path(__dir__)) do
20
+ spec.files = Dir.chdir(File.expand_path(__dir__)) do
21
21
  `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
22
22
  end
23
- spec.bindir = "exe"
24
- spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
23
+ spec.bindir = "exe"
24
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
25
25
  spec.require_paths = ["lib"]
26
26
 
27
- spec.add_development_dependency "bundler", "~> 2.1"
27
+ spec.add_development_dependency "bundler", "~> 2.2"
28
28
  spec.add_development_dependency "coveralls", "~> 0.8"
29
29
  spec.add_development_dependency "execjs", "~> 2.7"
30
- spec.add_development_dependency "fakefs", "~> 1.2"
31
- spec.add_development_dependency "pre-commit", "~> 0.39"
30
+ spec.add_development_dependency "fakefs", "~> 1.3"
32
31
  spec.add_development_dependency "rake", "~> 13.0"
33
- spec.add_development_dependency "rspec", "~> 3.9"
34
- spec.add_development_dependency "rubocop", "~> 0.88"
35
- spec.add_development_dependency "rubocop-performance", "~> 1.7"
32
+ spec.add_development_dependency "rspec", "~> 3.10"
33
+ spec.add_development_dependency "standard", "~> 1.0"
36
34
  spec.add_development_dependency "timecop", "~> 0.9"
37
35
  spec.add_development_dependency "vcr", "~> 6.0"
38
- spec.add_development_dependency "webmock", "~> 3.8"
36
+ spec.add_development_dependency "webmock", "~> 3.12"
39
37
 
40
38
  spec.add_dependency "active_model_serializers", "~> 0.10"
41
- spec.add_dependency "activerecord", "~> 6.0"
39
+ spec.add_dependency "activerecord", "~> 6.1"
42
40
  spec.add_dependency "addressable", "~> 2.7"
43
41
  spec.add_dependency "binaryedge", "~> 0.1"
44
42
  spec.add_dependency "censu", "~> 0.2"
@@ -53,7 +51,7 @@ Gem::Specification.new do |spec|
53
51
  spec.add_dependency "net-ping", "~> 2.0"
54
52
  spec.add_dependency "onyphe", "~> 2.0"
55
53
  spec.add_dependency "otx_ruby", "~> 0.9"
56
- spec.add_dependency "parallel", "~> 1.19"
54
+ spec.add_dependency "parallel", "~> 1.20"
57
55
  spec.add_dependency "passive_circl", "~> 0.1"
58
56
  spec.add_dependency "passivetotalx", "~> 0.1"
59
57
  spec.add_dependency "pg", "~> 1.2"
@@ -64,8 +62,9 @@ Gem::Specification.new do |spec|
64
62
  spec.add_dependency "slack-notifier", "~> 2.3"
65
63
  spec.add_dependency "spysex", "~> 0.1"
66
64
  spec.add_dependency "sqlite3", "~> 1.4"
67
- spec.add_dependency "thor", "~> 1.0"
68
- spec.add_dependency "urlscan", "~> 0.5"
65
+ spec.add_dependency "thor", "~> 1.1"
66
+ spec.add_dependency "thread_safe", "~> 0.3"
67
+ spec.add_dependency "urlscan", "~> 0.6"
69
68
  spec.add_dependency "virustotalx", "~> 1.1"
70
69
  spec.add_dependency "zoomeye-rb", "~> 0.1"
71
70
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mihari
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.0
4
+ version: 1.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Manabu Niseki
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-08-16 00:00:00.000000000 Z
11
+ date: 2021-03-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: '2.1'
19
+ version: '2.2'
20
20
  type: :development
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: '2.1'
26
+ version: '2.2'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: coveralls
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -58,28 +58,14 @@ dependencies:
58
58
  requirements:
59
59
  - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: '1.2'
61
+ version: '1.3'
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
66
  - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: '1.2'
69
- - !ruby/object:Gem::Dependency
70
- name: pre-commit
71
- requirement: !ruby/object:Gem::Requirement
72
- requirements:
73
- - - "~>"
74
- - !ruby/object:Gem::Version
75
- version: '0.39'
76
- type: :development
77
- prerelease: false
78
- version_requirements: !ruby/object:Gem::Requirement
79
- requirements:
80
- - - "~>"
81
- - !ruby/object:Gem::Version
82
- version: '0.39'
68
+ version: '1.3'
83
69
  - !ruby/object:Gem::Dependency
84
70
  name: rake
85
71
  requirement: !ruby/object:Gem::Requirement
@@ -100,42 +86,28 @@ dependencies:
100
86
  requirements:
101
87
  - - "~>"
102
88
  - !ruby/object:Gem::Version
103
- version: '3.9'
89
+ version: '3.10'
104
90
  type: :development
105
91
  prerelease: false
106
92
  version_requirements: !ruby/object:Gem::Requirement
107
93
  requirements:
108
94
  - - "~>"
109
95
  - !ruby/object:Gem::Version
110
- version: '3.9'
96
+ version: '3.10'
111
97
  - !ruby/object:Gem::Dependency
112
- name: rubocop
98
+ name: standard
113
99
  requirement: !ruby/object:Gem::Requirement
114
100
  requirements:
115
101
  - - "~>"
116
102
  - !ruby/object:Gem::Version
117
- version: '0.88'
118
- type: :development
119
- prerelease: false
120
- version_requirements: !ruby/object:Gem::Requirement
121
- requirements:
122
- - - "~>"
123
- - !ruby/object:Gem::Version
124
- version: '0.88'
125
- - !ruby/object:Gem::Dependency
126
- name: rubocop-performance
127
- requirement: !ruby/object:Gem::Requirement
128
- requirements:
129
- - - "~>"
130
- - !ruby/object:Gem::Version
131
- version: '1.7'
103
+ version: '1.0'
132
104
  type: :development
133
105
  prerelease: false
134
106
  version_requirements: !ruby/object:Gem::Requirement
135
107
  requirements:
136
108
  - - "~>"
137
109
  - !ruby/object:Gem::Version
138
- version: '1.7'
110
+ version: '1.0'
139
111
  - !ruby/object:Gem::Dependency
140
112
  name: timecop
141
113
  requirement: !ruby/object:Gem::Requirement
@@ -170,14 +142,14 @@ dependencies:
170
142
  requirements:
171
143
  - - "~>"
172
144
  - !ruby/object:Gem::Version
173
- version: '3.8'
145
+ version: '3.12'
174
146
  type: :development
175
147
  prerelease: false
176
148
  version_requirements: !ruby/object:Gem::Requirement
177
149
  requirements:
178
150
  - - "~>"
179
151
  - !ruby/object:Gem::Version
180
- version: '3.8'
152
+ version: '3.12'
181
153
  - !ruby/object:Gem::Dependency
182
154
  name: active_model_serializers
183
155
  requirement: !ruby/object:Gem::Requirement
@@ -198,14 +170,14 @@ dependencies:
198
170
  requirements:
199
171
  - - "~>"
200
172
  - !ruby/object:Gem::Version
201
- version: '6.0'
173
+ version: '6.1'
202
174
  type: :runtime
203
175
  prerelease: false
204
176
  version_requirements: !ruby/object:Gem::Requirement
205
177
  requirements:
206
178
  - - "~>"
207
179
  - !ruby/object:Gem::Version
208
- version: '6.0'
180
+ version: '6.1'
209
181
  - !ruby/object:Gem::Dependency
210
182
  name: addressable
211
183
  requirement: !ruby/object:Gem::Requirement
@@ -408,14 +380,14 @@ dependencies:
408
380
  requirements:
409
381
  - - "~>"
410
382
  - !ruby/object:Gem::Version
411
- version: '1.19'
383
+ version: '1.20'
412
384
  type: :runtime
413
385
  prerelease: false
414
386
  version_requirements: !ruby/object:Gem::Requirement
415
387
  requirements:
416
388
  - - "~>"
417
389
  - !ruby/object:Gem::Version
418
- version: '1.19'
390
+ version: '1.20'
419
391
  - !ruby/object:Gem::Dependency
420
392
  name: passive_circl
421
393
  requirement: !ruby/object:Gem::Requirement
@@ -562,28 +534,42 @@ dependencies:
562
534
  requirements:
563
535
  - - "~>"
564
536
  - !ruby/object:Gem::Version
565
- version: '1.0'
537
+ version: '1.1'
566
538
  type: :runtime
567
539
  prerelease: false
568
540
  version_requirements: !ruby/object:Gem::Requirement
569
541
  requirements:
570
542
  - - "~>"
571
543
  - !ruby/object:Gem::Version
572
- version: '1.0'
544
+ version: '1.1'
545
+ - !ruby/object:Gem::Dependency
546
+ name: thread_safe
547
+ requirement: !ruby/object:Gem::Requirement
548
+ requirements:
549
+ - - "~>"
550
+ - !ruby/object:Gem::Version
551
+ version: '0.3'
552
+ type: :runtime
553
+ prerelease: false
554
+ version_requirements: !ruby/object:Gem::Requirement
555
+ requirements:
556
+ - - "~>"
557
+ - !ruby/object:Gem::Version
558
+ version: '0.3'
573
559
  - !ruby/object:Gem::Dependency
574
560
  name: urlscan
575
561
  requirement: !ruby/object:Gem::Requirement
576
562
  requirements:
577
563
  - - "~>"
578
564
  - !ruby/object:Gem::Version
579
- version: '0.5'
565
+ version: '0.6'
580
566
  type: :runtime
581
567
  prerelease: false
582
568
  version_requirements: !ruby/object:Gem::Requirement
583
569
  requirements:
584
570
  - - "~>"
585
571
  - !ruby/object:Gem::Version
586
- version: '0.5'
572
+ version: '0.6'
587
573
  - !ruby/object:Gem::Dependency
588
574
  name: virustotalx
589
575
  requirement: !ruby/object:Gem::Requirement
@@ -620,10 +606,10 @@ executables:
620
606
  extensions: []
621
607
  extra_rdoc_files: []
622
608
  files:
609
+ - ".github/workflows/test.yml"
623
610
  - ".gitignore"
624
611
  - ".rspec"
625
612
  - ".rubocop.yml"
626
- - ".travis.yml"
627
613
  - Gemfile
628
614
  - LICENSE
629
615
  - README.md
@@ -713,7 +699,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
713
699
  - !ruby/object:Gem::Version
714
700
  version: '0'
715
701
  requirements: []
716
- rubygems_version: 3.1.2
702
+ rubygems_version: 3.2.3
717
703
  signing_key:
718
704
  specification_version: 4
719
705
  summary: A framework for continuous malicious hosts monitoring.
data/.travis.yml DELETED
@@ -1,13 +0,0 @@
1
- ---
2
- language: ruby
3
- cache: bundler
4
- services:
5
- - postgresql
6
- rvm:
7
- - 2.6
8
- - 2.7
9
- env:
10
- - DATABASE=":memory:"
11
- - DATABASE="postgresql://postgres@0.0.0.0:5432/travis_ci_test"
12
- before_install: gem install bundler -v 2.1
13
- before_script: psql -c 'create database travis_ci_test;' -U postgres