mihari 3.12.0 → 4.0.0

data/lib/mihari/commands/spyse.rb

@@ -1,22 +0,0 @@
-# frozen_string_literal: true
-
-module Mihari
-  module Commands
-    module Spyse
-      def self.included(thor)
-        thor.class_eval do
-          desc "spyse [QUERY]", "Spyse search"
-          method_option :title, type: :string, desc: "title"
-          method_option :description, type: :string, desc: "description"
-          method_option :tags, type: :array, desc: "tags"
-          method_option :type, type: :string, desc: "type to search (ip or domain)", default: "doamin"
-          def spyse(query)
-            with_error_handling do
-              run_analyzer Analyzers::Spyse, query: query, options: options
-            end
-          end
-        end
-      end
-    end
-  end
-end

data/lib/mihari/commands/urlscan.rb

@@ -1,22 +0,0 @@
-# frozen_string_literal: true
-
-module Mihari
-  module Commands
-    module Urlscan
-      def self.included(thor)
-        thor.class_eval do
-          desc "urlscan [QUERY]", "urlscan search"
-          method_option :title, type: :string, desc: "title"
-          method_option :description, type: :string, desc: "description"
-          method_option :tags, type: :array, desc: "tags"
-          method_option :allowed_data_types, type: :array, default: ["url", "ip", "domain"], desc: "types to fetch from search results ('url', 'domain' or 'ip')"
-          def urlscan(query)
-            with_error_handling do
-              run_analyzer Analyzers::Urlscan, query: query, options: options
-            end
-          end
-        end
-      end
-    end
-  end
-end

data/lib/mihari/commands/virustotal.rb

@@ -1,22 +0,0 @@
-# frozen_string_literal: true
-
-module Mihari
-  module Commands
-    module VirusTotal
-      def self.included(thor)
-        thor.class_eval do
-          desc "virustotal [IP|DOMAIN]", "VirusTotal resolutions search by an ip or domain"
-          method_option :title, type: :string, desc: "title"
-          method_option :description, type: :string, desc: "description"
-          method_option :tags, type: :array, desc: "tags"
-          def virustotal(indiactor)
-            with_error_handling do
-              run_analyzer Analyzers::VirusTotal, query: indiactor, options: options
-            end
-          end
-          map "vt" => :virustotal
-        end
-      end
-    end
-  end
-end

data/lib/mihari/commands/virustotal_intelligence.rb

@@ -1,22 +0,0 @@
-# frozen_string_literal: true
-
-module Mihari
-  module Commands
-    module VirusTotalIntelligence
-      def self.included(thor)
-        thor.class_eval do
-          desc "virustotal_intelligence [QUERY]", "VirusTotal Intelligence search"
-          method_option :title, type: :string, desc: "title"
-          method_option :description, type: :string, desc: "description"
-          method_option :tags, type: :array, desc: "tags"
-          def virustotal_intelligence(query)
-            with_error_handling do
-              run_analyzer Analyzers::VirusTotalIntelligence, query: query, options: options
-            end
-          end
-          map "vt_intel" => :virustotal_intelligence
-        end
-      end
-    end
-  end
-end

data/lib/mihari/commands/zoomeye.rb

@@ -1,22 +0,0 @@
-# frozen_string_literal: true
-
-module Mihari
-  module Commands
-    module ZoomEye
-      def self.included(thor)
-        thor.class_eval do
-          desc "zoomeye [QUERY]", "ZoomEye search"
-          method_option :title, type: :string, desc: "title"
-          method_option :description, type: :string, desc: "description"
-          method_option :tags, type: :array, desc: "tags"
-          method_option :type, type: :string, desc: "type to search(host / web)", default: "host"
-          def zoomeye(query)
-            with_error_handling do
-              run_analyzer Analyzers::ZoomEye, query: query, options: options
-            end
-          end
-        end
-      end
-    end
-  end
-end

data/lib/mihari/mixins/configuration.rb

@@ -1,100 +0,0 @@
-# frozen_string_literal: true
-
-require "colorize"
-require "yaml"
-
-module Mihari
-  module Mixins
-    module Configuration
-      #
-      # Load config file into hash
-      #
-      # @param [String] path Path to YAML file
-      #
-      # @return [Hash]
-      #
-      def load_config(path)
-        data = _load_config(path)
-        data.transform_keys(&:downcase)
-      end
-
-      #
-      # Validate config schema
-      #
-      # @param [Hash] config
-      #
-      def validate_config(config)
-        error_message = "Failed to parse the input as a config!"
-
-        contract = Schemas::ConfigurationContract.new
-        result = contract.call(config)
-        unless result.errors.empty?
-          puts error_message.colorize(:red)
-          show_validation_errors result.errors
-          raise ArgumentError, "Invalid config schema"
-        end
-
-        # check keys
-        # TODO: check keys with dry-schema
-        valid_keys = Mihari.config.values.keys
-        config.each_key do |key|
-          unless valid_keys.include?(key)
-            puts error_message.colorize(:red)
-            raise ArgumentError, "#{key} is not a valid key."
-          end
-        end
-      end
-
-      #
-      # Returns a template for config
-      #
-      # @return [String] A template for config
-      #
-      def config_template
-        config = Mihari.config.values.keys.to_h do |key|
-          [key.to_s, nil]
-        end
-
-        YAML.dump(config)
-      end
-
-      #
-      # Create (blank) config file
-      #
-      # @param [String] filename
-      # @param [Dry::Files] files
-      # @param [String] template
-      #
-      # @return [nil]
-      #
-      def initialize_config_yaml(filename, files = Dry::Files.new, template: config_template)
-        files.write(filename, template)
-      end
-
-      private
-
-      def show_validation_errors(errors)
-        errors.messages.each do |message|
-          path = message.path.map(&:to_s).join
-          puts "- #{path} #{message.text}".colorize(:red)
-        end
-      end
-
-      #
-      # Load configuration file
-      #
-      # @param [String] path
-      #
-      # @return [Hash]
-      #
-      def _load_config(path)
-        unless Pathname(path).exist?
-          puts "#{path} does not exist".colorize(:red)
-          raise FileNotFoundError
-        end
-
-        YAML.safe_load(File.read(path), symbolize_names: true)
-      end
-    end
-  end
-end

data/lib/mihari/mixins/hash.rb

@@ -1,20 +0,0 @@
-# frozen_string_literal: true
-
-require "cymbal"
-
-module Mihari
-  module Mixins
-    module Hash
-      #
-      # Symbolize hash keys
-      #
-      # @param [Hash] hash
-      #
-      # @return [Hash]
-      #
-      def symbolize_hash(hash)
-        Cymbal.symbolize hash
-      end
-    end
-  end
-end

data/lib/mihari/schemas/configuration.rb

@@ -1,44 +0,0 @@
-# frozen_string_literal: true
-
-require "dry/schema"
-require "dry/validation"
-
-require "mihari/schemas/macros"
-
-module Mihari
-  module Schemas
-    Configuration = Dry::Schema.Params do
-      optional(:binaryedge_api_key).value(:string)
-      optional(:censys_id).value(:string)
-      optional(:censys_secret).value(:string)
-      optional(:circl_passive_password).value(:string)
-      optional(:circl_passive_username).value(:string)
-      optional(:database).value(:string)
-      optional(:greynoise_api_key).value(:string)
-      optional(:ipinfo_api_key).value(:string)
-      optional(:misp_api_endpoint).value(:string)
-      optional(:misp_api_key).value(:string)
-      optional(:onyphe_api_key).value(:string)
-      optional(:otx_api_key).value(:string)
-      optional(:passivetotal_api_key).value(:string)
-      optional(:passivetotal_username).value(:string)
-      optional(:pulsedive_api_key).value(:string)
-      optional(:securitytrails_api_key).value(:string)
-      optional(:shodan_api_key).value(:string)
-      optional(:slack_channel).value(:string)
-      optional(:slack_webhook_url).value(:string)
-      optional(:spyse_api_key).value(:string)
-      optional(:thehive_api_endpoint).value(:string)
-      optional(:thehive_api_key).value(:string)
-      optional(:urlscan_api_key).value(:string)
-      optional(:virustotal_api_key).value(:string)
-      optional(:webhook_url).value(:string)
-      optional(:webhook_use_json_body).value(:bool)
-      optional(:zoomeye_api_key).value(:string)
-    end
-
-    class ConfigurationContract < Dry::Validation::Contract
-      params(Configuration)
-    end
-  end
-end

data/lib/mihari/web/public/grape.rb

@@ -1,73 +0,0 @@
-# frozen_string_literal: true
-
-require "launchy"
-require "rack"
-require "rack/contrib"
-require "rack/handler/puma"
-require "rack/cors"
-
-require "grape"
-require "grape-swagger"
-
-require "mihari/web/apis/ping"
-
-module Mihari
-  class API < Grape::API
-    prefix "api"
-    format :json
-    mount Apis::Ping
-    add_swagger_documentation api_version: "v1"
-  end
-
-  class GrapeApp
-    def initialize
-      @filenames = ["", ".html", "index.html", "/index.html"]
-      @rack_static = ::Rack::Static.new(
-        lambda { [404, {}, []] },
-        root: File.expand_path("public", __dir__),
-        urls: ["/"]
-      )
-    end
-
-    class << self
-      def instance
-        @instance ||= Rack::Builder.new do
-          run GrapeApp.new
-        end.to_app
-      end
-
-      def run!(port: 9292, host: "localhost", threads: "0:16", verbose: false)
-        url = "http://#{host}:#{port}"
-
-        Rack::Handler::Puma.run(instance, Port: port, Host: host, Threads: threads, Verbose: verbose) do |server|
-          p ENV["RACK_ENV"]
-          p instance.class
-
-          Launchy.open(url) if ENV["RACK_ENV"] != "development"
-
-          [:INT, :TERM].each do |sig|
-            trap(sig) do
-              server.shutdown
-            end
-          end
-        end
-      end
-    end
-
-    def call(env)
-      # api
-      p GrapeApp.instance
-      response = API.call(env)
-
-      # Check if the App wants us to pass the response along to others
-      if response[1]["X-Cascade"] == "pass"
-        # static files
-        request_path = env["PATH_INFO"]
-        @filenames.each do |path|
-          response = @rack_static.call(env.merge("PATH_INFO" => request_path + path))
-          return response if response[0] != 404
-        end
-      end
-    end
-  end
-end

data/sig/lib/mihari/cli/analyzer.rbs

@@ -1,43 +0,0 @@
-module Mihari
-  module CLI
-    class Analyzer < Base
-      include Mihari::Commands::BinaryEdge
-
-      include Mihari::Commands::Censys
-
-      include Mihari::Commands::CIRCL
-
-      include Mihari::Commands::Crtsh
-
-      include Mihari::Commands::DNPedia
-
-      include Mihari::Commands::DNSTwister
-
-      include Mihari::Commands::Feed
-
-      include Mihari::Commands::GreyNoise
-
-      include Mihari::Commands::JSON
-
-      include Mihari::Commands::Onyphe
-
-      include Mihari::Commands::OTX
-
-      include Mihari::Commands::PassiveTotal
-
-      include Mihari::Commands::Pulsedive
-
-      include Mihari::Commands::SecurityTrails
-
-      include Mihari::Commands::Shodan
-
-      include Mihari::Commands::Spyse
-
-      include Mihari::Commands::Urlscan
-
-      include Mihari::Commands::VirusTotal
-
-      include Mihari::Commands::ZoomEye
-    end
-  end
-end

data/sig/lib/mihari/commands/binaryedge.rbs

@@ -1,7 +0,0 @@
-module Mihari
-  module Commands
-    module BinaryEdge
-      def self.included: (untyped thor) -> untyped
-    end
-  end
-end

data/sig/lib/mihari/commands/censys.rbs

@@ -1,7 +0,0 @@
-module Mihari
-  module Commands
-    module Censys
-      def self.included: (untyped thor) -> untyped
-    end
-  end
-end

data/sig/lib/mihari/commands/circl.rbs

@@ -1,7 +0,0 @@
-module Mihari
-  module Commands
-    module CIRCL
-      def self.included: (untyped thor) -> untyped
-    end
-  end
-end

data/sig/lib/mihari/commands/crtsh.rbs

@@ -1,7 +0,0 @@
-module Mihari
-  module Commands
-    module Crtsh
-      def self.included: (untyped thor) -> untyped
-    end
-  end
-end

data/sig/lib/mihari/commands/dnpedia.rbs

@@ -1,7 +0,0 @@
-module Mihari
-  module Commands
-    module DNPedia
-      def self.included: (untyped thor) -> untyped
-    end
-  end
-end

data/sig/lib/mihari/commands/dnstwister.rbs

@@ -1,7 +0,0 @@
-module Mihari
-  module Commands
-    module DNSTwister
-      def self.included: (untyped thor) -> untyped
-    end
-  end
-end

data/sig/lib/mihari/commands/feed.rbs

@@ -1,7 +0,0 @@
-module Mihari
-  module Commands
-    module Feed
-      def self.included: (untyped thor) -> untyped
-    end
-  end
-end

data/sig/lib/mihari/commands/onyphe.rbs

@@ -1,7 +0,0 @@
-module Mihari
-  module Commands
-    module Onyphe
-      def self.included: (untyped thor) -> untyped
-    end
-  end
-end

data/sig/lib/mihari/commands/otx.rbs

@@ -1,7 +0,0 @@
-module Mihari
-  module Commands
-    module OTX
-      def self.included: (untyped thor) -> untyped
-    end
-  end
-end

data/sig/lib/mihari/commands/passivetotal.rbs

@@ -1,7 +0,0 @@
-module Mihari
-  module Commands
-    module PassiveTotal
-      def self.included: (untyped thor) -> untyped
-    end
-  end
-end

data/sig/lib/mihari/commands/pulsedive.rbs

@@ -1,7 +0,0 @@
-module Mihari
-  module Commands
-    module Pulsedive
-      def self.included: (untyped thor) -> untyped
-    end
-  end
-end

data/sig/lib/mihari/commands/securitytrails.rbs

@@ -1,7 +0,0 @@
-module Mihari
-  module Commands
-    module SecurityTrails
-      def self.included: (untyped thor) -> untyped
-    end
-  end
-end

data/sig/lib/mihari/commands/shodan.rbs

@@ -1,7 +0,0 @@
-module Mihari
-  module Commands
-    module Shodan
-      def self.included: (untyped thor) -> untyped
-    end
-  end
-end

data/sig/lib/mihari/commands/spyse.rbs

@@ -1,7 +0,0 @@
-module Mihari
-  module Commands
-    module Spyse
-      def self.included: (untyped thor) -> untyped
-    end
-  end
-end

data/sig/lib/mihari/commands/urlscan.rbs

@@ -1,7 +0,0 @@
-module Mihari
-  module Commands
-    module Urlscan
-      def self.included: (untyped thor) -> untyped
-    end
-  end
-end

data/sig/lib/mihari/commands/virustotal.rbs

@@ -1,7 +0,0 @@
-module Mihari
-  module Commands
-    module VirusTotal
-      def self.included: (untyped thor) -> untyped
-    end
-  end
-end

data/sig/lib/mihari/commands/zoomeye.rbs

@@ -1,7 +0,0 @@
-module Mihari
-  module Commands
-    module ZoomEye
-      def self.included: (untyped thor) -> untyped
-    end
-  end
-end