mihari 4.1.0 → 4.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/test.yml +1 -1
- data/README.md +1 -1
- data/Rakefile +5 -0
- data/config.ru +0 -1
- data/lib/mihari/analyzers/base.rb +18 -10
- data/lib/mihari/analyzers/rule.rb +1 -1
- data/lib/mihari/cli/base.rb +0 -4
- data/lib/mihari/commands/init.rb +1 -1
- data/lib/mihari/commands/search.rb +11 -58
- data/lib/mihari/commands/validator.rb +1 -2
- data/lib/mihari/database.rb +1 -1
- data/lib/mihari/emitters/base.rb +5 -2
- data/lib/mihari/emitters/slack.rb +40 -4
- data/lib/mihari/enrichers/base.rb +5 -2
- data/lib/mihari/enrichers/ipinfo.rb +4 -3
- data/lib/mihari/{web/entities → entities}/alert.rb +0 -0
- data/lib/mihari/{web/entities → entities}/artifact.rb +0 -0
- data/lib/mihari/{web/entities → entities}/autonomous_system.rb +0 -0
- data/lib/mihari/{web/entities → entities}/command.rb +0 -0
- data/lib/mihari/{web/entities → entities}/config.rb +0 -0
- data/lib/mihari/{web/entities → entities}/dns.rb +0 -0
- data/lib/mihari/{web/entities → entities}/geolocation.rb +0 -0
- data/lib/mihari/{web/entities → entities}/ip_address.rb +0 -0
- data/lib/mihari/{web/entities → entities}/message.rb +0 -0
- data/lib/mihari/{web/entities → entities}/reverse_dns.rb +0 -0
- data/lib/mihari/{web/entities → entities}/rule.rb +0 -0
- data/lib/mihari/{web/entities → entities}/source.rb +0 -0
- data/lib/mihari/{web/entities → entities}/tag.rb +0 -0
- data/lib/mihari/{web/entities → entities}/whois.rb +0 -0
- data/lib/mihari/errors.rb +2 -0
- data/lib/mihari/feed/reader.rb +11 -55
- data/lib/mihari/http.rb +94 -0
- data/lib/mihari/mixins/error_notification.rb +20 -0
- data/lib/mihari/mixins/retriable.rb +12 -2
- data/lib/mihari/mixins/rule.rb +1 -2
- data/lib/mihari/structs/ipinfo.rb +2 -3
- data/lib/mihari/structs/rule.rb +30 -0
- data/lib/mihari/structs/shodan.rb +9 -1
- data/lib/mihari/version.rb +1 -1
- data/lib/mihari/web/api.rb +0 -20
- data/lib/mihari/web/app.rb +3 -3
- data/lib/mihari/web/endpoints/rules.rb +3 -1
- data/lib/mihari/web/middleware/error_notification_adapter.rb +19 -0
- data/lib/mihari/web/public/index.html +1 -1
- data/lib/mihari/web/public/redoc-static.html +1881 -165
- data/lib/mihari/web/public/static/css/app.43138058.css +1 -0
- data/lib/mihari/web/public/static/css/chunk-vendors.3ed9b08e.css +7 -0
- data/lib/mihari/web/public/static/fonts/fa-brands-400.1fd0b4d7.ttf +0 -0
- data/lib/mihari/web/public/static/fonts/fa-brands-400.5d5236fb.woff2 +0 -0
- data/lib/mihari/web/public/static/fonts/fa-regular-400.64b3730e.woff2 +0 -0
- data/lib/mihari/web/public/static/fonts/fa-regular-400.95a8a8af.ttf +0 -0
- data/lib/mihari/web/public/static/fonts/fa-solid-900.6115ad71.woff2 +0 -0
- data/lib/mihari/web/public/static/fonts/fa-solid-900.f0203cfc.ttf +0 -0
- data/lib/mihari/web/public/static/fonts/fa-v4compatibility.e1023515.ttf +0 -0
- data/lib/mihari/web/public/static/js/app-legacy.46b666f0.js +2 -0
- data/lib/mihari/web/public/static/js/app-legacy.46b666f0.js.map +1 -0
- data/lib/mihari/web/public/static/js/app.4818aedd.js +2 -0
- data/lib/mihari/web/public/static/js/app.4818aedd.js.map +1 -0
- data/lib/mihari/web/public/static/js/app.b88ce341.js +35 -0
- data/lib/mihari/web/public/static/js/app.b88ce341.js.map +1 -0
- data/lib/mihari/web/public/static/js/chunk-vendors-legacy.c99e452e.js +17 -0
- data/lib/mihari/web/public/static/js/chunk-vendors-legacy.c99e452e.js.map +1 -0
- data/lib/mihari/web/public/static/js/chunk-vendors.15e84e22.js +23 -0
- data/lib/mihari/web/public/static/js/chunk-vendors.15e84e22.js.map +1 -0
- data/lib/mihari.rb +63 -15
- data/mihari.gemspec +12 -12
- data/sig/lib/mihari/emitters/slack.rbs +29 -1
- data/sig/lib/mihari/feed/reader.rbs +2 -2
- data/sig/lib/mihari/http.rbs +65 -0
- data/sig/lib/mihari/mixins/error_notification.rbs +12 -0
- data/sig/lib/mihari/structs/rule.rbs +6 -0
- data/sig/lib/mihari.rbs +4 -8
- metadata +88 -73
- data/lib/mihari/cli/mixins/utils.rb +0 -72
- data/lib/mihari/emitters/stdout.rb +0 -22
- data/lib/mihari/notifiers/base.rb +0 -24
- data/lib/mihari/notifiers/exception_notifier.rb +0 -126
- data/lib/mihari/notifiers/slack.rb +0 -63
- data/sig/lib/mihari/cli/mixins/utils.rbs +0 -50
- data/sig/lib/mihari/notifiers/base.rbs +0 -18
- data/sig/lib/mihari/notifiers/exception_notifier.rbs +0 -75
- data/sig/lib/mihari/notifiers/slack.rbs +0 -50
|
@@ -1,63 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
require "slack-notifier"
|
|
4
|
-
|
|
5
|
-
module Mihari
|
|
6
|
-
module Notifiers
|
|
7
|
-
class Slack < Base
|
|
8
|
-
SLACK_WEBHOOK_URL_KEY = "SLACK_WEBHOOK_URL"
|
|
9
|
-
SLACK_CHANNEL_KEY = "SLACK_CHANNEL"
|
|
10
|
-
DEFAULT_USERNAME = "mihari"
|
|
11
|
-
|
|
12
|
-
#
|
|
13
|
-
# Slack channel to post
|
|
14
|
-
#
|
|
15
|
-
# @return [String]
|
|
16
|
-
#
|
|
17
|
-
def slack_channel
|
|
18
|
-
Mihari.config.slack_channel || "#general"
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
#
|
|
22
|
-
# Slack webhook URL
|
|
23
|
-
#
|
|
24
|
-
# @return [String]
|
|
25
|
-
#
|
|
26
|
-
def slack_webhook_url
|
|
27
|
-
Mihari.config.slack_webhook_url
|
|
28
|
-
end
|
|
29
|
-
|
|
30
|
-
#
|
|
31
|
-
# Check Slack webhook URL is set
|
|
32
|
-
#
|
|
33
|
-
# @return [Boolean]
|
|
34
|
-
#
|
|
35
|
-
def slack_webhook_url?
|
|
36
|
-
!Mihari.config.slack_webhook_url.nil?
|
|
37
|
-
end
|
|
38
|
-
|
|
39
|
-
#
|
|
40
|
-
# Check Slack webhook URL is set. Alias of #slack_webhook_url?.
|
|
41
|
-
#
|
|
42
|
-
# @return [Boolean]
|
|
43
|
-
#
|
|
44
|
-
def valid?
|
|
45
|
-
slack_webhook_url?
|
|
46
|
-
end
|
|
47
|
-
|
|
48
|
-
#
|
|
49
|
-
# Send notification to Slack
|
|
50
|
-
#
|
|
51
|
-
# @param [String] text
|
|
52
|
-
# @param [Array<Hash>] attachments
|
|
53
|
-
# @param [Boolean] mrkdwn
|
|
54
|
-
#
|
|
55
|
-
# @return [nil]
|
|
56
|
-
#
|
|
57
|
-
def notify(text:, attachments: [], mrkdwn: true)
|
|
58
|
-
notifier = ::Slack::Notifier.new(slack_webhook_url, channel: slack_channel, username: DEFAULT_USERNAME)
|
|
59
|
-
notifier.post(text: text, attachments: attachments, mrkdwn: mrkdwn)
|
|
60
|
-
end
|
|
61
|
-
end
|
|
62
|
-
end
|
|
63
|
-
end
|
|
@@ -1,50 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
module CLI
|
|
3
|
-
module Mixins
|
|
4
|
-
module Utils
|
|
5
|
-
#
|
|
6
|
-
# Send an exception notification if there is any error in a block
|
|
7
|
-
#
|
|
8
|
-
# @return [Nil]
|
|
9
|
-
#
|
|
10
|
-
def with_error_handling: () { () -> untyped } -> void
|
|
11
|
-
|
|
12
|
-
#
|
|
13
|
-
# Check required keys in JSON
|
|
14
|
-
#
|
|
15
|
-
# @param [Hash] json
|
|
16
|
-
#
|
|
17
|
-
# @return [Boolean]
|
|
18
|
-
#
|
|
19
|
-
def required_alert_keys?: (Hash[(String | Symbol), untyped] json) -> bool
|
|
20
|
-
|
|
21
|
-
#
|
|
22
|
-
# Load configuration and establish DB connection
|
|
23
|
-
#
|
|
24
|
-
# @return [Hash]
|
|
25
|
-
#
|
|
26
|
-
def load_configuration: () -> Hash[(String | Symbol), untyped]
|
|
27
|
-
|
|
28
|
-
#
|
|
29
|
-
# Run analyzer
|
|
30
|
-
#
|
|
31
|
-
# @param [Class<Mihari::Analyzers::Base>] analyzer_class
|
|
32
|
-
# @param [String] query
|
|
33
|
-
# @param [Hash] options
|
|
34
|
-
#
|
|
35
|
-
# @return [nil]
|
|
36
|
-
#
|
|
37
|
-
def run_analyzer: (untyped analyzer_class, query: String query, options: untyped options) -> void
|
|
38
|
-
|
|
39
|
-
#
|
|
40
|
-
# Normalize options (reject keys not for analyzers)
|
|
41
|
-
#
|
|
42
|
-
# @param [Hash] options
|
|
43
|
-
#
|
|
44
|
-
# @return [Hash]
|
|
45
|
-
#
|
|
46
|
-
def normalize_options: (Hash[(String | Symbol), untyped] options) -> Hash[(String | Symbol), untyped]
|
|
47
|
-
end
|
|
48
|
-
end
|
|
49
|
-
end
|
|
50
|
-
end
|
|
@@ -1,75 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
module Notifiers
|
|
3
|
-
class ExceptionNotifier
|
|
4
|
-
def initialize: () -> void
|
|
5
|
-
|
|
6
|
-
def valid?: () -> bool
|
|
7
|
-
|
|
8
|
-
def notify: (Exception exception) -> void
|
|
9
|
-
|
|
10
|
-
#
|
|
11
|
-
# Send notification to Slack
|
|
12
|
-
#
|
|
13
|
-
# @param [String] text
|
|
14
|
-
# @param [Array<Hash>] attachments
|
|
15
|
-
#
|
|
16
|
-
# @return [nil]
|
|
17
|
-
#
|
|
18
|
-
def notify_to_slack: (text: String text, attachments: Array[Hash[(String | Symbol), untyped]] attachments) -> void
|
|
19
|
-
|
|
20
|
-
#
|
|
21
|
-
# Send notification to STDOUT
|
|
22
|
-
#
|
|
23
|
-
# @param [Exception] exception
|
|
24
|
-
#
|
|
25
|
-
# @return [nil]
|
|
26
|
-
#
|
|
27
|
-
def notify_to_stdout: (Exception exception) -> void
|
|
28
|
-
|
|
29
|
-
#
|
|
30
|
-
# Convert exception to attachments (for Slack)
|
|
31
|
-
#
|
|
32
|
-
# @param [Exception] exception
|
|
33
|
-
# @param [String] clean_message
|
|
34
|
-
#
|
|
35
|
-
# @return [Array<Hash>]
|
|
36
|
-
#
|
|
37
|
-
def to_attachments: (Exception exception, String clean_message) -> ::Array[{ color: untyped, text: untyped, fields: untyped, :mrkdwn_in => ::Array["text" | "fields"] }]
|
|
38
|
-
|
|
39
|
-
#
|
|
40
|
-
# Convert exception class to text
|
|
41
|
-
#
|
|
42
|
-
# @param [Class<Exception>] exception_class
|
|
43
|
-
#
|
|
44
|
-
# @return [String]
|
|
45
|
-
#
|
|
46
|
-
def to_text: (singleton(Exception) exception_class) -> ::String
|
|
47
|
-
|
|
48
|
-
#
|
|
49
|
-
# Convert clean_message and backtrace into fields (for Slack)
|
|
50
|
-
#
|
|
51
|
-
# @param [String] clean_message
|
|
52
|
-
# @param [Array] backtrace
|
|
53
|
-
#
|
|
54
|
-
# @return [Array<Hash>]
|
|
55
|
-
#
|
|
56
|
-
def to_fields: (String clean_message, untyped backtrace) -> Array[Hash[(String | Symbol), untyped]]
|
|
57
|
-
|
|
58
|
-
#
|
|
59
|
-
# Hostname of runnning instance
|
|
60
|
-
#
|
|
61
|
-
# @return [String]
|
|
62
|
-
#
|
|
63
|
-
def hostname: () -> String
|
|
64
|
-
|
|
65
|
-
#
|
|
66
|
-
# Format backtrace in string
|
|
67
|
-
#
|
|
68
|
-
# @param [Array] backtrace
|
|
69
|
-
#
|
|
70
|
-
# @return [String]
|
|
71
|
-
#
|
|
72
|
-
def format_backtrace: (untyped backtrace) -> (nil | ::String)
|
|
73
|
-
end
|
|
74
|
-
end
|
|
75
|
-
end
|
|
@@ -1,50 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
module Notifiers
|
|
3
|
-
class Slack < Base
|
|
4
|
-
SLACK_WEBHOOK_URL_KEY: ::String
|
|
5
|
-
|
|
6
|
-
SLACK_CHANNEL_KEY: ::String
|
|
7
|
-
|
|
8
|
-
DEFAULT_USERNAME: ::String
|
|
9
|
-
|
|
10
|
-
#
|
|
11
|
-
# Slack channel to post
|
|
12
|
-
#
|
|
13
|
-
# @return [String]
|
|
14
|
-
#
|
|
15
|
-
def slack_channel: () -> String
|
|
16
|
-
|
|
17
|
-
#
|
|
18
|
-
# Slack webhook URL
|
|
19
|
-
#
|
|
20
|
-
# @return [String]
|
|
21
|
-
#
|
|
22
|
-
def slack_webhook_url: () -> String
|
|
23
|
-
|
|
24
|
-
#
|
|
25
|
-
# Check Slack webhook URL is set
|
|
26
|
-
#
|
|
27
|
-
# @return [Boolean]
|
|
28
|
-
#
|
|
29
|
-
def slack_webhook_url?: () -> bool
|
|
30
|
-
|
|
31
|
-
#
|
|
32
|
-
# Check Slack webhook URL is set. Alias of #slack_webhook_url?.
|
|
33
|
-
#
|
|
34
|
-
# @return [Boolean]
|
|
35
|
-
#
|
|
36
|
-
def valid?: () -> bool
|
|
37
|
-
|
|
38
|
-
#
|
|
39
|
-
# Send notification to Slack
|
|
40
|
-
#
|
|
41
|
-
# @param [String] text
|
|
42
|
-
# @param [Array<Hash>] attachments
|
|
43
|
-
# @param [Boolean] mrkdwn
|
|
44
|
-
#
|
|
45
|
-
# @return [nil]
|
|
46
|
-
#
|
|
47
|
-
def notify: (text: String text, ?attachments: Array[Hash[(String | Symbol), untyped]] attachments, ?mrkdwn: bool mrkdwn) -> untyped
|
|
48
|
-
end
|
|
49
|
-
end
|
|
50
|
-
end
|