mihari 4.11.0 → 5.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/test.yml +1 -1
- data/README.md +13 -3
- data/Steepfile +0 -1
- data/build_frontend.sh +0 -3
- data/docker/Dockerfile +11 -12
- data/images/Tines-Full_Logo-Tines_Black.png +0 -0
- data/lib/mihari/analyzers/base.rb +12 -28
- data/lib/mihari/analyzers/rule.rb +23 -36
- data/lib/mihari/cli/main.rb +6 -11
- data/lib/mihari/commands/initializer.rb +47 -0
- data/lib/mihari/commands/{search.rb → searcher.rb} +9 -20
- data/lib/mihari/commands/validator.rb +2 -2
- data/lib/mihari/commands/web.rb +4 -2
- data/lib/mihari/constants.rb +3 -3
- data/lib/mihari/database.rb +52 -87
- data/lib/mihari/emitters/database.rb +16 -7
- data/lib/mihari/emitters/misp.rb +13 -5
- data/lib/mihari/emitters/slack.rb +15 -8
- data/lib/mihari/emitters/the_hive.rb +42 -21
- data/lib/mihari/emitters/webhook.rb +99 -31
- data/lib/mihari/entities/alert.rb +7 -5
- data/lib/mihari/entities/artifact.rb +20 -8
- data/lib/mihari/entities/config.rb +2 -6
- data/lib/mihari/entities/rule.rb +8 -0
- data/lib/mihari/http.rb +13 -13
- data/lib/mihari/mixins/{disallowed_data_value.rb → falsepositive.rb} +8 -8
- data/lib/mihari/models/alert.rb +2 -15
- data/lib/mihari/models/artifact.rb +28 -17
- data/lib/mihari/models/rule.rb +7 -13
- data/lib/mihari/schemas/emitter.rb +6 -8
- data/lib/mihari/schemas/rule.rb +11 -13
- data/lib/mihari/structs/config.rb +41 -0
- data/lib/mihari/structs/filters.rb +2 -2
- data/lib/mihari/structs/rule.rb +96 -83
- data/lib/mihari/templates/rule.yml.erb +5 -23
- data/lib/mihari/types.rb +1 -1
- data/lib/mihari/version.rb +1 -1
- data/lib/mihari/web/api.rb +0 -2
- data/lib/mihari/web/app.rb +10 -4
- data/lib/mihari/web/endpoints/alerts.rb +11 -3
- data/lib/mihari/web/endpoints/configs.rb +1 -6
- data/lib/mihari/web/endpoints/rules.rb +27 -15
- data/lib/mihari/web/public/assets/{fa-brands-400.c7ae37d3.ttf → fa-brands-400-2ef6fdde.ttf} +0 -0
- data/lib/mihari/web/public/assets/fa-brands-400-f4617423.woff2 +0 -0
- data/lib/mihari/web/public/assets/fa-regular-400-12dea17b.ttf +0 -0
- data/lib/mihari/web/public/assets/fa-regular-400-7ba24c41.woff2 +0 -0
- data/lib/mihari/web/public/assets/fa-solid-900-67a880b4.ttf +0 -0
- data/lib/mihari/web/public/assets/fa-solid-900-e2c5cf54.woff2 +0 -0
- data/lib/mihari/web/public/assets/fa-v4compatibility-7c377405.woff2 +0 -0
- data/lib/mihari/web/public/assets/fa-v4compatibility-8d9500e8.ttf +0 -0
- data/lib/mihari/web/public/assets/{index.e1e67d84.css → index-625e95fe.css} +3 -3
- data/lib/mihari/web/public/assets/index-63900d73.js +50 -0
- data/lib/mihari/web/public/index.html +3 -3
- data/lib/mihari/web/public/redoc-static.html +26 -27
- data/lib/mihari.rb +11 -21
- data/mihari.gemspec +14 -14
- metadata +46 -131
- data/lib/mihari/cli/init.rb +0 -11
- data/lib/mihari/cli/validator.rb +0 -11
- data/lib/mihari/commands/init.rb +0 -51
- data/lib/mihari/emitters/http.rb +0 -127
- data/lib/mihari/entities/source.rb +0 -9
- data/lib/mihari/status.rb +0 -55
- data/lib/mihari/web/endpoints/sources.rb +0 -19
- data/lib/mihari/web/public/assets/fa-brands-400.3fe890d0.woff2 +0 -0
- data/lib/mihari/web/public/assets/fa-regular-400.fdc1f753.ttf +0 -0
- data/lib/mihari/web/public/assets/fa-regular-400.fe69d948.woff2 +0 -0
- data/lib/mihari/web/public/assets/fa-solid-900.6d53c706.ttf +0 -0
- data/lib/mihari/web/public/assets/fa-solid-900.d27bc752.woff2 +0 -0
- data/lib/mihari/web/public/assets/fa-v4compatibility.4d73f280.ttf +0 -0
- data/lib/mihari/web/public/assets/fa-v4compatibility.7d1c2ce5.woff2 +0 -0
- data/lib/mihari/web/public/assets/index.d3a61a69.js +0 -68
- data/sig/lib/mihari/analyzers/base.rbs +0 -90
- data/sig/lib/mihari/analyzers/binaryedge.rbs +0 -26
- data/sig/lib/mihari/analyzers/censys.rbs +0 -41
- data/sig/lib/mihari/analyzers/circl.rbs +0 -31
- data/sig/lib/mihari/analyzers/crtsh.rbs +0 -17
- data/sig/lib/mihari/analyzers/dnpedia.rbs +0 -15
- data/sig/lib/mihari/analyzers/dnstwister.rbs +0 -25
- data/sig/lib/mihari/analyzers/feed.rbs +0 -20
- data/sig/lib/mihari/analyzers/onyphe.rbs +0 -34
- data/sig/lib/mihari/analyzers/otx.rbs +0 -33
- data/sig/lib/mihari/analyzers/passivetotal.rbs +0 -35
- data/sig/lib/mihari/analyzers/pulsedive.rbs +0 -27
- data/sig/lib/mihari/analyzers/rule.rbs +0 -68
- data/sig/lib/mihari/analyzers/securitytrails.rbs +0 -33
- data/sig/lib/mihari/analyzers/shodan.rbs +0 -36
- data/sig/lib/mihari/analyzers/urlscan.rbs +0 -31
- data/sig/lib/mihari/analyzers/virustotal.rbs +0 -31
- data/sig/lib/mihari/analyzers/virustotal_intelligence.rbs +0 -33
- data/sig/lib/mihari/analyzers/zoomeye.rbs +0 -35
- data/sig/lib/mihari/cli/base.rbs +0 -9
- data/sig/lib/mihari/cli/init.rbs +0 -7
- data/sig/lib/mihari/cli/main.rbs +0 -9
- data/sig/lib/mihari/cli/validator.rbs +0 -7
- data/sig/lib/mihari/commands/init.rbs +0 -9
- data/sig/lib/mihari/commands/json.rbs +0 -7
- data/sig/lib/mihari/commands/search.rbs +0 -35
- data/sig/lib/mihari/commands/validator.rbs +0 -9
- data/sig/lib/mihari/commands/web.rbs +0 -7
- data/sig/lib/mihari/constants.rbs +0 -5
- data/sig/lib/mihari/database.rbs +0 -25
- data/sig/lib/mihari/emitters/base.rbs +0 -18
- data/sig/lib/mihari/emitters/database.rbs +0 -9
- data/sig/lib/mihari/emitters/http.rbs +0 -35
- data/sig/lib/mihari/emitters/misp.rbs +0 -34
- data/sig/lib/mihari/emitters/slack.rbs +0 -73
- data/sig/lib/mihari/emitters/stdout.rbs +0 -9
- data/sig/lib/mihari/emitters/the_hive.rbs +0 -32
- data/sig/lib/mihari/emitters/webhook.rbs +0 -20
- data/sig/lib/mihari/enrichers/base.rbs +0 -12
- data/sig/lib/mihari/enrichers/google_public_dns.rbs +0 -18
- data/sig/lib/mihari/enrichers/ipinfo.rbs +0 -16
- data/sig/lib/mihari/errors.rbs +0 -10
- data/sig/lib/mihari/feed/parser.rbs +0 -11
- data/sig/lib/mihari/feed/reader.rbs +0 -56
- data/sig/lib/mihari/http.rbs +0 -64
- data/sig/lib/mihari/mixins/autonomous_system.rbs +0 -14
- data/sig/lib/mihari/mixins/configurable.rbs +0 -30
- data/sig/lib/mihari/mixins/configuration.rbs +0 -45
- data/sig/lib/mihari/mixins/disallowed_data_value.rbs +0 -23
- data/sig/lib/mihari/mixins/error_notification.rbs +0 -12
- data/sig/lib/mihari/mixins/hash.rbs +0 -14
- data/sig/lib/mihari/mixins/refang.rbs +0 -14
- data/sig/lib/mihari/mixins/retriable.rbs +0 -15
- data/sig/lib/mihari/models/alert.rbs +0 -18
- data/sig/lib/mihari/models/artifact.rbs +0 -69
- data/sig/lib/mihari/models/autonomous_system.rbs +0 -14
- data/sig/lib/mihari/models/cpe.rbs +0 -7
- data/sig/lib/mihari/models/dns.rbs +0 -19
- data/sig/lib/mihari/models/geolocation.rbs +0 -15
- data/sig/lib/mihari/models/port.rbs +0 -7
- data/sig/lib/mihari/models/reverse_dns.rbs +0 -14
- data/sig/lib/mihari/models/rule.rbs +0 -17
- data/sig/lib/mihari/models/tag.rbs +0 -5
- data/sig/lib/mihari/models/tagging.rbs +0 -4
- data/sig/lib/mihari/models/whois.rbs +0 -66
- data/sig/lib/mihari/status.rbs +0 -25
- data/sig/lib/mihari/structs/censys.rbs +0 -58
- data/sig/lib/mihari/structs/filters.rbs +0 -40
- data/sig/lib/mihari/structs/google_public_dns.rbs +0 -21
- data/sig/lib/mihari/structs/greynoise.rbs +0 -30
- data/sig/lib/mihari/structs/ipinfo.rbs +0 -17
- data/sig/lib/mihari/structs/onyphe.rbs +0 -25
- data/sig/lib/mihari/structs/rule.rbs +0 -57
- data/sig/lib/mihari/structs/shodan.rbs +0 -30
- data/sig/lib/mihari/structs/urlscan.rbs +0 -28
- data/sig/lib/mihari/structs/virustotal_intelligence.rbs +0 -33
- data/sig/lib/mihari/type_checker.rbs +0 -48
- data/sig/lib/mihari/types.rbs +0 -23
- data/sig/lib/mihari/version.rbs +0 -3
- data/sig/lib/mihari/web/app.rbs +0 -5
- data/sig/lib/mihari.rbs +0 -54
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
module Mixins
|
|
3
|
-
module Retriable
|
|
4
|
-
#
|
|
5
|
-
# Retry on error
|
|
6
|
-
#
|
|
7
|
-
# @param [Integer] times
|
|
8
|
-
# @param [Integer] interval
|
|
9
|
-
#
|
|
10
|
-
# @return [nil]
|
|
11
|
-
#
|
|
12
|
-
def retry_on_error: (?times: ::Integer times, ?interval: ::Integer interval) { () -> untyped } -> nil
|
|
13
|
-
end
|
|
14
|
-
end
|
|
15
|
-
end
|
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
class Alert < ActiveRecord::Base
|
|
3
|
-
attr_accessor title (): String
|
|
4
|
-
attr_accessor description (): String?
|
|
5
|
-
attr_accessor source (): String
|
|
6
|
-
|
|
7
|
-
attr_accessor artifacts(): Array[Mihari::Artifact]
|
|
8
|
-
attr_accessor Tags(): Array[Mihari::Tag]
|
|
9
|
-
|
|
10
|
-
def self.search: (Mihari::Structs::Filters::Alert::SearchFilterWithPagination filter) -> Array[Mihari::Alert]
|
|
11
|
-
|
|
12
|
-
def self.count: (Mihari::Structs::Filters::Alert::SearchFilter filter) -> Integer
|
|
13
|
-
|
|
14
|
-
private
|
|
15
|
-
|
|
16
|
-
def self.build_relation: (Mihari::Structs::Filters::Alert::SearchFilter filter) -> Mihari::Alert
|
|
17
|
-
end
|
|
18
|
-
end
|
|
@@ -1,69 +0,0 @@
|
|
|
1
|
-
class ArtifactValidator < ActiveModel::Validator
|
|
2
|
-
def validate: (Mihari::Artifact record) -> (nil | Mihari::Artifact)
|
|
3
|
-
end
|
|
4
|
-
|
|
5
|
-
module Mihari
|
|
6
|
-
class Artifact < ActiveRecord::Base
|
|
7
|
-
attr_accessor data (): String
|
|
8
|
-
attr_accessor data_type (): String
|
|
9
|
-
|
|
10
|
-
attr_accessor metadata(): Hash?
|
|
11
|
-
|
|
12
|
-
attr_accessor autonomous_system(): Mihari::AutonomousSystem
|
|
13
|
-
attr_accessor geolocation (): Mihari::Geolocation
|
|
14
|
-
attr_accessor whois_record(): Mihari::WhoisRecord
|
|
15
|
-
attr_accessor dns_records(): Array[Mihari::DnsRecord]
|
|
16
|
-
attr_accessor reverse_dns_names(): Array[Mihari::ReverseDnsName]
|
|
17
|
-
attr_accessor cpes(): Array[Mihari::CPE]
|
|
18
|
-
attr_accessor ports(): Array[Mihari::Port]
|
|
19
|
-
|
|
20
|
-
include ActiveModel::Validations
|
|
21
|
-
|
|
22
|
-
def initialize: (Hash[(String | Symbol), untyped] attributes) -> void
|
|
23
|
-
|
|
24
|
-
#
|
|
25
|
-
# Check uniqueness of artifact
|
|
26
|
-
#
|
|
27
|
-
# @param [Boolean] ignore_old_artifacts
|
|
28
|
-
# @param [Integer] ignore_threshold
|
|
29
|
-
#
|
|
30
|
-
# @return [Boolean] true if it is unique. Otherwise false.
|
|
31
|
-
#
|
|
32
|
-
def unique?: (?ignore_old_artifacts: bool ignore_old_artifacts, ?ignore_threshold: ::Integer ignore_threshold) -> (bool)
|
|
33
|
-
|
|
34
|
-
#
|
|
35
|
-
# Enrich(add) whois record
|
|
36
|
-
#
|
|
37
|
-
def enrich_whois: () -> void
|
|
38
|
-
|
|
39
|
-
#
|
|
40
|
-
# Enrich(add) DNS records
|
|
41
|
-
#
|
|
42
|
-
def enrich_dns: () -> void
|
|
43
|
-
|
|
44
|
-
#
|
|
45
|
-
# Enrich(add) reverse DNS names
|
|
46
|
-
#
|
|
47
|
-
def enrich_reverse_dns: () -> void
|
|
48
|
-
|
|
49
|
-
def enrich_geolocation: () -> void
|
|
50
|
-
|
|
51
|
-
def enrich_autonomous_system: () -> void
|
|
52
|
-
|
|
53
|
-
def enrich_all: () -> void
|
|
54
|
-
|
|
55
|
-
private
|
|
56
|
-
|
|
57
|
-
def normalize_as_domain: (String url_or_domain) -> String
|
|
58
|
-
|
|
59
|
-
def can_enrich_whois?: () -> bool
|
|
60
|
-
|
|
61
|
-
def can_enrich_dns?: () -> bool
|
|
62
|
-
|
|
63
|
-
def can_enrich_revese_dns?: () -> bool
|
|
64
|
-
|
|
65
|
-
def can_enrich_geolocation?: () -> bool
|
|
66
|
-
|
|
67
|
-
def can_enrich_autonomous_system?: () -> bool
|
|
68
|
-
end
|
|
69
|
-
end
|
|
@@ -1,14 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
class AutonomousSystem < ActiveRecord::Base
|
|
3
|
-
attr_accessor asn (): Integer
|
|
4
|
-
|
|
5
|
-
#
|
|
6
|
-
# Build AS by IP
|
|
7
|
-
#
|
|
8
|
-
# @param [String] ip
|
|
9
|
-
#
|
|
10
|
-
# @return [Mihari::AutonomousSystem]
|
|
11
|
-
#
|
|
12
|
-
def self.build_by_ip: (String ip) -> Mihari::AutonomousSystem?
|
|
13
|
-
end
|
|
14
|
-
end
|
|
@@ -1,19 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
class DnsRecord < ActiveRecord::Base
|
|
3
|
-
attr_accessor resource (): String
|
|
4
|
-
attr_accessor value (): String
|
|
5
|
-
|
|
6
|
-
#
|
|
7
|
-
# Build DNS records
|
|
8
|
-
#
|
|
9
|
-
# @param [String] domain
|
|
10
|
-
#
|
|
11
|
-
# @return [Array<Mihari::DnsRecord>]
|
|
12
|
-
#
|
|
13
|
-
def self.build_by_domain: (String domain) -> Array[Mihari::DnsRecord]
|
|
14
|
-
|
|
15
|
-
private
|
|
16
|
-
|
|
17
|
-
def self.get_values: (String domain, singleton(Resolv::DNS::Query) resource_type) -> Array[Mihari::DnsRecord]
|
|
18
|
-
end
|
|
19
|
-
end
|
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
class Geolocation < ActiveRecord::Base
|
|
3
|
-
attr_accessor country (): String
|
|
4
|
-
attr_accessor country_code (): String
|
|
5
|
-
|
|
6
|
-
#
|
|
7
|
-
# Build geolocation by IP
|
|
8
|
-
#
|
|
9
|
-
# @param [String] ip
|
|
10
|
-
#
|
|
11
|
-
# @return [Mihari::Geolocation]
|
|
12
|
-
#
|
|
13
|
-
def self.build_by_ip: (String ip) -> Mihari::Geolocation?
|
|
14
|
-
end
|
|
15
|
-
end
|
|
@@ -1,14 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
class ReverseDnsName < ActiveRecord::Base
|
|
3
|
-
attr_accessor name (): String
|
|
4
|
-
|
|
5
|
-
#
|
|
6
|
-
# Build reverse DNS names
|
|
7
|
-
#
|
|
8
|
-
# @param [String] ip
|
|
9
|
-
#
|
|
10
|
-
# @return [Array<Mihari::ReverseDnsName>]
|
|
11
|
-
#
|
|
12
|
-
def self.build_by_ip: (String ip) -> Array[Mihari::ReverseDnsName]
|
|
13
|
-
end
|
|
14
|
-
end
|
|
@@ -1,17 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
class Rule < ActiveRecord::Base
|
|
3
|
-
attr_accessor id(): String
|
|
4
|
-
attr_accessor title(): String
|
|
5
|
-
attr_accessor description(): String
|
|
6
|
-
attr_accessor data(): Hash
|
|
7
|
-
attr_accessor yaml(): String?
|
|
8
|
-
|
|
9
|
-
def symbolized_data: () -> Hash
|
|
10
|
-
|
|
11
|
-
def to_h: () -> Hash
|
|
12
|
-
|
|
13
|
-
def self.search: (Mihari::Structs::Filters::Rule::SearchFilterWithPagination filter) -> Array[Mihari::Rule]
|
|
14
|
-
|
|
15
|
-
def self.count: (Mihari::Structs::Filters::Rule::SearchFilter filter) -> Integer
|
|
16
|
-
end
|
|
17
|
-
end
|
|
@@ -1,66 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
class WhoisRecord < ActiveRecord::Base
|
|
3
|
-
attr_accessor domain (): String
|
|
4
|
-
attr_accessor created_on (): DateTime?
|
|
5
|
-
attr_accessor updated_on (): DateTime?
|
|
6
|
-
attr_accessor expires_on (): DateTime?
|
|
7
|
-
attr_accessor registrar (): Hash[(String | Symbol), untyped]
|
|
8
|
-
attr_accessor contacts (): Array[Hash[(String | Symbol), untyped]]
|
|
9
|
-
|
|
10
|
-
#
|
|
11
|
-
# Build whois record
|
|
12
|
-
#
|
|
13
|
-
# @param [Stinrg] domain
|
|
14
|
-
#
|
|
15
|
-
# @return [WhoisRecord, nil]
|
|
16
|
-
#
|
|
17
|
-
def self.build_by_domain: (String domain) -> Mihari::WhoisRecord?
|
|
18
|
-
|
|
19
|
-
private
|
|
20
|
-
|
|
21
|
-
#
|
|
22
|
-
# Get created_on
|
|
23
|
-
#
|
|
24
|
-
# @param [::Whois::Parser:] parser
|
|
25
|
-
#
|
|
26
|
-
# @return [Date, nil]
|
|
27
|
-
#
|
|
28
|
-
def self.get_created_on: (untyped parser) -> Date?
|
|
29
|
-
|
|
30
|
-
#
|
|
31
|
-
# Get updated_on
|
|
32
|
-
#
|
|
33
|
-
# @param [::Whois::Parser:] parser
|
|
34
|
-
#
|
|
35
|
-
# @return [Date, nil]
|
|
36
|
-
#
|
|
37
|
-
def self.get_updated_on: (untyped parser) -> Date?
|
|
38
|
-
|
|
39
|
-
#
|
|
40
|
-
# Get expires_on
|
|
41
|
-
#
|
|
42
|
-
# @param [::Whois::Parser:] parser
|
|
43
|
-
#
|
|
44
|
-
# @return [Date, nil]
|
|
45
|
-
#
|
|
46
|
-
def self.get_expires_on: (untyped parser) -> Date?
|
|
47
|
-
|
|
48
|
-
#
|
|
49
|
-
# Get registrar
|
|
50
|
-
#
|
|
51
|
-
# @param [::Whois::Parser:] parser
|
|
52
|
-
#
|
|
53
|
-
# @return [Hash, nil]
|
|
54
|
-
#
|
|
55
|
-
def self.get_registrar: (untyped parser) -> Hash[(String | Symbol), untyped]?
|
|
56
|
-
|
|
57
|
-
#
|
|
58
|
-
# Get contacts
|
|
59
|
-
#
|
|
60
|
-
# @param [::Whois::Parser:] parser
|
|
61
|
-
#
|
|
62
|
-
# @return [Array[Hash[(String | Symbol), untyped]], nil]
|
|
63
|
-
#
|
|
64
|
-
def self.get_contacts: (untyped parser) -> Array[Hash[(String | Symbol), untyped]]?
|
|
65
|
-
end
|
|
66
|
-
end
|
data/sig/lib/mihari/status.rbs
DELETED
|
@@ -1,25 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
class Status
|
|
3
|
-
def check: () -> Array[Hash[(String | Symbol), untyped]]
|
|
4
|
-
|
|
5
|
-
def self.check: () -> Array[Hash[(String | Symbol), untyped]]
|
|
6
|
-
|
|
7
|
-
private
|
|
8
|
-
|
|
9
|
-
#
|
|
10
|
-
# Statuses of analyzers and emitters
|
|
11
|
-
#
|
|
12
|
-
# @return [Array<Hash>]
|
|
13
|
-
#
|
|
14
|
-
def statuses: () -> Array[Hash[(String | Symbol), untyped]]
|
|
15
|
-
|
|
16
|
-
#
|
|
17
|
-
# Build a status of a class
|
|
18
|
-
#
|
|
19
|
-
# @param [Class<Mihari::Analyzers::Base>, Class<Mihari::Emitters::Base>] klass
|
|
20
|
-
#
|
|
21
|
-
# @return [Hash, nil]
|
|
22
|
-
#
|
|
23
|
-
def build_status: (singleton(Mihari::Analyzers::Base) | singleton(Mihari::Emitters::Base)) -> Hash[(String|Symbol), untyped]?
|
|
24
|
-
end
|
|
25
|
-
end
|
|
@@ -1,58 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
module Structs
|
|
3
|
-
module Censys
|
|
4
|
-
class AutonomousSystem
|
|
5
|
-
attr_reader asn: Integer
|
|
6
|
-
|
|
7
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Censys::AutonomousSystem
|
|
8
|
-
end
|
|
9
|
-
|
|
10
|
-
class Location
|
|
11
|
-
attr_reader country: String
|
|
12
|
-
attr_reader country_code: String
|
|
13
|
-
|
|
14
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Censys::Location
|
|
15
|
-
end
|
|
16
|
-
|
|
17
|
-
class Service
|
|
18
|
-
attr_reader port: Integer
|
|
19
|
-
|
|
20
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Censys::Service
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
class Hit
|
|
24
|
-
attr_reader ip: String
|
|
25
|
-
attr_reader location: Mihari::Structs::Censys::Location
|
|
26
|
-
attr_reader autonomous_system: Mihari::Structs::Censys::AutonomousSystem
|
|
27
|
-
attr_reader metadata: Hash[(String | Symbol), untyped]
|
|
28
|
-
attr_reader services: Array[Mihari::Structs::Censys::Service]
|
|
29
|
-
|
|
30
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Censys::Hit
|
|
31
|
-
end
|
|
32
|
-
|
|
33
|
-
class Links
|
|
34
|
-
attr_reader next: String
|
|
35
|
-
attr_reader prev: String
|
|
36
|
-
|
|
37
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Censys::Links
|
|
38
|
-
end
|
|
39
|
-
|
|
40
|
-
class Result
|
|
41
|
-
attr_reader query: String
|
|
42
|
-
attr_reader total: Integer
|
|
43
|
-
attr_reader hits: Array[Mihari::Structs::Censys::Hit]
|
|
44
|
-
attr_reader links: Mihari::Structs::Censys::Links
|
|
45
|
-
|
|
46
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Censys::Result
|
|
47
|
-
end
|
|
48
|
-
|
|
49
|
-
class Response
|
|
50
|
-
attr_reader code: Integer
|
|
51
|
-
attr_reader status: String
|
|
52
|
-
attr_reader result: Mihari::Structs::Censys::Result
|
|
53
|
-
|
|
54
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Censys::Response
|
|
55
|
-
end
|
|
56
|
-
end
|
|
57
|
-
end
|
|
58
|
-
end
|
|
@@ -1,40 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
module Structs
|
|
3
|
-
module Filters
|
|
4
|
-
module Alert
|
|
5
|
-
class SearchFilter < Dry::Struct
|
|
6
|
-
attr_reader artifact_data: String?
|
|
7
|
-
attr_reader description: String?
|
|
8
|
-
attr_reader source: String?
|
|
9
|
-
attr_reader tag_name: String?
|
|
10
|
-
attr_reader title: String?
|
|
11
|
-
attr_reader from_at: DateTime?
|
|
12
|
-
attr_reader to_at: DateTime?
|
|
13
|
-
attr_reader asn: Integer?
|
|
14
|
-
attr_reader dns_record: String?
|
|
15
|
-
attr_reader reverse_dns_name: String?
|
|
16
|
-
|
|
17
|
-
def valid_artifact_filters?: () -> bool
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
class SearchFilterWithPagination < SearchFilter
|
|
21
|
-
def without_pagination: () -> Mihari::Structs::Filters::Alert::SearchFilter
|
|
22
|
-
end
|
|
23
|
-
end
|
|
24
|
-
|
|
25
|
-
module Rule
|
|
26
|
-
class SearchFilter < Dry::Struct
|
|
27
|
-
attr_reader page: Integer?
|
|
28
|
-
attr_reader tag: String?
|
|
29
|
-
attr_reader source: String?
|
|
30
|
-
attr_reader from_at: DateTime?
|
|
31
|
-
attr_reader to_at: DateTime?
|
|
32
|
-
end
|
|
33
|
-
|
|
34
|
-
class SearchFilterWithPagination < SearchFilter
|
|
35
|
-
def without_pagination: () -> Mihari::Structs::Filters::Rule::SearchFilter
|
|
36
|
-
end
|
|
37
|
-
end
|
|
38
|
-
end
|
|
39
|
-
end
|
|
40
|
-
end
|
|
@@ -1,21 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
module Structs
|
|
3
|
-
module GooglePublicDNS
|
|
4
|
-
INT_TYPE_TO_TYPE: { 1 => "A", 2 => "NS", 5 => "CNAME", 16 => "TXT", 28 => "AAAA" }
|
|
5
|
-
|
|
6
|
-
class Answer < Dry::Struct
|
|
7
|
-
attr_reader name: String
|
|
8
|
-
attr_reader data: String
|
|
9
|
-
attr_reader resource_type: String
|
|
10
|
-
|
|
11
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::GooglePublicDNS::Answer
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
class Response < Dry::Struct
|
|
15
|
-
attr_reader answers: Array[Mihari::Structs::GooglePublicDNS::Answer]
|
|
16
|
-
|
|
17
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::GooglePublicDNS::Response
|
|
18
|
-
end
|
|
19
|
-
end
|
|
20
|
-
end
|
|
21
|
-
end
|
|
@@ -1,30 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
module Structs
|
|
3
|
-
module GreyNoise
|
|
4
|
-
class Metadata < Dry::Struct
|
|
5
|
-
attr_reader country: String
|
|
6
|
-
attr_reader country_code: String
|
|
7
|
-
attr_reader asn: String
|
|
8
|
-
|
|
9
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::GreyNoise::Metadata
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
class Datum < Dry::Struct
|
|
13
|
-
attr_reader ip: String
|
|
14
|
-
attr_reader metadata: Mihari::Structs::GreyNoise::Metadata
|
|
15
|
-
|
|
16
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::GreyNoise::Datum
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
class Response < Dry::Struct
|
|
20
|
-
attr_reader complete: Boolean
|
|
21
|
-
attr_reader count: Integer
|
|
22
|
-
attr_reader data: Array[Mihari::Structs::GreyNoise::Danum]
|
|
23
|
-
attr_reader message: String
|
|
24
|
-
attr_reader query: String
|
|
25
|
-
|
|
26
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::GreyNoise::Response
|
|
27
|
-
end
|
|
28
|
-
end
|
|
29
|
-
end
|
|
30
|
-
end
|
|
@@ -1,17 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
module Structs
|
|
3
|
-
module IPInfo
|
|
4
|
-
class Response
|
|
5
|
-
attr_reader ip: String
|
|
6
|
-
attr_reader hostname: String?
|
|
7
|
-
attr_reader loc: String?
|
|
8
|
-
attr_reader country_code: String?
|
|
9
|
-
attr_reader asn: Integer?
|
|
10
|
-
|
|
11
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::IPInfo::Response
|
|
12
|
-
|
|
13
|
-
def to_hash: () -> Hash[(String | Symbol), untyped]
|
|
14
|
-
end
|
|
15
|
-
end
|
|
16
|
-
end
|
|
17
|
-
end
|
|
@@ -1,25 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
module Structs
|
|
3
|
-
module Onyphe
|
|
4
|
-
class Result
|
|
5
|
-
attr_reader asn: String
|
|
6
|
-
attr_reader country_code: String?
|
|
7
|
-
attr_reader ip: String
|
|
8
|
-
|
|
9
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Onyphe::Result
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
class Response
|
|
13
|
-
attr_reader count: Integer
|
|
14
|
-
attr_reader error: Integer
|
|
15
|
-
attr_reader max_page: Integer
|
|
16
|
-
attr_reader page: String
|
|
17
|
-
attr_reader results: Array[Mihari::Structs::Onyphe::Result]
|
|
18
|
-
attr_reader status: String
|
|
19
|
-
attr_reader total: Integer
|
|
20
|
-
|
|
21
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Onyphe::Response
|
|
22
|
-
end
|
|
23
|
-
end
|
|
24
|
-
end
|
|
25
|
-
end
|
|
@@ -1,57 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
module Structs
|
|
3
|
-
class Rule
|
|
4
|
-
attr_reader data: Hash
|
|
5
|
-
|
|
6
|
-
attr_reader yaml: String
|
|
7
|
-
|
|
8
|
-
attr_reader errors: Array[untypes]?
|
|
9
|
-
|
|
10
|
-
def initialize: (Hash data) -> void
|
|
11
|
-
|
|
12
|
-
#
|
|
13
|
-
# @return [Boolean]
|
|
14
|
-
#
|
|
15
|
-
def errors?: () -> (bool)
|
|
16
|
-
|
|
17
|
-
#
|
|
18
|
-
# @return [Array[String]]
|
|
19
|
-
#
|
|
20
|
-
def error_messages: () -> (Array[String])
|
|
21
|
-
|
|
22
|
-
def validate: () -> void
|
|
23
|
-
|
|
24
|
-
def validate!: () -> void
|
|
25
|
-
|
|
26
|
-
def []: (untyped key) -> untyped
|
|
27
|
-
|
|
28
|
-
#
|
|
29
|
-
# @return [String]
|
|
30
|
-
#
|
|
31
|
-
def id: () -> String
|
|
32
|
-
|
|
33
|
-
#
|
|
34
|
-
# @return [String]
|
|
35
|
-
#
|
|
36
|
-
def title: () -> String
|
|
37
|
-
|
|
38
|
-
#
|
|
39
|
-
# @return [String]
|
|
40
|
-
#
|
|
41
|
-
def description: () -> String
|
|
42
|
-
|
|
43
|
-
#
|
|
44
|
-
# @return [Mihari::Rule]
|
|
45
|
-
#
|
|
46
|
-
def to_model: () -> Mihari::Rule
|
|
47
|
-
|
|
48
|
-
def to_analyzer: () -> Mihari::Analyzers::Rule
|
|
49
|
-
|
|
50
|
-
def self.from_model: (Mihari::Rule model) -> Mihari::Structs::Rule
|
|
51
|
-
|
|
52
|
-
def self.from_yaml: (String yaml) -> Mihari::Structs::Rule
|
|
53
|
-
|
|
54
|
-
def self.from_path_or_id: (String path_or_id) -> Mihari::Structs::Rule
|
|
55
|
-
end
|
|
56
|
-
end
|
|
57
|
-
end
|
|
@@ -1,30 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
module Structs
|
|
3
|
-
module Shodan
|
|
4
|
-
class Location
|
|
5
|
-
attr_reader country_code: String?
|
|
6
|
-
attr_reader country_name: String?
|
|
7
|
-
|
|
8
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Shodan::Location
|
|
9
|
-
end
|
|
10
|
-
|
|
11
|
-
class Match
|
|
12
|
-
attr_reader asn: String?
|
|
13
|
-
attr_reader hostnames: Array[String]
|
|
14
|
-
attr_reader location: Mihari::Structs::Shodan::Location
|
|
15
|
-
attr_reader domains: Array[String]
|
|
16
|
-
attr_reader ip_str: String
|
|
17
|
-
attr_reader port: Integer
|
|
18
|
-
|
|
19
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Shodan::Match
|
|
20
|
-
end
|
|
21
|
-
|
|
22
|
-
class Result
|
|
23
|
-
attr_reader matches: Array[Mihari::Structs::Shodan::Match]
|
|
24
|
-
attr_reader total: Integer
|
|
25
|
-
|
|
26
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Shodan::Result
|
|
27
|
-
end
|
|
28
|
-
end
|
|
29
|
-
end
|
|
30
|
-
end
|
|
@@ -1,28 +0,0 @@
|
|
|
1
|
-
module Mihari
|
|
2
|
-
module Structs
|
|
3
|
-
module Urlscan
|
|
4
|
-
class Page < Dry::Struct
|
|
5
|
-
attr_reader domain: String?
|
|
6
|
-
attr_reader ip: String?
|
|
7
|
-
attr_reader url: String
|
|
8
|
-
|
|
9
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Urlscan::Page
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
class Result < Dry::Struct
|
|
13
|
-
attr_reader page: Mihari::Structs::Urlscan::Page
|
|
14
|
-
attr_reader id: String
|
|
15
|
-
attr_reader sort: Array[Integer | String]
|
|
16
|
-
|
|
17
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Urlscan::Result
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
class Response < Dry::Struct
|
|
21
|
-
attr_reader results: Array[Mihari::Structs::Urlscan::Result]
|
|
22
|
-
attr_reader has_more: Boolean
|
|
23
|
-
|
|
24
|
-
def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Urlscan::Response
|
|
25
|
-
end
|
|
26
|
-
end
|
|
27
|
-
end
|
|
28
|
-
end
|