RubyGems - mihari - Versions diffs - 5.0.1 → 5.1.1 - Mend

mihari 5.0.1 → 5.1.1

Files changed (59) hide show

checksums.yaml +4 -4
data/.rspec +1 -1
data/docker/Dockerfile +1 -1
data/lib/mihari/analyzers/binaryedge.rb +9 -7
data/lib/mihari/analyzers/censys.rb +3 -5
data/lib/mihari/analyzers/circl.rb +4 -6
data/lib/mihari/analyzers/crtsh.rb +6 -7
data/lib/mihari/analyzers/dnpedia.rb +3 -7
data/lib/mihari/analyzers/dnstwister.rb +3 -5
data/lib/mihari/analyzers/feed.rb +12 -10
data/lib/mihari/analyzers/greynoise.rb +3 -5
data/lib/mihari/analyzers/onyphe.rb +3 -4
data/lib/mihari/analyzers/otx.rb +1 -3
data/lib/mihari/analyzers/passivetotal.rb +5 -7
data/lib/mihari/analyzers/pulsedive.rb +5 -7
data/lib/mihari/analyzers/shodan.rb +3 -9
data/lib/mihari/analyzers/urlscan.rb +7 -6
data/lib/mihari/analyzers/virustotal.rb +4 -6
data/lib/mihari/analyzers/virustotal_intelligence.rb +4 -5
data/lib/mihari/analyzers/zoomeye.rb +4 -10
data/lib/mihari/cli/database.rb +11 -0
data/lib/mihari/cli/main.rb +10 -4
data/lib/mihari/cli/rule.rb +11 -0
data/lib/mihari/clients/base.rb +53 -0
data/lib/mihari/clients/binaryedge.rb +33 -0
data/lib/mihari/clients/censys.rb +42 -0
data/lib/mihari/clients/circl.rb +59 -0
data/lib/mihari/clients/crtsh.rb +31 -0
data/lib/mihari/clients/dnpedia.rb +64 -0
data/lib/mihari/clients/dnstwister.rb +40 -0
data/lib/mihari/clients/greynoise.rb +29 -0
data/lib/mihari/clients/misp.rb +24 -0
data/lib/mihari/clients/onyphe.rb +23 -0
data/lib/mihari/clients/otx.rb +29 -0
data/lib/mihari/clients/passivetotal.rb +65 -0
data/lib/mihari/clients/publsedive.rb +39 -0
data/lib/mihari/clients/shodan.rb +30 -0
data/lib/mihari/clients/the_hive.rb +28 -0
data/lib/mihari/clients/urlscan.rb +31 -0
data/lib/mihari/clients/virustotal.rb +56 -0
data/lib/mihari/clients/zoomeye.rb +68 -0
data/lib/mihari/commands/database.rb +28 -0
data/lib/mihari/commands/{initializer.rb → rule.rb} +27 -6
data/lib/mihari/commands/searcher.rb +5 -0
data/lib/mihari/database.rb +8 -22
data/lib/mihari/emitters/misp.rb +13 -20
data/lib/mihari/emitters/the_hive.rb +3 -5
data/lib/mihari/emitters/webhook.rb +2 -2
data/lib/mihari/feed/reader.rb +14 -11
data/lib/mihari/http.rb +29 -21
data/lib/mihari/mixins/database.rb +2 -0
data/lib/mihari/mixins/retriable.rb +3 -1
data/lib/mihari/schemas/analyzer.rb +5 -4
data/lib/mihari/version.rb +1 -1
data/lib/mihari.rb +21 -0
data/mihari.gemspec +14 -20
metadata +61 -238
data/lib/mihari/analyzers/clients/otx.rb +0 -36
data/lib/mihari/commands/validator.rb +0 -31

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mihari
 version: !ruby/object:Gem::Version
-  version: 5.0.1
+  version: 5.1.1
 platform: ruby
 authors:
 - Manabu Niseki
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-02-19 00:00:00.000000000 Z
+date: 2023-03-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -53,33 +53,33 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '2.4'
 - !ruby/object:Gem::Dependency
-  name: mysql2
+  name: fuubar
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: '2.5'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: '2.5'
 - !ruby/object:Gem::Dependency
-  name: overcommit
+  name: mysql2
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.60'
+        version: '0.5'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.60'
+        version: '0.5'
 - !ruby/object:Gem::Dependency
   name: pg
   requirement: !ruby/object:Gem::Requirement
@@ -192,20 +192,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.24'
-- !ruby/object:Gem::Dependency
-  name: steep
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.3'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.3'
 - !ruby/object:Gem::Dependency
   name: timecop
   requirement: !ruby/object:Gem::Requirement
@@ -249,117 +235,89 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '3.18'
 - !ruby/object:Gem::Dependency
-  name: activerecord
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 7.0.4.2
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 7.0.4.2
-- !ruby/object:Gem::Dependency
-  name: addressable
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.8.1
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.8.1
-- !ruby/object:Gem::Dependency
-  name: awrence
+  name: overcommit
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.1
-  type: :runtime
+        version: '0.60'
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.1
+        version: '0.60'
 - !ruby/object:Gem::Dependency
-  name: binaryedge
+  name: ruby-lsp
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.1.0
-  type: :runtime
+        version: '0.4'
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.1.0
+        version: '0.4'
 - !ruby/object:Gem::Dependency
-  name: censysx
+  name: steep
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.1.1
-  type: :runtime
+        version: '1.3'
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.1.1
+        version: '1.3'
 - !ruby/object:Gem::Dependency
-  name: crtsh-rb
+  name: activerecord
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.3.1
+        version: 7.0.4.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.3.1
+        version: 7.0.4.2
 - !ruby/object:Gem::Dependency
-  name: dnpedia
+  name: addressable
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.1.0
+        version: 2.8.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.1.0
+        version: 2.8.1
 - !ruby/object:Gem::Dependency
-  name: dnstwister
+  name: awrence
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.1.0
+        version: 2.0.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.1.0
+        version: 2.0.1
 - !ruby/object:Gem::Dependency
   name: dotenv
   requirement: !ruby/object:Gem::Requirement
@@ -542,34 +500,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 0.5.1
-- !ruby/object:Gem::Dependency
-  name: greynoise
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.1
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.1
-- !ruby/object:Gem::Dependency
-  name: hachi
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.0.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.0.0
 - !ruby/object:Gem::Dependency
   name: insensitive_hash
   requirement: !ruby/object:Gem::Requirement
@@ -626,20 +556,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 2.0.2
-- !ruby/object:Gem::Dependency
-  name: misp
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.4
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.4
 - !ruby/object:Gem::Dependency
   name: net-ping
   requirement: !ruby/object:Gem::Requirement
@@ -668,20 +584,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 0.3.2
-- !ruby/object:Gem::Dependency
-  name: onyphe
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.0.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.0.0
 - !ruby/object:Gem::Dependency
   name: parallel
   requirement: !ruby/object:Gem::Requirement
@@ -696,34 +598,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 1.22.1
-- !ruby/object:Gem::Dependency
-  name: passive_circl
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.0
-- !ruby/object:Gem::Dependency
-  name: passivetotalx
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.1
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.1
 - !ruby/object:Gem::Dependency
   name: plissken
   requirement: !ruby/object:Gem::Requirement
@@ -752,20 +626,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 5.0.1
-- !ruby/object:Gem::Dependency
-  name: pulsedive
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.5
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.5
 - !ruby/object:Gem::Dependency
   name: puma
   requirement: !ruby/object:Gem::Requirement
@@ -856,28 +716,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.7.0
+        version: 5.8.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.7.0
-- !ruby/object:Gem::Dependency
-  name: shodanx
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.2.1
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.2.1
+        version: 5.8.0
 - !ruby/object:Gem::Dependency
   name: slack-notifier
   requirement: !ruby/object:Gem::Requirement
@@ -898,14 +744,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.6.0
+        version: 1.6.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.6.0
+        version: 1.6.1
 - !ruby/object:Gem::Dependency
   name: thor
   requirement: !ruby/object:Gem::Requirement
@@ -920,20 +766,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 1.2.1
-- !ruby/object:Gem::Dependency
-  name: urlscan
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.8.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.8.0
 - !ruby/object:Gem::Dependency
   name: uuidtools
   requirement: !ruby/object:Gem::Requirement
@@ -948,20 +780,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 2.2.0
-- !ruby/object:Gem::Dependency
-  name: virustotalx
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.2.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.2.0
 - !ruby/object:Gem::Dependency
   name: whois
   requirement: !ruby/object:Gem::Requirement
@@ -990,20 +808,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 2.0.0
-- !ruby/object:Gem::Dependency
-  name: zoomeye-rb
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.2.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.2.0
 description:
 email:
 - manabu.niseki@gmail.com
@@ -1048,7 +852,6 @@ files:
 - lib/mihari/analyzers/binaryedge.rb
 - lib/mihari/analyzers/censys.rb
 - lib/mihari/analyzers/circl.rb
-- lib/mihari/analyzers/clients/otx.rb
 - lib/mihari/analyzers/crtsh.rb
 - lib/mihari/analyzers/dnpedia.rb
 - lib/mihari/analyzers/dnstwister.rb
@@ -1066,10 +869,30 @@ files:
 - lib/mihari/analyzers/virustotal_intelligence.rb
 - lib/mihari/analyzers/zoomeye.rb
 - lib/mihari/cli/base.rb
+- lib/mihari/cli/database.rb
 - lib/mihari/cli/main.rb
-- lib/mihari/commands/initializer.rb
+- lib/mihari/cli/rule.rb
+- lib/mihari/clients/base.rb
+- lib/mihari/clients/binaryedge.rb
+- lib/mihari/clients/censys.rb
+- lib/mihari/clients/circl.rb
+- lib/mihari/clients/crtsh.rb
+- lib/mihari/clients/dnpedia.rb
+- lib/mihari/clients/dnstwister.rb
+- lib/mihari/clients/greynoise.rb
+- lib/mihari/clients/misp.rb
+- lib/mihari/clients/onyphe.rb
+- lib/mihari/clients/otx.rb
+- lib/mihari/clients/passivetotal.rb
+- lib/mihari/clients/publsedive.rb
+- lib/mihari/clients/shodan.rb
+- lib/mihari/clients/the_hive.rb
+- lib/mihari/clients/urlscan.rb
+- lib/mihari/clients/virustotal.rb
+- lib/mihari/clients/zoomeye.rb
+- lib/mihari/commands/database.rb
+- lib/mihari/commands/rule.rb
 - lib/mihari/commands/searcher.rb
-- lib/mihari/commands/validator.rb
 - lib/mihari/commands/version.rb
 - lib/mihari/commands/web.rb
 - lib/mihari/constants.rb

data/lib/mihari/analyzers/clients/otx.rb DELETED Viewed

@@ -1,36 +0,0 @@
-# frozen_string_literal: true
-module Mihari
-  module Analyzers
-    module Clients
-      class OTX
-        attr_reader :api_key
-        def initialize(api_key)
-          @api_key = api_key
-        end
-        def query_by_ip(ip)
-          get "https://otx.alienvault.com/api/v1/indicators/IPv4/#{ip}/passive_dns"
-        end
-        def query_by_domain(domain)
-          get "https://otx.alienvault.com/api/v1/indicators/domain/#{domain}/passive_dns"
-        end
-        private
-        def headers
-          { "x-otx-api-key": api_key }
-        end
-        def get(url)
-          res = HTTP.get(url, headers: headers)
-          JSON.parse(res.body.to_s)
-        rescue HTTPError
-          nil
-        end
-      end
-    end
-  end
-end

data/lib/mihari/commands/validator.rb DELETED Viewed

@@ -1,31 +0,0 @@
-# frozen_string_literal: true
-module Mihari
-  module Commands
-    module Validator
-      def self.included(thor)
-        thor.class_eval do
-          desc "validate [PATH]", "Validate a rule file"
-          #
-          # Validate format of a rule
-          #
-          # @param [String] path
-          #
-          # @return [nil]
-          #
-          def validate(path)
-            rule = Structs::Rule.from_path_or_id(path)
-            begin
-              rule.validate!
-              Mihari.logger.info "Valid format. The input is parsed as the following:"
-              Mihari.logger.info rule.data.to_yaml
-            rescue RuleValidationError
-              nil
-            end
-          end
-        end
-      end
-    end
-  end
-end