RubyGems - mihari - Versions diffs - 5.1.0 → 5.1.2 - Mend

mihari 5.1.0 → 5.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (66) hide show

checksums.yaml +4 -4
data/.gitmodules +0 -3
data/.rubocop.yml +6 -0
data/README.md +0 -1
data/lib/mihari/analyzers/base.rb +32 -27
data/lib/mihari/analyzers/binaryedge.rb +17 -9
data/lib/mihari/analyzers/censys.rb +10 -54
data/lib/mihari/analyzers/circl.rb +7 -6
data/lib/mihari/analyzers/crtsh.rb +12 -7
data/lib/mihari/analyzers/dnstwister.rb +7 -7
data/lib/mihari/analyzers/feed.rb +33 -10
data/lib/mihari/analyzers/greynoise.rb +8 -33
data/lib/mihari/analyzers/onyphe.rb +10 -36
data/lib/mihari/analyzers/otx.rb +4 -3
data/lib/mihari/analyzers/passivetotal.rb +8 -7
data/lib/mihari/analyzers/pulsedive.rb +8 -7
data/lib/mihari/analyzers/rule.rb +0 -1
data/lib/mihari/analyzers/securitytrails.rb +8 -10
data/lib/mihari/analyzers/shodan.rb +16 -90
data/lib/mihari/analyzers/urlscan.rb +16 -6
data/lib/mihari/analyzers/virustotal.rb +8 -6
data/lib/mihari/analyzers/virustotal_intelligence.rb +12 -7
data/lib/mihari/analyzers/zoomeye.rb +13 -10
data/lib/mihari/clients/base.rb +53 -0
data/lib/mihari/clients/binaryedge.rb +38 -0
data/lib/mihari/clients/censys.rb +42 -0
data/lib/mihari/clients/circl.rb +59 -0
data/lib/mihari/clients/crtsh.rb +31 -0
data/lib/mihari/clients/dnstwister.rb +40 -0
data/lib/mihari/clients/greynoise.rb +34 -0
data/lib/mihari/clients/misp.rb +29 -0
data/lib/mihari/clients/onyphe.rb +35 -0
data/lib/mihari/clients/otx.rb +49 -0
data/lib/mihari/clients/passivetotal.rb +69 -0
data/lib/mihari/clients/publsedive.rb +56 -0
data/lib/mihari/clients/securitytrails.rb +94 -0
data/lib/mihari/clients/shodan.rb +41 -0
data/lib/mihari/clients/the_hive.rb +33 -0
data/lib/mihari/clients/urlscan.rb +33 -0
data/lib/mihari/clients/virustotal.rb +62 -0
data/lib/mihari/clients/zoomeye.rb +74 -0
data/lib/mihari/commands/database.rb +1 -6
data/lib/mihari/commands/searcher.rb +1 -2
data/lib/mihari/database.rb +9 -0
data/lib/mihari/emitters/misp.rb +13 -20
data/lib/mihari/emitters/the_hive.rb +3 -5
data/lib/mihari/emitters/webhook.rb +2 -2
data/lib/mihari/feed/reader.rb +14 -11
data/lib/mihari/http.rb +29 -21
data/lib/mihari/mixins/retriable.rb +3 -1
data/lib/mihari/schemas/analyzer.rb +5 -4
data/lib/mihari/structs/censys.rb +62 -0
data/lib/mihari/structs/greynoise.rb +43 -0
data/lib/mihari/structs/onyphe.rb +45 -0
data/lib/mihari/structs/shodan.rb +83 -0
data/lib/mihari/version.rb +1 -1
data/lib/mihari/web/middleware/connection_adapter.rb +1 -3
data/lib/mihari/web/public/assets/{index-63900d73.js → index-7d0fb8c4.js} +2 -2
data/lib/mihari/web/public/index.html +1 -1
data/lib/mihari/web/public/redoc-static.html +2 -2
data/lib/mihari.rb +21 -2
data/mihari.gemspec +15 -23
metadata +55 -264
data/lib/mihari/analyzers/clients/otx.rb +0 -36
data/lib/mihari/analyzers/dnpedia.rb +0 -37
data/lib/mihari/mixins/database.rb +0 -16

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mihari
 version: !ruby/object:Gem::Version
-  version: 5.1.0
+  version: 5.1.2
 platform: ruby
 authors:
 - Manabu Niseki
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-02-25 00:00:00.000000000 Z
+date: 2023-03-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -80,20 +80,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.5'
-- !ruby/object:Gem::Dependency
-  name: overcommit
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.60'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.60'
 - !ruby/object:Gem::Dependency
   name: pg
   requirement: !ruby/object:Gem::Requirement
@@ -198,28 +184,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.24'
+        version: '1.25'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.24'
-- !ruby/object:Gem::Dependency
-  name: steep
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.3'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '1.25'
 - !ruby/object:Gem::Dependency
   name: timecop
   requirement: !ruby/object:Gem::Requirement
@@ -263,117 +235,89 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '3.18'
 - !ruby/object:Gem::Dependency
-  name: activerecord
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 7.0.4.2
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 7.0.4.2
-- !ruby/object:Gem::Dependency
-  name: addressable
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.8.1
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.8.1
-- !ruby/object:Gem::Dependency
-  name: awrence
+  name: overcommit
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.1
-  type: :runtime
+        version: '0.60'
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.1
+        version: '0.60'
 - !ruby/object:Gem::Dependency
-  name: binaryedge
+  name: ruby-lsp
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.1.0
-  type: :runtime
+        version: '0.4'
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.1.0
+        version: '0.4'
 - !ruby/object:Gem::Dependency
-  name: censysx
+  name: steep
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.1.1
-  type: :runtime
+        version: '1.3'
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.1.1
+        version: '1.3'
 - !ruby/object:Gem::Dependency
-  name: crtsh-rb
+  name: activerecord
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.3.1
+        version: 7.0.4.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.3.1
+        version: 7.0.4.3
 - !ruby/object:Gem::Dependency
-  name: dnpedia
+  name: addressable
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.1.0
+        version: 2.8.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.1.0
+        version: 2.8.1
 - !ruby/object:Gem::Dependency
-  name: dnstwister
+  name: awrence
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.1.0
+        version: 2.0.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.1.0
+        version: 2.0.1
 - !ruby/object:Gem::Dependency
   name: dotenv
   requirement: !ruby/object:Gem::Requirement
@@ -556,34 +500,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 0.5.1
-- !ruby/object:Gem::Dependency
-  name: greynoise
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.1
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.1
-- !ruby/object:Gem::Dependency
-  name: hachi
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.0.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.0.0
 - !ruby/object:Gem::Dependency
   name: insensitive_hash
   requirement: !ruby/object:Gem::Requirement
@@ -640,20 +556,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 2.0.2
-- !ruby/object:Gem::Dependency
-  name: misp
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.4
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.4
 - !ruby/object:Gem::Dependency
   name: net-ping
   requirement: !ruby/object:Gem::Requirement
@@ -682,20 +584,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 0.3.2
-- !ruby/object:Gem::Dependency
-  name: onyphe
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.0.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.0.0
 - !ruby/object:Gem::Dependency
   name: parallel
   requirement: !ruby/object:Gem::Requirement
@@ -710,34 +598,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 1.22.1
-- !ruby/object:Gem::Dependency
-  name: passive_circl
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.0
-- !ruby/object:Gem::Dependency
-  name: passivetotalx
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.1
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.1
 - !ruby/object:Gem::Dependency
   name: plissken
   requirement: !ruby/object:Gem::Requirement
@@ -766,20 +626,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 5.0.1
-- !ruby/object:Gem::Dependency
-  name: pulsedive
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.5
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.1.5
 - !ruby/object:Gem::Dependency
   name: puma
   requirement: !ruby/object:Gem::Requirement
@@ -836,20 +682,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 1.1.1
-- !ruby/object:Gem::Dependency
-  name: securitytrails
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.0.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.0.0
 - !ruby/object:Gem::Dependency
   name: semantic_logger
   requirement: !ruby/object:Gem::Requirement
@@ -870,28 +702,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.7.0
+        version: 5.8.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.7.0
-- !ruby/object:Gem::Dependency
-  name: shodanx
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.2.1
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.2.1
+        version: 5.8.0
 - !ruby/object:Gem::Dependency
   name: slack-notifier
   requirement: !ruby/object:Gem::Requirement
@@ -912,14 +730,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.6.0
+        version: 1.6.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.6.0
+        version: 1.6.1
 - !ruby/object:Gem::Dependency
   name: thor
   requirement: !ruby/object:Gem::Requirement
@@ -934,20 +752,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 1.2.1
-- !ruby/object:Gem::Dependency
-  name: urlscan
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.8.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.8.0
 - !ruby/object:Gem::Dependency
   name: uuidtools
   requirement: !ruby/object:Gem::Requirement
@@ -962,20 +766,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 2.2.0
-- !ruby/object:Gem::Dependency
-  name: virustotalx
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.2.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.2.0
 - !ruby/object:Gem::Dependency
   name: whois
   requirement: !ruby/object:Gem::Requirement
@@ -1004,20 +794,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 2.0.0
-- !ruby/object:Gem::Dependency
-  name: zoomeye-rb
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.2.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.2.0
 description:
 email:
 - manabu.niseki@gmail.com
@@ -1062,9 +838,7 @@ files:
 - lib/mihari/analyzers/binaryedge.rb
 - lib/mihari/analyzers/censys.rb
 - lib/mihari/analyzers/circl.rb
-- lib/mihari/analyzers/clients/otx.rb
 - lib/mihari/analyzers/crtsh.rb
-- lib/mihari/analyzers/dnpedia.rb
 - lib/mihari/analyzers/dnstwister.rb
 - lib/mihari/analyzers/feed.rb
 - lib/mihari/analyzers/greynoise.rb
@@ -1083,6 +857,24 @@ files:
 - lib/mihari/cli/database.rb
 - lib/mihari/cli/main.rb
 - lib/mihari/cli/rule.rb
+- lib/mihari/clients/base.rb
+- lib/mihari/clients/binaryedge.rb
+- lib/mihari/clients/censys.rb
+- lib/mihari/clients/circl.rb
+- lib/mihari/clients/crtsh.rb
+- lib/mihari/clients/dnstwister.rb
+- lib/mihari/clients/greynoise.rb
+- lib/mihari/clients/misp.rb
+- lib/mihari/clients/onyphe.rb
+- lib/mihari/clients/otx.rb
+- lib/mihari/clients/passivetotal.rb
+- lib/mihari/clients/publsedive.rb
+- lib/mihari/clients/securitytrails.rb
+- lib/mihari/clients/shodan.rb
+- lib/mihari/clients/the_hive.rb
+- lib/mihari/clients/urlscan.rb
+- lib/mihari/clients/virustotal.rb
+- lib/mihari/clients/zoomeye.rb
 - lib/mihari/commands/database.rb
 - lib/mihari/commands/rule.rb
 - lib/mihari/commands/searcher.rb
@@ -1121,7 +913,6 @@ files:
 - lib/mihari/http.rb
 - lib/mihari/mixins/autonomous_system.rb
 - lib/mihari/mixins/configurable.rb
-- lib/mihari/mixins/database.rb
 - lib/mihari/mixins/error_notification.rb
 - lib/mihari/mixins/falsepositive.rb
 - lib/mihari/mixins/refang.rb
@@ -1177,7 +968,7 @@ files:
 - lib/mihari/web/public/assets/fa-v4compatibility-7c377405.woff2
 - lib/mihari/web/public/assets/fa-v4compatibility-8d9500e8.ttf
 - lib/mihari/web/public/assets/index-625e95fe.css
-- lib/mihari/web/public/assets/index-63900d73.js
+- lib/mihari/web/public/assets/index-7d0fb8c4.js
 - lib/mihari/web/public/favicon.ico
 - lib/mihari/web/public/index.html
 - lib/mihari/web/public/redoc-static.html
@@ -1203,7 +994,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.1
+rubygems_version: 3.3.26
 signing_key:
 specification_version: 4
 summary: A framework for continuous OSINT based threat hunting

data/lib/mihari/analyzers/clients/otx.rb DELETED Viewed

@@ -1,36 +0,0 @@
-# frozen_string_literal: true
-module Mihari
-  module Analyzers
-    module Clients
-      class OTX
-        attr_reader :api_key
-        def initialize(api_key)
-          @api_key = api_key
-        end
-        def query_by_ip(ip)
-          get "https://otx.alienvault.com/api/v1/indicators/IPv4/#{ip}/passive_dns"
-        end
-        def query_by_domain(domain)
-          get "https://otx.alienvault.com/api/v1/indicators/domain/#{domain}/passive_dns"
-        end
-        private
-        def headers
-          { "x-otx-api-key": api_key }
-        end
-        def get(url)
-          res = HTTP.get(url, headers: headers)
-          JSON.parse(res.body.to_s)
-        rescue HTTPError
-          nil
-        end
-      end
-    end
-  end
-end

data/lib/mihari/analyzers/dnpedia.rb DELETED Viewed

@@ -1,37 +0,0 @@
-# frozen_string_literal: true
-require "dnpedia"
-module Mihari
-  module Analyzers
-    class DNPedia < Base
-      param :query
-      option :tags, default: proc { [] }
-      def artifacts
-        search || []
-      end
-      private
-      def api
-        @api ||= ::DNPedia::API.new
-      end
-      #
-      # Search
-      #
-      # @return [Array<Mihari::Artifact>]
-      #
-      def search
-        res = api.search(query)
-        rows = res["rows"] || []
-        rows.map do |row|
-          data = [row["name"], row["zoneid"]].join(".")
-          Artifact.new(data: data, source: source, metadata: row)
-        end
-      end
-    end
-  end
-end

data/lib/mihari/mixins/database.rb DELETED Viewed

@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-module Mihari
-  module Mixins
-    module Database
-      def with_db_connection
-        Mihari::Database.connect
-        yield
-      rescue ActiveRecord::StatementInvalid
-        Mihari.logger.error("You haven't finished the DB migration! Please run 'mihari db migrate'.")
-      ensure
-        Mihari::Database.close
-      end
-    end
-  end
-end