mihari 5.2.1 → 5.2.2

data/lib/mihari/structs/shodan.rb

@@ -7,6 +7,20 @@ module Mihari
         attribute :country_code, Types::String.optional
         attribute :country_name, Types::String.optional
 
+        #
+        # @return [String, nil]
+        #
+        def country_code
+          attributes[:country_code]
+        end
+
+        #
+        # @return [String, nil]
+        #
+        def country_name
+          attributes[:country_name]
+        end
+
         #
         # @return [Mihari::Geolocation, nil]
         #
@@ -19,6 +33,11 @@ module Mihari
           )
         end
 
+        #
+        # @param [Hash] d
+        #
+        # @return [Location]
+        #
         def self.from_dynamic!(d)
           d = Types::Hash[d]
           new(
@@ -39,6 +58,48 @@ module Mihari
         attribute :port, Types::Integer
         attribute :metadata, Types::Hash
 
+        #
+        # @return [String, nil]
+        #
+        def asn
+          attributes[:asn]
+        end
+
+        #
+        # @return [Array<String>]
+        #
+        def hostnames
+          attributes[:hostnames]
+        end
+
+        #
+        # @return [Location]
+        #
+        def location
+          attributes[:location]
+        end
+
+        #
+        # @return [String]
+        #
+        def ip_str
+          attributes[:ip_str]
+        end
+
+        #
+        # @return [Integer]
+        #
+        def port
+          attributes[:port]
+        end
+
+        #
+        # @return [Hash]
+        #
+        def metadata
+          attributes[:metadata]
+        end
+
         #
         # @return [Mihari::AutonomousSystem, nil]
         #
@@ -48,6 +109,11 @@ module Mihari
           Mihari::AutonomousSystem.new(asn: normalize_asn(asn))
         end
 
+        #
+        # @param [Hash] d
+        #
+        # @return [Match]
+        #
         def self.from_dynamic!(d)
           d = Types::Hash[d]
 
@@ -74,6 +140,20 @@ module Mihari
         attribute :matches, Types.Array(Match)
         attribute :total, Types::Int
 
+        #
+        # @return [Array<Match>]
+        #
+        def matches
+          attributes[:matches]
+        end
+
+        #
+        # @return [Integer]
+        #
+        def total
+          attributes[:total]
+        end
+
         #
         # Collect metadata from matches
         #
@@ -107,12 +187,10 @@ module Mihari
           matches.select { |match| match.ip_str == ip }.map(&:hostnames).flatten.uniq
         end
 
-        #
-        # @param [Source] source
         #
         # @return [Array<Mihari::Artifact>]
         #
-        def to_artifacts(source = "Shodan")
+        def to_artifacts
           matches.map do |match|
             metadata = collect_metadata_by_ip(match.ip_str)
             ports = collect_ports_by_ip(match.ip_str).map do |port|
@@ -124,7 +202,6 @@ module Mihari
 
             Mihari::Artifact.new(
               data: match.ip_str,
-              source: source,
               metadata: metadata,
               autonomous_system: match.to_asn,
               geolocation: match.location.to_geolocation,
@@ -134,6 +211,11 @@ module Mihari
           end
         end
 
+        #
+        # @param [Hash] d
+        #
+        # @return [Result]
+        #
         def self.from_dynamic!(d)
           d = Types::Hash[d]
           new(
@@ -151,6 +233,53 @@ module Mihari
         attribute :tags, Types.Array(Types::String)
         attribute :vulns, Types.Array(Types::String)
 
+        #
+        # @return [String]
+        #
+        def ip
+          attributes[:ip]
+        end
+
+        #
+        # @return [Array<Integer>]
+        #
+        def ports
+          attributes[:ports]
+        end
+
+        #
+        # @return [Array<String>]
+        #
+        def cpes
+          attributes[:cpes]
+        end
+
+        #
+        # @return [Array<String>]
+        #
+        def hostnames
+          attributes[:hostnames]
+        end
+
+        #
+        # @return [Array<String>]
+        #
+        def tags
+          attributes[:tags]
+        end
+
+        #
+        # @return [Array<String>]
+        #
+        def vulns
+          attributes[:vulns]
+        end
+
+        #
+        # @param [Hash] d
+        #
+        # @return [InternetDBResponse]
+        #
         def self.from_dynamic!(d)
           d = Types::Hash[d]
           new(
@@ -163,6 +292,11 @@ module Mihari
           )
         end
 
+        #
+        # @param [String] json
+        #
+        # @return [InternetDBResponse]
+        #
         def self.from_json!(json)
           from_dynamic!(JSON.parse(json))
         end

data/lib/mihari/structs/urlscan.rb

@@ -8,6 +8,32 @@ module Mihari
         attribute :ip, Types::String.optional
         attribute :url, Types::String
 
+        #
+        # @return [String, nil]
+        #
+        def domain
+          attributes[:domain]
+        end
+
+        #
+        # @return [String, nil]
+        #
+        def ip
+          attributes[:ip]
+        end
+
+        #
+        # @return [String]
+        #
+        def url
+          attributes[:url]
+        end
+
+        #
+        # @param [Hash] d
+        #
+        # @return [Page]
+        #
         def self.from_dynamic!(d)
           d = Types::Hash[d]
           new(
@@ -22,13 +48,58 @@ module Mihari
         attribute :page, Page
         attribute :id, Types::String
         attribute :sort, Types.Array(Types::String | Types::Integer)
+        attribute :metadata, Types::Hash
+
+        #
+        # @return [Page]
+        #
+        def page
+          attributes[:page]
+        end
+
+        #
+        # @return [String]
+        #
+        def id
+          attributes[:id]
+        end
+
+        #
+        # @return [Array<String, Integer>]
+        #
+        def sort
+          attributes[:sort]
+        end
+
+        #
+        # @return [Array<String, Integer>]
+        #
+        def metadata
+          attributes[:metadata]
+        end
 
+        #
+        # @return [Array<Mihari::Artifact>]
+        #
+        def to_artifacts
+          values = [page.url, page.domain, page.ip].compact
+          values.map do |value|
+            Mihari::Artifact.new(data: value, metadata: metadata)
+          end
+        end
+
+        #
+        # @param [Hash] d
+        #
+        # @return [Result]
+        #
         def self.from_dynamic!(d)
           d = Types::Hash[d]
           new(
             page: Page.from_dynamic!(d.fetch("page")),
             id: d.fetch("_id"),
-            sort: d.fetch("sort")
+            sort: d.fetch("sort"),
+            metadata: d
           )
         end
       end
@@ -37,6 +108,32 @@ module Mihari
         attribute :results, Types.Array(Result)
         attribute :has_more, Types::Bool
 
+        #
+        # @return [Array<Result>]
+        #
+        def results
+          attributes[:results]
+        end
+
+        #
+        # @return [Boolean]
+        #
+        def has_more
+          attributes[:has_more]
+        end
+
+        #
+        # @return [Array<Mihari::Artifact>]
+        #
+        def to_artifacts
+          results.map(&:to_artifacts).flatten
+        end
+
+        #
+        # @param [Hash] d
+        #
+        # @return [Response]
+        #
         def self.from_dynamic!(d)
           d = Types::Hash[d]
           new(

data/lib/mihari/structs/virustotal_intelligence.rb

@@ -6,6 +6,18 @@ module Mihari
       class ContextAttributes < Dry::Struct
         attribute :url, Types::String.optional
 
+        #
+        # @return [String, nil]
+        #
+        def url
+          attributes[:url]
+        end
+
+        #
+        # @param [Hash] d
+        #
+        # @return [ContextAttributes]
+        #
         def self.from_dynamic!(d)
           d = Types::Hash[d]
           new(
@@ -20,6 +32,37 @@ module Mihari
         attribute :context_attributes, ContextAttributes.optional
         attribute :metadata, Types::Hash
 
+        #
+        # @return [String]
+        #
+        def type
+          attributes[:type]
+        end
+
+        #
+        # @return [String]
+        #
+        def id
+          attributes[:id]
+        end
+
+        #
+        # @return [ContextAttributes, nil]
+        #
+        def context_attributes
+          attributes[:context_attributes]
+        end
+
+        #
+        # @return [Hash, nil]
+        #
+        def metadata
+          attributes[:metadata]
+        end
+
+        #
+        # @return [String, nil]
+        #
         def value
           case type
           when "file"
@@ -33,11 +76,25 @@ module Mihari
           end
         end
 
+        #
+        # @return [Mihari::Artifact]
+        #
+        def to_artifact
+          Artifact.new(data: value, metadata: metadata)
+        end
+
+        #
+        # @param [Hash] d
+        #
+        # @return [Datum]
+        #
         def self.from_dynamic!(d)
           d = Types::Hash[d]
 
           context_attributes = nil
-          context_attributes = ContextAttributes.from_dynamic!(d.fetch("context_attributes")) if d.key?("context_attributes")
+          if d.key?("context_attributes")
+            context_attributes = ContextAttributes.from_dynamic!(d.fetch("context_attributes"))
+          end
 
           new(
             type: d.fetch("type"),
@@ -51,6 +108,18 @@ module Mihari
       class Meta < Dry::Struct
         attribute :cursor, Types::String.optional
 
+        #
+        # @return [String, nil]
+        #
+        def cursor
+          attributes[:cursor]
+        end
+
+        #
+        # @param [Hash] d
+        #
+        # @return [Meta]
+        #
         def self.from_dynamic!(d)
           d = Types::Hash[d]
           new(
@@ -63,6 +132,32 @@ module Mihari
         attribute :meta, Meta
         attribute :data, Types.Array(Datum)
 
+        #
+        # @return [Meta]
+        #
+        def meta
+          attributes[:meta]
+        end
+
+        #
+        # @return [Array<Datum>]
+        #
+        def data
+          attributes[:data]
+        end
+
+        #
+        # @return [Array<Mihari::Artifact>]
+        #
+        def to_artifacts
+          data.map(&:to_artifact)
+        end
+
+        #
+        # @param [Hash] d
+        #
+        # @return [Response]
+        #
         def self.from_dynamic!(d)
           d = Types::Hash[d]
           new(

data/lib/mihari/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Mihari
-  VERSION = "5.2.1"
+  VERSION = "5.2.2"
 end

data/lib/mihari.rb

@@ -254,6 +254,7 @@ require "mihari/analyzers/urlscan"
 require "mihari/analyzers/virustotal_intelligence"
 require "mihari/analyzers/virustotal"
 require "mihari/analyzers/zoomeye"
+
 require "mihari/analyzers/rule"
 
 # Entities

data/mihari.gemspec

@@ -26,7 +26,7 @@ Gem::Specification.new do |spec|
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
   spec.files = Dir.chdir(File.expand_path(__dir__)) do
-    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features|images|docker|.github)/}) }
   end
   spec.bindir = "exe"
   spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
@@ -37,22 +37,23 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "fakefs", "~> 2.4"
   spec.add_development_dependency "fuubar", "~> 2.5"
   spec.add_development_dependency "mysql2", "~> 0.5"
-  spec.add_development_dependency "pg", "~> 1.4"
+  spec.add_development_dependency "pg", "~> 1.5"
   spec.add_development_dependency "rack-test", "~> 2.1"
   spec.add_development_dependency "rake", "~> 13.0"
   spec.add_development_dependency "rb-fsevent", "~> 0.11"
   spec.add_development_dependency "rerun", "~> 0.14"
   spec.add_development_dependency "rspec", "~> 3.12"
   spec.add_development_dependency "simplecov-lcov", "~> 0.8.0"
-  spec.add_development_dependency "standard", "~> 1.27"
+  spec.add_development_dependency "standard", "~> 1.28"
   spec.add_development_dependency "timecop", "~> 0.9"
   spec.add_development_dependency "vcr", "~> 6.1"
   spec.add_development_dependency "webmock", "~> 3.18"
 
   unless ci_env?
     spec.add_development_dependency "overcommit", "~> 0.60"
-    spec.add_development_dependency "ruby-lsp", "~> 0.4"
-    spec.add_development_dependency "steep", "~> 1.3"
+    spec.add_development_dependency "ruby-lsp", "~> 0.5"
+    spec.add_development_dependency "solargraph", "~> 0.49"
+    spec.add_development_dependency "steep", "~> 1.4"
   end
 
   spec.add_dependency "activerecord", "7.0.4.3"
@@ -87,8 +88,8 @@ Gem::Specification.new do |spec|
   spec.add_dependency "semantic_logger", "4.13.0"
   spec.add_dependency "sentry-ruby", "5.9.0"
   spec.add_dependency "slack-notifier", "2.4.0"
-  spec.add_dependency "sqlite3", "1.6.2"
-  spec.add_dependency "thor", "1.2.1"
+  spec.add_dependency "sqlite3", "1.6.3"
+  spec.add_dependency "thor", "1.2.2"
   spec.add_dependency "uuidtools", "2.2.0"
   spec.add_dependency "whois", "5.1.0"
   spec.add_dependency "whois-parser", "2.0.0"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mihari
 version: !ruby/object:Gem::Version
-  version: 5.2.1
+  version: 5.2.2
 platform: ruby
 authors:
 - Manabu Niseki
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-04-23 00:00:00.000000000 Z
+date: 2023-05-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -86,14 +86,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.4'
+        version: '1.5'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.4'
+        version: '1.5'
 - !ruby/object:Gem::Dependency
   name: rack-test
   requirement: !ruby/object:Gem::Requirement
@@ -184,14 +184,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.27'
+        version: '1.28'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.27'
+        version: '1.28'
 - !ruby/object:Gem::Dependency
   name: timecop
   requirement: !ruby/object:Gem::Requirement
@@ -254,28 +254,42 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.4'
+        version: '0.5'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.4'
+        version: '0.5'
+- !ruby/object:Gem::Dependency
+  name: solargraph
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.49'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.49'
 - !ruby/object:Gem::Dependency
   name: steep
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '1.4'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '1.4'
 - !ruby/object:Gem::Dependency
   name: activerecord
   requirement: !ruby/object:Gem::Requirement
@@ -730,28 +744,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.6.2
+        version: 1.6.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.6.2
+        version: 1.6.3
 - !ruby/object:Gem::Dependency
   name: thor
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.2.1
+        version: 1.2.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.2.1
+        version: 1.2.2
 - !ruby/object:Gem::Dependency
   name: uuidtools
   requirement: !ruby/object:Gem::Requirement
@@ -802,9 +816,6 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
-- ".github/ISSUE_TEMPLATE/bug_report.md"
-- ".github/ISSUE_TEMPLATE/feature_request.md"
-- ".github/workflows/test.yml"
 - ".gitignore"
 - ".gitmodules"
 - ".overcommit.yml"
@@ -820,19 +831,7 @@ files:
 - bin/setup
 - build_frontend.sh
 - config.ru
-- config/pre_commit.yml
-- docker/Dockerfile
-- examples/ipinfo_hosted_domains.rb
 - exe/mihari
-- images/Tines-Full_Logo-Tines_Black.png
-- images/alert.png
-- images/logo.png
-- images/misp.png
-- images/overview.jpg
-- images/slack.png
-- images/tines.png
-- images/web_alerts.png
-- images/web_config.png
 - lib/mihari.rb
 - lib/mihari/analyzers/base.rb
 - lib/mihari/analyzers/binaryedge.rb
@@ -877,7 +876,7 @@ files:
 - lib/mihari/clients/zoomeye.rb
 - lib/mihari/commands/database.rb
 - lib/mihari/commands/rule.rb
-- lib/mihari/commands/searcher.rb
+- lib/mihari/commands/search.rb
 - lib/mihari/commands/version.rb
 - lib/mihari/commands/web.rb
 - lib/mihari/constants.rb