mihari 5.2.1 → 5.2.3

data/lib/mihari/mixins/configurable.rb

@@ -4,14 +4,23 @@ module Mihari
   module Mixins
     module Configurable
       #
-      # Check whether it is configured or not
+      # Check whether there are configuration key-values or not
       #
       # @return [Boolean]
       #
-      def configured?
+      def configuration_keys?
         return true if configuration_keys.empty?
 
-        configuration_keys.all? { |key| Mihari.config.send(key) } || api_key?
+        configuration_keys.all? { |key| Mihari.config.send(key) }
+      end
+
+      #
+      # Check whether it is configured or not
+      #
+      # @return [Boolean]
+      #
+      def configured?
+        configuration_keys? || api_key?
       end
 
       #
@@ -32,7 +41,7 @@ module Mihari
       #
       # Configuration keys
       #
-      # @return [Array<String>] A list of cofiguration keys
+      # @return [Array<String>] A list of configuration keys
       #
       def configuration_keys
         []

data/lib/mihari/mixins/error_notification.rb

@@ -6,8 +6,6 @@ module Mihari
       #
       # Send an exception notification if there is any error in a block
       #
-      # @return [Nil]
-      #
       def with_error_notification
         yield
       rescue StandardError => e

data/lib/mihari/models/artifact.rb

@@ -60,7 +60,7 @@ module Mihari
       ).order(created_at: :desc).first
       return true if artifact.nil?
 
-      # check whetehr the artifact is decayed or not
+      # check whether the artifact is decayed or not
       return false if artifact_lifetime.nil?
 
       # use the current UTC time if base_time is not given (for testing)

data/lib/mihari/schemas/rule.rb

@@ -25,30 +25,15 @@ module Mihari
         AnalyzerWithoutAPIKey | AnalyzerWithAPIKey | Censys | CIRCL | PassiveTotal | ZoomEye | Urlscan | Crtsh | Feed
       end
 
-      optional(:emitters).value(:array).each { Database | MISP | TheHive | Slack | Webhook }
+      optional(:emitters).value(:array).each { Database | MISP | TheHive | Slack | Webhook }.default(DEFAULT_EMITTERS)
 
-      optional(:enrichers).value(:array).each(Enricher)
+      optional(:enrichers).value(:array).each(Enricher).default(DEFAULT_ENRICHERS)
 
       optional(:data_types).value(array[Types::DataTypes]).default(DEFAULT_DATA_TYPES)
       optional(:falsepositives).value(array[:string]).default([])
 
       optional(:artifact_lifetime).value(:integer)
       optional(:artifact_ttl).value(:integer)
-
-      before(:key_coercer) do |result|
-        # it looks like that dry-schema v1.9.1 has an issue with setting an array of schemas as a default value
-        # e.g. optional(:emitters).value(:array).each { Emitter | HTTP }.default(DEFAULT_EMITTERS) does not work well
-        # so let's do a dirty hack...
-        h = result.to_h
-
-        emitters = h[:emitters]
-        h[:emitters] = emitters || DEFAULT_EMITTERS
-
-        enrichers = h[:enrichers]
-        h[:enrichers] = enrichers || DEFAULT_ENRICHERS
-
-        h
-      end
     end
 
     class RuleContract < Dry::Validation::Contract

data/lib/mihari/structs/censys.rb

@@ -8,6 +8,13 @@ module Mihari
 
         attribute :asn, Types::Int
 
+        #
+        # @return [Integer]
+        #
+        def asn
+          attributes[:asn]
+        end
+
         #
         # @return [Mihari::AutonomousSystem]
         #
@@ -15,11 +22,18 @@ module Mihari
           Mihari::AutonomousSystem.new(asn: normalize_asn(asn))
         end
 
-        def self.from_dynamic!(d)
-          d = Types::Hash[d]
-          new(
-            asn: d.fetch("asn")
-          )
+        class << self
+          #
+          # @param [Hash] d
+          #
+          # @return [AutonomousSystem]
+          #
+          def from_dynamic!(d)
+            d = Types::Hash[d]
+            new(
+              asn: d.fetch("asn")
+            )
+          end
         end
       end
 
@@ -27,6 +41,20 @@ module Mihari
         attribute :country, Types::String.optional
         attribute :country_code, Types::String.optional
 
+        #
+        # @return [String, nil]
+        #
+        def country
+          attributes[:country]
+        end
+
+        #
+        # @return [String, nil]
+        #
+        def country_code
+          attributes[:country_code]
+        end
+
         #
         # @return [Mihari::Geolocation] <description>
         #
@@ -41,18 +69,32 @@ module Mihari
           )
         end
 
-        def self.from_dynamic!(d)
-          d = Types::Hash[d]
-          new(
-            country: d["country"],
-            country_code: d["country_code"]
-          )
+        class << self
+          #
+          # @param [Hash] d
+          #
+          # @return [Location]
+          #
+          def from_dynamic!(d)
+            d = Types::Hash[d]
+            new(
+              country: d["country"],
+              country_code: d["country_code"]
+            )
+          end
         end
       end
 
       class Service < Dry::Struct
         attribute :port, Types::Integer
 
+        #
+        # @return [Integer]
+        #
+        def port
+          attributes[:port]
+        end
+
         #
         # @return [Mihari::Port]
         #
@@ -60,11 +102,18 @@ module Mihari
           Port.new(port: port)
         end
 
-        def self.from_dynamic!(d)
-          d = Types::Hash[d]
-          new(
-            port: d.fetch("port")
-          )
+        class << self
+          #
+          # @param [Hash] d
+          #
+          # @return [Service]
+          #
+          def from_dynamic!(d)
+            d = Types::Hash[d]
+            new(
+              port: d.fetch("port")
+            )
+          end
         end
       end
 
@@ -75,6 +124,41 @@ module Mihari
         attribute :metadata, Types::Hash
         attribute :services, Types.Array(Service)
 
+        #
+        # @return [String]
+        #
+        def ip
+          attributes[:ip]
+        end
+
+        #
+        # @return [Location]
+        #
+        def location
+          attributes[:location]
+        end
+
+        #
+        # @return [AutonomousSystem]
+        #
+        def autonomous_system
+          attributes[:autonomous_system]
+        end
+
+        #
+        # @return [Hash]
+        #
+        def metadata
+          attributes[:metadata]
+        end
+
+        #
+        # @return [Array<Service>]
+        #
+        def services
+          attributes[:services]
+        end
+
         #
         # @return [Array<Mihari::Port>]
         #
@@ -82,15 +166,12 @@ module Mihari
           services.map(&:to_port)
         end
 
-        #
-        # @param [String] source
         #
         # @return [Mihari::Artifact]
         #
-        def to_artifact(source = "Censys")
+        def to_artifact
           Artifact.new(
             data: ip,
-            source: source,
             metadata: metadata,
             autonomous_system: autonomous_system.to_as,
             geolocation: location.to_geolocation,
@@ -98,28 +179,56 @@ module Mihari
           )
         end
 
-        def self.from_dynamic!(d)
-          d = Types::Hash[d]
-          new(
-            ip: d.fetch("ip"),
-            location: Location.from_dynamic!(d.fetch("location")),
-            autonomous_system: AutonomousSystem.from_dynamic!(d.fetch("autonomous_system")),
-            metadata: d,
-            services: d.fetch("services", []).map { |x| Service.from_dynamic!(x) }
-          )
+        class << self
+          #
+          # @param [Hash] d
+          #
+          # @return [Hit]
+          #
+          def from_dynamic!(d)
+            d = Types::Hash[d]
+            new(
+              ip: d.fetch("ip"),
+              location: Location.from_dynamic!(d.fetch("location")),
+              autonomous_system: AutonomousSystem.from_dynamic!(d.fetch("autonomous_system")),
+              metadata: d,
+              services: d.fetch("services", []).map { |x| Service.from_dynamic!(x) }
+            )
+          end
         end
       end
 
       class Links < Dry::Struct
-        attribute :next, Types::String
-        attribute :prev, Types::String
-
-        def self.from_dynamic!(d)
-          d = Types::Hash[d]
-          new(
-            next: d.fetch("next"),
-            prev: d.fetch("prev")
-          )
+        attribute :next, Types::String.optional
+        attribute :prev, Types::String.optional
+
+        #
+        # @return [String, nil]
+        #
+        def next
+          attributes[:next]
+        end
+
+        #
+        # @return [String, nil]
+        #
+        def prev
+          attributes[:prev]
+        end
+
+        class << self
+          #
+          # @param [Hash] d
+          #
+          # @return [Links]
+          #
+          def from_dynamic!(d)
+            d = Types::Hash[d]
+            new(
+              next: d["next"],
+              prev: d["prev"]
+            )
+          end
         end
       end
 
@@ -130,22 +239,55 @@ module Mihari
         attribute :links, Links
 
         #
-        # @param [String] source
+        # @return [String]
+        #
+        def query
+          attributes[:query]
+        end
+
+        #
+        # @return [Integer]
+        #
+        def total
+          attributes[:total]
+        end
+
+        #
+        # @return [Array<Hit>]
+        #
+        def hits
+          attributes[:hits]
+        end
+
+        #
+        # @return [Links]
+        #
+        def links
+          attributes[:links]
+        end
+
         #
         # @return [Array<Mihari::Artifact>]
         #
-        def to_artifacts(source = "Censys")
-          hits.map { |hit| hit.to_artifact(source) }
+        def to_artifacts
+          hits.map(&:to_artifact)
         end
 
-        def self.from_dynamic!(d)
-          d = Types::Hash[d]
-          new(
-            query: d.fetch("query"),
-            total: d.fetch("total"),
-            hits: d.fetch("hits", []).map { |x| Hit.from_dynamic!(x) },
-            links: Links.from_dynamic!(d.fetch("links"))
-          )
+        class << self
+          #
+          # @param [Hash] d
+          #
+          # @return [Result]
+          #
+          def from_dynamic!(d)
+            d = Types::Hash[d]
+            new(
+              query: d.fetch("query"),
+              total: d.fetch("total"),
+              hits: d.fetch("hits", []).map { |x| Hit.from_dynamic!(x) },
+              links: Links.from_dynamic!(d.fetch("links"))
+            )
+          end
         end
       end
 
@@ -154,13 +296,41 @@ module Mihari
         attribute :status, Types::String
         attribute :result, Result
 
-        def self.from_dynamic!(d)
-          d = Types::Hash[d]
-          new(
-            code: d.fetch("code"),
-            status: d.fetch("status"),
-            result: Result.from_dynamic!(d.fetch("result"))
-          )
+        #
+        # @return [Integer]
+        #
+        def code
+          attributes[:code]
+        end
+
+        #
+        # @return [String]
+        #
+        def status
+          attributes[:status]
+        end
+
+        #
+        # @return [Result]
+        #
+        def result
+          attributes[:result]
+        end
+
+        class << self
+          #
+          # @param [Hash] d
+          #
+          # @return [Response]
+          #
+          def from_dynamic!(d)
+            d = Types::Hash[d]
+            new(
+              code: d.fetch("code"),
+              status: d.fetch("status"),
+              result: Result.from_dynamic!(d.fetch("result"))
+            )
+          end
         end
       end
     end

data/lib/mihari/structs/config.rb

@@ -9,31 +9,61 @@ module Mihari
       attribute :values, Types.Array(Types::Hash).optional
 
       #
-      # @param [Class<Mihari::Analyzers::Base>, Class<Mihari::Emitters::Base>] klass
+      # @return [String]
       #
-      # @return [Mihari::Structs::Config, nil] config
+      def name
+        attributes[:name]
+      end
+
+      #
+      # @return [String]
+      #
+      def type
+        attributes[:type]
+      end
+
+      #
+      # @return [Boolean]
       #
-      def self.from_class(klass)
-        return nil if klass == Mihari::Analyzers::Rule
+      def is_configured
+        attributes[:is_configured]
+      end
+
+      #
+      # @return [Array<Hash>]
+      #
+      def values
+        attributes[:values]
+      end
+
+      class << self
+        #
+        # @param [Class<Mihari::Analyzers::Base>, Class<Mihari::Emitters::Base>] klass
+        #
+        # @return [Mihari::Structs::Config, nil] config
+        #
+        def from_class(klass)
+          return nil if klass == Mihari::Analyzers::Rule
 
-        name = klass.to_s.split("::").last.to_s
+          name = klass.to_s.split("::").last.to_s
 
-        is_analyzer = klass.ancestors.include?(Mihari::Analyzers::Base)
-        is_emitter = klass.ancestors.include?(Mihari::Emitters::Base)
-        is_enricher = klass.ancestors.include?(Mihari::Enrichers::Base)
+          is_analyzer = klass.ancestors.include?(Mihari::Analyzers::Base)
+          is_emitter = klass.ancestors.include?(Mihari::Emitters::Base)
+          is_enricher = klass.ancestors.include?(Mihari::Enrichers::Base)
 
-        type = "Analyzer"
-        type = "Emitter" if is_emitter
-        type = "Enricher" if is_enricher
+          type = "Analyzer"
+          type = "Emitter" if is_emitter
+          type = "Enricher" if is_enricher
 
-        begin
-          instance = is_analyzer ? klass.new("dummy") : klass.new
-          is_configured = instance.configured?
-          values = instance.configuration_values
+          begin
+            instance = is_analyzer ? klass.new("dummy") : klass.new(artifacts: [], rule: nil)
+            is_configured = instance.configured?
+            values = instance.configuration_values
 
-          new(name: name, values: values, is_configured: is_configured, type: type)
-        rescue ArgumentError => _e
-          nil
+            new(name: name, values: values, is_configured: is_configured, type: type)
+          rescue ArgumentError => _e
+            nil
+          end
         end
       end
     end

data/lib/mihari/structs/google_public_dns.rb

@@ -9,32 +9,74 @@ module Mihari
         5 => "CNAME",
         16 => "TXT",
         28 => "AAAA"
-      }
+      }.freeze
 
       class Answer < Dry::Struct
         attribute :name, Types::String
         attribute :data, Types::String
         attribute :resource_type, Types::String
 
-        def self.from_dynamic!(d)
-          d = Types::Hash[d]
-          resource_type = INT_TYPE_TO_TYPE[d.fetch("type")]
-          new(
-            name: d.fetch("name"),
-            data: d.fetch("data"),
-            resource_type: resource_type
-          )
+        #
+        # @return [String]
+        #
+        def name
+          attributes[:name]
+        end
+
+        #
+        # @return [String]
+        #
+        def data
+          attributes[:data]
+        end
+
+        #
+        # @return [String]
+        #
+        def resource_type
+          attributes[:resource_type]
+        end
+
+        class << self
+          #
+          # @param [Hash] d
+          #
+          # @return [Answer]
+          #
+          def from_dynamic!(d)
+            d = Types::Hash[d]
+            resource_type = INT_TYPE_TO_TYPE[d.fetch("type")]
+            new(
+              name: d.fetch("name"),
+              data: d.fetch("data"),
+              resource_type: resource_type
+            )
+          end
         end
       end
 
       class Response < Dry::Struct
         attribute :answers, Types.Array(Answer)
 
-        def self.from_dynamic!(d)
-          d = Types::Hash[d]
-          new(
-            answers: d.fetch("Answer", []).map { |x| Answer.from_dynamic!(x) }
-          )
+        #
+        # @return [Array<Answer>]
+        #
+        def answers
+          attributes[:answers]
+        end
+
+        class << self
+          #
+          # @param [Hash] d
+          #
+          # @return [Response]
+          #
+          def from_dynamic!(d)
+            d = Types::Hash[d]
+            new(
+              answers: d.fetch("Answer", []).map { |x| Answer.from_dynamic!(x) }
+            )
+          end
         end
       end
     end