mihari 5.2.2 → 5.2.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (130) hide show
  1. checksums.yaml +4 -4
  2. data/build_frontend.sh +1 -9
  3. data/frontend/.browserslistrc +3 -0
  4. data/frontend/.eslintrc.js +33 -0
  5. data/frontend/.gitignore +25 -0
  6. data/frontend/README.md +3 -0
  7. data/frontend/babel.config.js +3 -0
  8. data/frontend/index.html +21 -0
  9. data/frontend/jest.config.js +9 -0
  10. data/frontend/package-lock.json +13216 -0
  11. data/frontend/package.json +54 -0
  12. data/frontend/public/favicon.ico +0 -0
  13. data/frontend/scripts/swagger_doc_to_yaml.rb +23 -0
  14. data/frontend/src/App.vue +27 -0
  15. data/frontend/src/api-helper.ts +113 -0
  16. data/frontend/src/api.ts +105 -0
  17. data/frontend/src/components/ErrorMessage.vue +32 -0
  18. data/frontend/src/components/Loading.vue +15 -0
  19. data/frontend/src/components/Navbar.vue +59 -0
  20. data/frontend/src/components/Pagination.vue +126 -0
  21. data/frontend/src/components/alert/Alert.vue +92 -0
  22. data/frontend/src/components/alert/Alerts.vue +66 -0
  23. data/frontend/src/components/alert/AlertsWithPagination.vue +91 -0
  24. data/frontend/src/components/alert/AlertsWrapper.vue +141 -0
  25. data/frontend/src/components/alert/Form.vue +185 -0
  26. data/frontend/src/components/artifact/AS.vue +29 -0
  27. data/frontend/src/components/artifact/Artifact.vue +321 -0
  28. data/frontend/src/components/artifact/ArtifactTag.vue +70 -0
  29. data/frontend/src/components/artifact/ArtifactTags.vue +29 -0
  30. data/frontend/src/components/artifact/ArtifactWrapper.vue +62 -0
  31. data/frontend/src/components/artifact/CPEs.vue +23 -0
  32. data/frontend/src/components/artifact/DnsRecords.vue +38 -0
  33. data/frontend/src/components/artifact/Ports.vue +23 -0
  34. data/frontend/src/components/artifact/ReverseDnsNames.vue +31 -0
  35. data/frontend/src/components/artifact/Tags.vue +29 -0
  36. data/frontend/src/components/artifact/WhoisRecord.vue +49 -0
  37. data/frontend/src/components/config/Configs.vue +68 -0
  38. data/frontend/src/components/config/ConfigsWrapper.vue +40 -0
  39. data/frontend/src/components/link/Link.vue +32 -0
  40. data/frontend/src/components/link/Links.vue +47 -0
  41. data/frontend/src/components/rule/EditRule.vue +74 -0
  42. data/frontend/src/components/rule/EditRuleWrapper.vue +56 -0
  43. data/frontend/src/components/rule/Form.vue +160 -0
  44. data/frontend/src/components/rule/InputForm.vue +80 -0
  45. data/frontend/src/components/rule/NewRule.vue +60 -0
  46. data/frontend/src/components/rule/Rule.vue +108 -0
  47. data/frontend/src/components/rule/RuleWrapper.vue +62 -0
  48. data/frontend/src/components/rule/Rules.vue +88 -0
  49. data/frontend/src/components/rule/RulesWrapper.vue +130 -0
  50. data/frontend/src/components/rule/YAML.vue +47 -0
  51. data/frontend/src/components/tag/Tag.vue +73 -0
  52. data/frontend/src/components/tag/Tags.vue +37 -0
  53. data/frontend/src/countries.ts +350 -0
  54. data/frontend/src/index.ts +23 -0
  55. data/frontend/src/links/anyrun.ts +19 -0
  56. data/frontend/src/links/base.ts +14 -0
  57. data/frontend/src/links/censys.ts +20 -0
  58. data/frontend/src/links/crtsh.ts +20 -0
  59. data/frontend/src/links/dnslytics.ts +38 -0
  60. data/frontend/src/links/greynoise.ts +20 -0
  61. data/frontend/src/links/index.ts +40 -0
  62. data/frontend/src/links/intezer.ts +20 -0
  63. data/frontend/src/links/otx.ts +33 -0
  64. data/frontend/src/links/securitytrails.ts +38 -0
  65. data/frontend/src/links/shodan.ts +20 -0
  66. data/frontend/src/links/urlscan.ts +50 -0
  67. data/frontend/src/links/virustotal.ts +72 -0
  68. data/frontend/src/main.ts +11 -0
  69. data/frontend/src/router/index.ts +57 -0
  70. data/frontend/src/rule.ts +14 -0
  71. data/frontend/src/shims-vue.d.ts +6 -0
  72. data/frontend/src/swagger.yaml +737 -0
  73. data/frontend/src/types.ts +188 -0
  74. data/frontend/src/utils.ts +60 -0
  75. data/frontend/src/views/Alerts.vue +20 -0
  76. data/frontend/src/views/Artifact.vue +44 -0
  77. data/frontend/src/views/Configs.vue +20 -0
  78. data/frontend/src/views/EditRule.vue +44 -0
  79. data/frontend/src/views/NewRule.vue +26 -0
  80. data/frontend/src/views/Rule.vue +44 -0
  81. data/frontend/src/views/Rules.vue +20 -0
  82. data/frontend/tests/unit/utils.spec.ts +7 -0
  83. data/frontend/tsconfig.json +40 -0
  84. data/frontend/vite.config.js +24 -0
  85. data/lefthook.yml +10 -0
  86. data/lib/mihari/analyzers/base.rb +22 -5
  87. data/lib/mihari/analyzers/binaryedge.rb +0 -1
  88. data/lib/mihari/analyzers/censys.rb +7 -2
  89. data/lib/mihari/analyzers/circl.rb +1 -1
  90. data/lib/mihari/analyzers/passivetotal.rb +1 -1
  91. data/lib/mihari/analyzers/rule.rb +43 -73
  92. data/lib/mihari/analyzers/virustotal_intelligence.rb +1 -2
  93. data/lib/mihari/clients/base.rb +1 -1
  94. data/lib/mihari/commands/database.rb +12 -11
  95. data/lib/mihari/commands/rule.rb +47 -45
  96. data/lib/mihari/commands/search.rb +73 -45
  97. data/lib/mihari/commands/version.rb +8 -6
  98. data/lib/mihari/commands/web.rb +26 -23
  99. data/lib/mihari/emitters/base.rb +14 -1
  100. data/lib/mihari/emitters/database.rb +3 -10
  101. data/lib/mihari/emitters/misp.rb +16 -5
  102. data/lib/mihari/emitters/slack.rb +13 -15
  103. data/lib/mihari/emitters/the_hive.rb +17 -19
  104. data/lib/mihari/emitters/webhook.rb +23 -23
  105. data/lib/mihari/enrichers/whois.rb +1 -0
  106. data/lib/mihari/entities/rule.rb +1 -1
  107. data/lib/mihari/entities/tag.rb +1 -1
  108. data/lib/mihari/feed/parser.rb +1 -0
  109. data/lib/mihari/feed/reader.rb +29 -14
  110. data/lib/mihari/mixins/configurable.rb +13 -4
  111. data/lib/mihari/schemas/analyzer.rb +2 -7
  112. data/lib/mihari/schemas/rule.rb +1 -1
  113. data/lib/mihari/structs/censys.rb +96 -82
  114. data/lib/mihari/structs/config.rb +46 -21
  115. data/lib/mihari/structs/google_public_dns.rb +27 -23
  116. data/lib/mihari/structs/greynoise.rb +44 -38
  117. data/lib/mihari/structs/onyphe.rb +34 -30
  118. data/lib/mihari/structs/rule.rb +1 -1
  119. data/lib/mihari/structs/shodan.rb +77 -69
  120. data/lib/mihari/structs/urlscan.rb +42 -36
  121. data/lib/mihari/structs/virustotal_intelligence.rb +57 -49
  122. data/lib/mihari/type_checker.rb +10 -8
  123. data/lib/mihari/version.rb +1 -1
  124. data/lib/mihari/web/public/assets/index-ac4e5ffa.js +50 -0
  125. data/lib/mihari/web/public/index.html +1 -1
  126. data/mihari.gemspec +8 -8
  127. metadata +103 -22
  128. data/.gitmodules +0 -0
  129. data/.overcommit.yml +0 -12
  130. data/lib/mihari/web/public/assets/index-cbe1734c.js +0 -50
@@ -0,0 +1,50 @@
1
+ import { BaseLink } from "@/links/base";
2
+ import { Link, LinkType } from "@/types";
3
+
4
+ class Urlscan extends BaseLink {
5
+ public baseURL: string;
6
+ public name: string;
7
+ public type: LinkType;
8
+
9
+ public constructor() {
10
+ super();
11
+
12
+ this.baseURL = "https://urlscan.io";
13
+ this.name = "urlscan.io";
14
+ this.type = "domain";
15
+ }
16
+ }
17
+
18
+ export class UrlscanForDomain extends Urlscan implements Link {
19
+ public constructor() {
20
+ super();
21
+ this.type = "domain";
22
+ }
23
+
24
+ public href(data: string): string {
25
+ return this.baseURL + `/domain/${data}`;
26
+ }
27
+ }
28
+
29
+ export class UrlscanForIP extends Urlscan implements Link {
30
+ public constructor() {
31
+ super();
32
+ this.type = "ip";
33
+ }
34
+
35
+ public href(data: string): string {
36
+ return this.baseURL + `/ip/${data}`;
37
+ }
38
+ }
39
+
40
+ export class UrlscanForURL extends Urlscan implements Link {
41
+ public constructor() {
42
+ super();
43
+ this.type = "url";
44
+ }
45
+
46
+ public href(url: string): string {
47
+ const query = encodeURIComponent(`page.url:"${url}" OR task.url:"${url}"`);
48
+ return this.baseURL + `/search/#${query}`;
49
+ }
50
+ }
@@ -0,0 +1,72 @@
1
+ import { sha256 } from "js-sha256";
2
+ import URL from "url-parse";
3
+
4
+ import { BaseLink } from "@/links/base";
5
+ import { Link, LinkType } from "@/types";
6
+
7
+ class VirusTotal extends BaseLink {
8
+ public baseURL: string;
9
+ public name: string;
10
+ public type: LinkType;
11
+
12
+ public constructor() {
13
+ super();
14
+
15
+ this.name = "VirusTotal";
16
+ this.baseURL = "https://www.virustotal.com";
17
+ this.type = "domain";
18
+ }
19
+ }
20
+
21
+ export class VirusTotalForDomain extends VirusTotal implements Link {
22
+ public constructor() {
23
+ super();
24
+ this.type = "domain";
25
+ }
26
+
27
+ public href(data: string): string {
28
+ return this.baseURL + `/gui/domain/${data}/detection`;
29
+ }
30
+ }
31
+
32
+ export class VirusTotalForIP extends VirusTotal implements Link {
33
+ public constructor() {
34
+ super();
35
+ this.type = "ip";
36
+ }
37
+
38
+ public href(data: string): string {
39
+ return this.baseURL + `/gui/ip-address/${data}/details`;
40
+ }
41
+ }
42
+
43
+ export class VirusTotalForURL extends VirusTotal implements Link {
44
+ public constructor() {
45
+ super();
46
+ this.type = "url";
47
+ }
48
+
49
+ public href(data: string): string {
50
+ const hash = sha256(this.normalizeURL(data));
51
+ return this.baseURL + `/gui/url/${hash}/details`;
52
+ }
53
+
54
+ private normalizeURL(uri: string): string {
55
+ const parsedUrl = new URL(uri);
56
+ if (parsedUrl.pathname === "/" && !uri.endsWith("/")) {
57
+ return `${uri}/`;
58
+ }
59
+ return uri;
60
+ }
61
+ }
62
+
63
+ export class VirusTotalForHash extends VirusTotal implements Link {
64
+ public constructor() {
65
+ super();
66
+ this.type = "hash";
67
+ }
68
+
69
+ public href(data: string): string {
70
+ return this.baseURL + `/gui/file/${data}/details`;
71
+ }
72
+ }
@@ -0,0 +1,11 @@
1
+ import "bulma/css/bulma.css";
2
+ import "bulma-helpers/css/bulma-helpers.min.css";
3
+ import "@fortawesome/fontawesome-free/css/all.css";
4
+ import "@fortawesome/fontawesome-free/js/all.js";
5
+
6
+ import { createApp } from "vue";
7
+
8
+ import App from "@/App.vue";
9
+ import router from "@/router";
10
+
11
+ createApp(App).use(router).mount("#app");
@@ -0,0 +1,57 @@
1
+ import { createRouter, createWebHashHistory, RouteRecordRaw } from "vue-router";
2
+
3
+ import Alerts from "@/views/Alerts.vue";
4
+ import Artifact from "@/views/Artifact.vue";
5
+ import Configs from "@/views/Configs.vue";
6
+ import EditRule from "@/views/EditRule.vue";
7
+ import NewRule from "@/views/NewRule.vue";
8
+ import Rule from "@/views/Rule.vue";
9
+ import Rules from "@/views/Rules.vue";
10
+
11
+ const routes: Array<RouteRecordRaw> = [
12
+ {
13
+ path: "/",
14
+ name: "Alerts",
15
+ component: Alerts,
16
+ },
17
+ {
18
+ path: "/configs",
19
+ name: "Configs",
20
+ component: Configs,
21
+ },
22
+ {
23
+ path: "/artifacts/:id",
24
+ name: "Artifact",
25
+ component: Artifact,
26
+ props: true,
27
+ },
28
+ {
29
+ path: "/rules",
30
+ name: "Rules",
31
+ component: Rules,
32
+ },
33
+ {
34
+ path: "/rules/new",
35
+ name: "NewRule",
36
+ component: NewRule,
37
+ },
38
+ {
39
+ path: "/rules/:id",
40
+ name: "Rule",
41
+ component: Rule,
42
+ props: true,
43
+ },
44
+ {
45
+ path: "/rules/:id/edit",
46
+ name: "EditRule",
47
+ component: EditRule,
48
+ props: true,
49
+ },
50
+ ];
51
+
52
+ const router = createRouter({
53
+ history: createWebHashHistory(),
54
+ routes,
55
+ });
56
+
57
+ export default router;
@@ -0,0 +1,14 @@
1
+ import dayjs from "dayjs";
2
+ import dedent from "ts-dedent";
3
+ import { v4 } from "uuid";
4
+
5
+ export function getRuleTemplate(): string {
6
+ const id = v4();
7
+ const now = dayjs();
8
+
9
+ return dedent`id: ${id}
10
+ title: Title goes here
11
+ description: Description goes here
12
+ created_on: ${now.format("YYYY-MM-DD")}
13
+ queries: []`;
14
+ }
@@ -0,0 +1,6 @@
1
+ /* eslint-disable */
2
+ declare module '*.vue' {
3
+ import type { DefineComponent } from 'vue'
4
+ const component: DefineComponent<{}, {}, any>
5
+ export default component
6
+ }