mihari 5.2.3 → 5.2.4

data/frontend/src/links/urlscan.ts

@@ -0,0 +1,50 @@
+import { BaseLink } from "@/links/base";
+import { Link, LinkType } from "@/types";
+
+class Urlscan extends BaseLink {
+  public baseURL: string;
+  public name: string;
+  public type: LinkType;
+
+  public constructor() {
+    super();
+
+    this.baseURL = "https://urlscan.io";
+    this.name = "urlscan.io";
+    this.type = "domain";
+  }
+}
+
+export class UrlscanForDomain extends Urlscan implements Link {
+  public constructor() {
+    super();
+    this.type = "domain";
+  }
+
+  public href(data: string): string {
+    return this.baseURL + `/domain/${data}`;
+  }
+}
+
+export class UrlscanForIP extends Urlscan implements Link {
+  public constructor() {
+    super();
+    this.type = "ip";
+  }
+
+  public href(data: string): string {
+    return this.baseURL + `/ip/${data}`;
+  }
+}
+
+export class UrlscanForURL extends Urlscan implements Link {
+  public constructor() {
+    super();
+    this.type = "url";
+  }
+
+  public href(url: string): string {
+    const query = encodeURIComponent(`page.url:"${url}" OR task.url:"${url}"`);
+    return this.baseURL + `/search/#${query}`;
+  }
+}

data/frontend/src/links/virustotal.ts

@@ -0,0 +1,72 @@
+import { sha256 } from "js-sha256";
+import URL from "url-parse";
+
+import { BaseLink } from "@/links/base";
+import { Link, LinkType } from "@/types";
+
+class VirusTotal extends BaseLink {
+  public baseURL: string;
+  public name: string;
+  public type: LinkType;
+
+  public constructor() {
+    super();
+
+    this.name = "VirusTotal";
+    this.baseURL = "https://www.virustotal.com";
+    this.type = "domain";
+  }
+}
+
+export class VirusTotalForDomain extends VirusTotal implements Link {
+  public constructor() {
+    super();
+    this.type = "domain";
+  }
+
+  public href(data: string): string {
+    return this.baseURL + `/gui/domain/${data}/detection`;
+  }
+}
+
+export class VirusTotalForIP extends VirusTotal implements Link {
+  public constructor() {
+    super();
+    this.type = "ip";
+  }
+
+  public href(data: string): string {
+    return this.baseURL + `/gui/ip-address/${data}/details`;
+  }
+}
+
+export class VirusTotalForURL extends VirusTotal implements Link {
+  public constructor() {
+    super();
+    this.type = "url";
+  }
+
+  public href(data: string): string {
+    const hash = sha256(this.normalizeURL(data));
+    return this.baseURL + `/gui/url/${hash}/details`;
+  }
+
+  private normalizeURL(uri: string): string {
+    const parsedUrl = new URL(uri);
+    if (parsedUrl.pathname === "/" && !uri.endsWith("/")) {
+      return `${uri}/`;
+    }
+    return uri;
+  }
+}
+
+export class VirusTotalForHash extends VirusTotal implements Link {
+  public constructor() {
+    super();
+    this.type = "hash";
+  }
+
+  public href(data: string): string {
+    return this.baseURL + `/gui/file/${data}/details`;
+  }
+}

data/frontend/src/main.ts

@@ -0,0 +1,11 @@
+import "bulma/css/bulma.css";
+import "bulma-helpers/css/bulma-helpers.min.css";
+import "@fortawesome/fontawesome-free/css/all.css";
+import "@fortawesome/fontawesome-free/js/all.js";
+
+import { createApp } from "vue";
+
+import App from "@/App.vue";
+import router from "@/router";
+
+createApp(App).use(router).mount("#app");

data/frontend/src/router/index.ts

@@ -0,0 +1,57 @@
+import { createRouter, createWebHashHistory, RouteRecordRaw } from "vue-router";
+
+import Alerts from "@/views/Alerts.vue";
+import Artifact from "@/views/Artifact.vue";
+import Configs from "@/views/Configs.vue";
+import EditRule from "@/views/EditRule.vue";
+import NewRule from "@/views/NewRule.vue";
+import Rule from "@/views/Rule.vue";
+import Rules from "@/views/Rules.vue";
+
+const routes: Array<RouteRecordRaw> = [
+  {
+    path: "/",
+    name: "Alerts",
+    component: Alerts,
+  },
+  {
+    path: "/configs",
+    name: "Configs",
+    component: Configs,
+  },
+  {
+    path: "/artifacts/:id",
+    name: "Artifact",
+    component: Artifact,
+    props: true,
+  },
+  {
+    path: "/rules",
+    name: "Rules",
+    component: Rules,
+  },
+  {
+    path: "/rules/new",
+    name: "NewRule",
+    component: NewRule,
+  },
+  {
+    path: "/rules/:id",
+    name: "Rule",
+    component: Rule,
+    props: true,
+  },
+  {
+    path: "/rules/:id/edit",
+    name: "EditRule",
+    component: EditRule,
+    props: true,
+  },
+];
+
+const router = createRouter({
+  history: createWebHashHistory(),
+  routes,
+});
+
+export default router;

data/frontend/src/rule.ts

@@ -0,0 +1,14 @@
+import dayjs from "dayjs";
+import dedent from "ts-dedent";
+import { v4 } from "uuid";
+
+export function getRuleTemplate(): string {
+  const id = v4();
+  const now = dayjs();
+
+  return dedent`id: ${id}
+                title: Title goes here
+                description: Description goes here
+                created_on: ${now.format("YYYY-MM-DD")}
+                queries: []`;
+}

data/frontend/src/shims-vue.d.ts

@@ -0,0 +1,6 @@
+/* eslint-disable */
+declare module '*.vue' {
+  import type { DefineComponent } from 'vue'
+  const component: DefineComponent<{}, {}, any>
+  export default component
+}