mihari 5.2.3 → 5.3.0

data/frontend/src/links/urlscan.ts

@@ -0,0 +1,50 @@
+import { BaseLink } from "@/links/base"
+import type { Link, LinkType } from "@/types"
+
+class Urlscan extends BaseLink {
+  public baseURL: string
+  public name: string
+  public type: LinkType
+
+  public constructor() {
+    super()
+
+    this.baseURL = "https://urlscan.io"
+    this.name = "urlscan.io"
+    this.type = "domain"
+  }
+}
+
+export class UrlscanForDomain extends Urlscan implements Link {
+  public constructor() {
+    super()
+    this.type = "domain"
+  }
+
+  public href(data: string): string {
+    return this.baseURL + `/domain/${data}`
+  }
+}
+
+export class UrlscanForIP extends Urlscan implements Link {
+  public constructor() {
+    super()
+    this.type = "ip"
+  }
+
+  public href(data: string): string {
+    return this.baseURL + `/ip/${data}`
+  }
+}
+
+export class UrlscanForURL extends Urlscan implements Link {
+  public constructor() {
+    super()
+    this.type = "url"
+  }
+
+  public href(url: string): string {
+    const query = encodeURIComponent(`page.url:"${url}" OR task.url:"${url}"`)
+    return this.baseURL + `/search/#${query}`
+  }
+}

data/frontend/src/links/virustotal.ts

@@ -0,0 +1,72 @@
+import { sha256 } from "js-sha256"
+import URL from "url-parse"
+
+import { BaseLink } from "@/links/base"
+import type { Link, LinkType } from "@/types"
+
+class VirusTotal extends BaseLink {
+  public baseURL: string
+  public name: string
+  public type: LinkType
+
+  public constructor() {
+    super()
+
+    this.name = "VirusTotal"
+    this.baseURL = "https://www.virustotal.com"
+    this.type = "domain"
+  }
+}
+
+export class VirusTotalForDomain extends VirusTotal implements Link {
+  public constructor() {
+    super()
+    this.type = "domain"
+  }
+
+  public href(data: string): string {
+    return this.baseURL + `/gui/domain/${data}/detection`
+  }
+}
+
+export class VirusTotalForIP extends VirusTotal implements Link {
+  public constructor() {
+    super()
+    this.type = "ip"
+  }
+
+  public href(data: string): string {
+    return this.baseURL + `/gui/ip-address/${data}/details`
+  }
+}
+
+export class VirusTotalForURL extends VirusTotal implements Link {
+  public constructor() {
+    super()
+    this.type = "url"
+  }
+
+  public href(data: string): string {
+    const hash = sha256(this.normalizeURL(data))
+    return this.baseURL + `/gui/url/${hash}/details`
+  }
+
+  private normalizeURL(uri: string): string {
+    const parsedUrl = new URL(uri)
+    if (parsedUrl.pathname === "/" && !uri.endsWith("/")) {
+      return `${uri}/`
+    }
+    return uri
+  }
+}
+
+export class VirusTotalForHash extends VirusTotal implements Link {
+  public constructor() {
+    super()
+    this.type = "hash"
+  }
+
+  public href(data: string): string {
+    return this.baseURL + `/gui/file/${data}/details`
+  }
+}

data/frontend/src/main.ts

@@ -0,0 +1,11 @@
+import "bulma/css/bulma.css"
+import "bulma-helpers/css/bulma-helpers.min.css"
+import "@fortawesome/fontawesome-free/css/all.css"
+import "@fortawesome/fontawesome-free/js/all.js"
+
+import { createApp } from "vue"
+
+import App from "@/App.vue"
+import router from "@/router"
+
+createApp(App).use(router).mount("#app")

data/frontend/src/router/index.ts

@@ -0,0 +1,57 @@
+import { createRouter, createWebHashHistory, type RouteRecordRaw } from "vue-router"
+
+import Alerts from "@/views/Alerts.vue"
+import Artifact from "@/views/Artifact.vue"
+import Configs from "@/views/Configs.vue"
+import EditRule from "@/views/EditRule.vue"
+import NewRule from "@/views/NewRule.vue"
+import Rule from "@/views/Rule.vue"
+import Rules from "@/views/Rules.vue"
+
+const routes: Array<RouteRecordRaw> = [
+  {
+    path: "/",
+    name: "Alerts",
+    component: Alerts
+  },
+  {
+    path: "/configs",
+    name: "Configs",
+    component: Configs
+  },
+  {
+    path: "/artifacts/:id",
+    name: "Artifact",
+    component: Artifact,
+    props: true
+  },
+  {
+    path: "/rules",
+    name: "Rules",
+    component: Rules
+  },
+  {
+    path: "/rules/new",
+    name: "NewRule",
+    component: NewRule
+  },
+  {
+    path: "/rules/:id",
+    name: "Rule",
+    component: Rule,
+    props: true
+  },
+  {
+    path: "/rules/:id/edit",
+    name: "EditRule",
+    component: EditRule,
+    props: true
+  }
+]
+
+const router = createRouter({
+  history: createWebHashHistory(),
+  routes
+})
+
+export default router

data/frontend/src/rule.ts

@@ -0,0 +1,14 @@
+import dayjs from "dayjs"
+import dedent from "ts-dedent"
+import { v4 } from "uuid"
+
+export function getRuleTemplate(): string {
+  const id = v4()
+  const now = dayjs()
+
+  return dedent`id: ${id}
+                title: Title goes here
+                description: Description goes here
+                created_on: ${now.format("YYYY-MM-DD")}
+                queries: []`
+}

data/frontend/src/shims-vue.d.ts

@@ -0,0 +1,6 @@
+/* eslint-disable */
+declare module "*.vue" {
+  import type { DefineComponent } from "vue"
+  const component: DefineComponent<{}, {}, any>
+  export default component
+}