mihari 5.4.9 → 5.6.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (124) hide show
  1. checksums.yaml +4 -4
  2. data/docs/analyzers/binaryedge.md +2 -2
  3. data/docs/analyzers/censys.md +3 -3
  4. data/docs/analyzers/circl.md +3 -3
  5. data/docs/analyzers/crtsh.md +2 -2
  6. data/docs/analyzers/dnstwister.md +1 -1
  7. data/docs/analyzers/feed.md +7 -7
  8. data/docs/analyzers/greynoise.md +2 -2
  9. data/docs/analyzers/hunterhow.md +4 -4
  10. data/docs/analyzers/index.md +13 -8
  11. data/docs/analyzers/onyphe.md +2 -2
  12. data/docs/analyzers/otx.md +2 -2
  13. data/docs/analyzers/passivetotal.md +7 -3
  14. data/docs/analyzers/pulsedive.md +2 -2
  15. data/docs/analyzers/securitytrails.md +6 -2
  16. data/docs/analyzers/shodan.md +2 -2
  17. data/docs/analyzers/urlscan.md +2 -2
  18. data/docs/analyzers/virustotal.md +6 -2
  19. data/docs/analyzers/virustotal_intelligence.md +6 -2
  20. data/docs/analyzers/zoomeye.md +3 -3
  21. data/docs/emitters/hive.md +4 -4
  22. data/docs/emitters/index.md +29 -0
  23. data/docs/emitters/misp.md +2 -2
  24. data/docs/emitters/slack.md +2 -7
  25. data/docs/emitters/webhook.md +4 -4
  26. data/docs/enrichers/index.md +29 -0
  27. data/docs/enrichers/ipinfo.md +7 -0
  28. data/docs/index.md +0 -2
  29. data/docs/installation.md +1 -1
  30. data/docs/rule.md +12 -15
  31. data/docs/usage.md +5 -2
  32. data/frontend/package-lock.json +294 -2772
  33. data/frontend/package.json +10 -10
  34. data/frontend/src/components/ErrorMessage.vue +0 -1
  35. data/frontend/src/components/alert/Alerts.vue +0 -1
  36. data/frontend/src/components/alert/AlertsWithPagination.vue +0 -1
  37. data/frontend/src/components/alert/AlertsWrapper.vue +0 -6
  38. data/frontend/src/components/alert/Form.vue +1 -3
  39. data/frontend/src/components/artifact/Artifact.vue +0 -17
  40. data/frontend/src/components/artifact/ArtifactWrapper.vue +0 -2
  41. data/frontend/src/components/artifact/WhoisRecord.vue +0 -3
  42. data/frontend/src/components/config/ConfigsWrapper.vue +0 -2
  43. data/frontend/src/components/rule/EditRule.vue +0 -3
  44. data/frontend/src/components/rule/EditRuleWrapper.vue +0 -2
  45. data/frontend/src/components/rule/Form.vue +1 -3
  46. data/frontend/src/components/rule/NewRule.vue +0 -3
  47. data/frontend/src/components/rule/Rule.vue +1 -7
  48. data/frontend/src/components/rule/RuleWrapper.vue +0 -2
  49. data/frontend/src/components/rule/RulesWrapper.vue +0 -6
  50. data/frontend/src/swagger.yaml +254 -254
  51. data/lib/mihari/analyzers/base.rb +7 -37
  52. data/lib/mihari/analyzers/binaryedge.rb +5 -1
  53. data/lib/mihari/analyzers/censys.rb +6 -1
  54. data/lib/mihari/analyzers/greynoise.rb +5 -1
  55. data/lib/mihari/analyzers/hunterhow.rb +5 -1
  56. data/lib/mihari/analyzers/onyphe.rb +5 -1
  57. data/lib/mihari/analyzers/passivetotal.rb +9 -0
  58. data/lib/mihari/analyzers/pulsedive.rb +1 -1
  59. data/lib/mihari/analyzers/rule.rb +55 -54
  60. data/lib/mihari/analyzers/securitytrails.rb +9 -0
  61. data/lib/mihari/analyzers/shodan.rb +5 -1
  62. data/lib/mihari/analyzers/urlscan.rb +5 -1
  63. data/lib/mihari/analyzers/virustotal.rb +11 -2
  64. data/lib/mihari/analyzers/virustotal_intelligence.rb +21 -1
  65. data/lib/mihari/analyzers/zoomeye.rb +7 -3
  66. data/lib/mihari/base.rb +69 -0
  67. data/lib/mihari/cli/main.rb +36 -0
  68. data/lib/mihari/clients/base.rb +7 -7
  69. data/lib/mihari/clients/binaryedge.rb +10 -4
  70. data/lib/mihari/clients/censys.rb +11 -4
  71. data/lib/mihari/clients/greynoise.rb +10 -4
  72. data/lib/mihari/clients/hunterhow.rb +10 -4
  73. data/lib/mihari/clients/misp.rb +3 -2
  74. data/lib/mihari/clients/onyphe.rb +10 -4
  75. data/lib/mihari/clients/shodan.rb +10 -4
  76. data/lib/mihari/clients/the_hive.rb +3 -2
  77. data/lib/mihari/clients/urlscan.rb +9 -3
  78. data/lib/mihari/clients/virustotal.rb +10 -4
  79. data/lib/mihari/clients/zoomeye.rb +11 -5
  80. data/lib/mihari/commands/alert.rb +6 -33
  81. data/lib/mihari/commands/rule.rb +7 -12
  82. data/lib/mihari/commands/search.rb +10 -38
  83. data/lib/mihari/config.rb +8 -0
  84. data/lib/mihari/constants.rb +3 -3
  85. data/lib/mihari/emitters/base.rb +22 -15
  86. data/lib/mihari/emitters/database.rb +1 -1
  87. data/lib/mihari/emitters/misp.rb +7 -6
  88. data/lib/mihari/emitters/slack.rb +24 -6
  89. data/lib/mihari/emitters/the_hive.rb +8 -7
  90. data/lib/mihari/emitters/webhook.rb +31 -29
  91. data/lib/mihari/enrichers/base.rb +25 -19
  92. data/lib/mihari/enrichers/google_public_dns.rb +38 -38
  93. data/lib/mihari/enrichers/ipinfo.rb +32 -34
  94. data/lib/mihari/enrichers/shodan.rb +18 -26
  95. data/lib/mihari/enrichers/whois.rb +121 -111
  96. data/lib/mihari/mixins/retriable.rb +4 -2
  97. data/lib/mihari/models/artifact.rb +37 -23
  98. data/lib/mihari/models/autonomous_system.rb +3 -2
  99. data/lib/mihari/models/cpe.rb +3 -2
  100. data/lib/mihari/models/dns.rb +3 -2
  101. data/lib/mihari/models/geolocation.rb +3 -2
  102. data/lib/mihari/models/port.rb +3 -2
  103. data/lib/mihari/models/reverse_dns.rb +3 -2
  104. data/lib/mihari/models/whois.rb +4 -3
  105. data/lib/mihari/schemas/analyzer.rb +24 -23
  106. data/lib/mihari/schemas/emitter.rb +32 -25
  107. data/lib/mihari/schemas/enricher.rb +21 -2
  108. data/lib/mihari/schemas/options.rb +27 -0
  109. data/lib/mihari/schemas/rule.rb +8 -4
  110. data/lib/mihari/services/alert_runner.rb +1 -1
  111. data/lib/mihari/services/rule_runner.rb +1 -11
  112. data/lib/mihari/types.rb +1 -14
  113. data/lib/mihari/version.rb +1 -1
  114. data/lib/mihari/web/endpoints/ip_addresses.rb +1 -1
  115. data/lib/mihari/web/public/assets/{index-33165282.css → index-56fc2187.css} +1 -1
  116. data/lib/mihari/web/public/assets/index-9cc489e6.js +1749 -0
  117. data/lib/mihari/web/public/index.html +2 -2
  118. data/lib/mihari/web/public/redoc-static.html +400 -400
  119. data/lib/mihari.rb +67 -37
  120. data/mihari.gemspec +3 -2
  121. data/mkdocs.yml +8 -6
  122. data/requirements.txt +1 -1
  123. metadata +24 -8
  124. data/lib/mihari/web/public/assets/index-a92abd57.js +0 -1740
data/lib/mihari.rb CHANGED
@@ -69,16 +69,43 @@ module Mihari
69
69
  end
70
70
  memoize :emitters
71
71
 
72
+ #
73
+ # @return [Hash<String, Mihari::Enrichers::Base>]
74
+ #
75
+ def emitter_to_class
76
+ @emitter_to_class ||= emitters.flat_map do |klass|
77
+ klass.class_keys.map { |key| [key.downcase, klass] }
78
+ end.to_h
79
+ end
80
+
72
81
  def analyzers
73
82
  []
74
83
  end
75
84
  memoize :analyzers
76
85
 
86
+ #
87
+ # @return [Hash<String, Mihari::Analyzers::Base>]
88
+ #
89
+ def analyzer_to_class
90
+ @analyzer_to_class ||= analyzers.flat_map do |klass|
91
+ klass.class_keys.map { |key| [key.downcase, klass] }
92
+ end.to_h
93
+ end
94
+
77
95
  def enrichers
78
96
  []
79
97
  end
80
98
  memoize :enrichers
81
99
 
100
+ #
101
+ # @return [Hash<String, Mihari::Enrichers::Base>]
102
+ #
103
+ def enricher_to_class
104
+ @enricher_to_class ||= enrichers.flat_map do |klass|
105
+ klass.class_keys.map { |key| [key.downcase, klass] }
106
+ end.to_h
107
+ end
108
+
82
109
  def config
83
110
  @config ||= Config.new
84
111
  end
@@ -103,46 +130,11 @@ module Mihari
103
130
  end
104
131
  end
105
132
 
106
- # Constants
107
- require "mihari/constants"
108
-
109
- # Types
110
- require "mihari/types"
111
-
112
133
  # Core classes
134
+ require "mihari/base"
113
135
  require "mihari/database"
114
- require "mihari/type_checker"
115
136
  require "mihari/http"
116
-
117
- # Services
118
- require "mihari/services/rule_builder"
119
- require "mihari/services/rule_proxy"
120
- require "mihari/services/rule_runner"
121
-
122
- require "mihari/services/alert_builder"
123
- require "mihari/services/alert_proxy"
124
- require "mihari/services/alert_runner"
125
-
126
- # Structs
127
- require "mihari/structs/binaryedge"
128
- require "mihari/structs/censys"
129
- require "mihari/structs/config"
130
- require "mihari/structs/filters"
131
- require "mihari/structs/google_public_dns"
132
- require "mihari/structs/greynoise"
133
- require "mihari/structs/ipinfo"
134
- require "mihari/structs/hunterhow"
135
- require "mihari/structs/onyphe"
136
- require "mihari/structs/shodan"
137
- require "mihari/structs/urlscan"
138
- require "mihari/structs/virustotal_intelligence"
139
-
140
- # Schemas
141
- require "mihari/schemas/macros"
142
-
143
- require "mihari/schemas/alert"
144
- require "mihari/schemas/analyzer"
145
- require "mihari/schemas/rule"
137
+ require "mihari/type_checker"
146
138
 
147
139
  # Enrichers
148
140
  require "mihari/enrichers/base"
@@ -220,6 +212,44 @@ require "mihari/analyzers/zoomeye"
220
212
 
221
213
  require "mihari/analyzers/rule"
222
214
 
215
+ # Types
216
+ require "mihari/types"
217
+
218
+ # Constants
219
+ require "mihari/constants"
220
+
221
+ # Structs
222
+ require "mihari/structs/binaryedge"
223
+ require "mihari/structs/censys"
224
+ require "mihari/structs/config"
225
+ require "mihari/structs/filters"
226
+ require "mihari/structs/google_public_dns"
227
+ require "mihari/structs/greynoise"
228
+ require "mihari/structs/ipinfo"
229
+ require "mihari/structs/hunterhow"
230
+ require "mihari/structs/onyphe"
231
+ require "mihari/structs/shodan"
232
+ require "mihari/structs/urlscan"
233
+ require "mihari/structs/virustotal_intelligence"
234
+
235
+ # Schemas
236
+ require "mihari/schemas/macros"
237
+
238
+ require "mihari/schemas/options"
239
+
240
+ require "mihari/schemas/alert"
241
+ require "mihari/schemas/analyzer"
242
+ require "mihari/schemas/rule"
243
+
244
+ # Services
245
+ require "mihari/services/rule_builder"
246
+ require "mihari/services/rule_proxy"
247
+ require "mihari/services/rule_runner"
248
+
249
+ require "mihari/services/alert_builder"
250
+ require "mihari/services/alert_proxy"
251
+ require "mihari/services/alert_runner"
252
+
223
253
  # Entities
224
254
  require "mihari/entities/message"
225
255
 
data/mihari.gemspec CHANGED
@@ -66,7 +66,7 @@ Gem::Specification.new do |spec|
66
66
  spec.add_dependency "awrence", "2.0.1"
67
67
  spec.add_dependency "dotenv", "2.8.1"
68
68
  spec.add_dependency "dry-container", "0.11.0"
69
- spec.add_dependency "dry-files", "1.0.2"
69
+ spec.add_dependency "dry-files", "1.1.0"
70
70
  spec.add_dependency "dry-monads", "1.6.0"
71
71
  spec.add_dependency "dry-schema", "1.13.3"
72
72
  spec.add_dependency "dry-struct", "1.6.0"
@@ -93,7 +93,8 @@ Gem::Specification.new do |spec|
93
93
  spec.add_dependency "sentry-ruby", "5.12.0"
94
94
  spec.add_dependency "slack-notifier", "2.4.0"
95
95
  spec.add_dependency "sqlite3", "1.6.7"
96
- spec.add_dependency "thor", "1.2.2"
96
+ spec.add_dependency "thor", "1.3.0"
97
+ spec.add_dependency "thor-hollaback", "0.2.1"
97
98
  spec.add_dependency "uuidtools", "2.2.0"
98
99
  spec.add_dependency "whois", "5.1.0"
99
100
  spec.add_dependency "whois-parser", "2.0.0"
data/mkdocs.yml CHANGED
@@ -13,17 +13,19 @@ plugins:
13
13
  case: lower
14
14
 
15
15
  nav:
16
- - Mihari: index.md
17
16
  - Requirements: requirements.md
18
17
  - Installation: installation.md
19
18
  - How to Write a Rule: rule.md
20
19
  - Usage: usage.md
21
20
  - Configuration: configuration.md
22
- - GitHub Actions: github_actions.md
23
- - Analyzers: "analyzers/index.md"
24
- - Enrichers: "enrichers/index.md"
25
- - Emitters: "emitters/index.md"
26
- - Tags: "./tags.md"
21
+ - Tips:
22
+ - GitHub Actions: github_actions.md
23
+ - Alternatives: alternatives.md
24
+ - References:
25
+ - Analyzers: "analyzers/index.md"
26
+ - Enrichers: "enrichers/index.md"
27
+ - Emitters: "emitters/index.md"
28
+ - Tags: "./tags.md"
27
29
 
28
30
  markdown_extensions:
29
31
  - toc:
data/requirements.txt CHANGED
@@ -1,2 +1,2 @@
1
1
  mkdocs==1.5.3
2
- mkdocs-material==9.4.4
2
+ mkdocs-material==9.4.6
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mihari
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.4.9
4
+ version: 5.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Manabu Niseki
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2023-10-13 00:00:00.000000000 Z
11
+ date: 2023-10-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -380,14 +380,14 @@ dependencies:
380
380
  requirements:
381
381
  - - '='
382
382
  - !ruby/object:Gem::Version
383
- version: 1.0.2
383
+ version: 1.1.0
384
384
  type: :runtime
385
385
  prerelease: false
386
386
  version_requirements: !ruby/object:Gem::Requirement
387
387
  requirements:
388
388
  - - '='
389
389
  - !ruby/object:Gem::Version
390
- version: 1.0.2
390
+ version: 1.1.0
391
391
  - !ruby/object:Gem::Dependency
392
392
  name: dry-monads
393
393
  requirement: !ruby/object:Gem::Requirement
@@ -758,14 +758,28 @@ dependencies:
758
758
  requirements:
759
759
  - - '='
760
760
  - !ruby/object:Gem::Version
761
- version: 1.2.2
761
+ version: 1.3.0
762
762
  type: :runtime
763
763
  prerelease: false
764
764
  version_requirements: !ruby/object:Gem::Requirement
765
765
  requirements:
766
766
  - - '='
767
767
  - !ruby/object:Gem::Version
768
- version: 1.2.2
768
+ version: 1.3.0
769
+ - !ruby/object:Gem::Dependency
770
+ name: thor-hollaback
771
+ requirement: !ruby/object:Gem::Requirement
772
+ requirements:
773
+ - - '='
774
+ - !ruby/object:Gem::Version
775
+ version: 0.2.1
776
+ type: :runtime
777
+ prerelease: false
778
+ version_requirements: !ruby/object:Gem::Requirement
779
+ requirements:
780
+ - - '='
781
+ - !ruby/object:Gem::Version
782
+ version: 0.2.1
769
783
  - !ruby/object:Gem::Dependency
770
784
  name: uuidtools
771
785
  requirement: !ruby/object:Gem::Requirement
@@ -976,6 +990,7 @@ files:
976
990
  - lib/mihari/analyzers/virustotal.rb
977
991
  - lib/mihari/analyzers/virustotal_intelligence.rb
978
992
  - lib/mihari/analyzers/zoomeye.rb
993
+ - lib/mihari/base.rb
979
994
  - lib/mihari/cli/alert.rb
980
995
  - lib/mihari/cli/base.rb
981
996
  - lib/mihari/cli/database.rb
@@ -1061,6 +1076,7 @@ files:
1061
1076
  - lib/mihari/schemas/emitter.rb
1062
1077
  - lib/mihari/schemas/enricher.rb
1063
1078
  - lib/mihari/schemas/macros.rb
1079
+ - lib/mihari/schemas/options.rb
1064
1080
  - lib/mihari/schemas/rule.rb
1065
1081
  - lib/mihari/services/alert_builder.rb
1066
1082
  - lib/mihari/services/alert_proxy.rb
@@ -1094,8 +1110,8 @@ files:
1094
1110
  - lib/mihari/web/endpoints/tags.rb
1095
1111
  - lib/mihari/web/middleware/connection_adapter.rb
1096
1112
  - lib/mihari/web/middleware/error_notification_adapter.rb
1097
- - lib/mihari/web/public/assets/index-33165282.css
1098
- - lib/mihari/web/public/assets/index-a92abd57.js
1113
+ - lib/mihari/web/public/assets/index-56fc2187.css
1114
+ - lib/mihari/web/public/assets/index-9cc489e6.js
1099
1115
  - lib/mihari/web/public/assets/mode-yaml-a21faa53.js
1100
1116
  - lib/mihari/web/public/favicon.ico
1101
1117
  - lib/mihari/web/public/index.html