mihari 5.5.0 → 5.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0a0bb32d105b9879fbf87b5bcd5d49a4930cc9e054c42f992bd5c58d883ea8b0
-  data.tar.gz: 0c547d79f1a1950008f4797a743bf84b7bc1b766d693eb9c2e9b93d150ee4cb9
+  metadata.gz: 9131a7f69be7cde564ec00479ae3fa3723a3e80d28690c3e989119de3feab5f5
+  data.tar.gz: b115531cc635b7767e6bcf75c8ca0376e4ade45772e98aa9fc07df3b2dcc2e96
 SHA512:
-  metadata.gz: f9d5217d01e12da402ad9edde9dbeb35c14f6b18061807c48e9e0f6b84419b009b0bbdd4848d3df7302ba4c414c0fe004d7e0ee86a3e9fa29dcaea7bb79b6a8e
-  data.tar.gz: aa353778dc0f9eb1d525c828e7e662531ba1318f8c380a93cd1f0bd7eca8da33dba7915de297695223cf53a7c3de35419f152ae6d1c199382e6aa7e870a629f2
+  metadata.gz: 9a893bb138e769bf082bbea057229726f9b2e353fa539c9a1fb64aabcc8a622ed22315a0aa42e5dc873f6a13e3ec145776afe75203db93b7a3d2352d46b026b9
+  data.tar.gz: cd11791f340b58ffc39a03fba8ee2aad1da58fcf47fd8a00281fe8984d0149fa1e448aff4b55860b47e5fb424d994a40ab00f7691b416f315b3fbfdcd5737509

data/docs/analyzers/passivetotal.md

@@ -31,6 +31,10 @@ api_key: ...
 
 ## Components
 
+### Analyzer
+
+`analyzer` (`string`) should be either of `passivetotal` and `pt`.
+
 ### Query
 
 `query` (`string`) is a passive DNS/SSL or reverse whois search query. Domain, IP address, mail or SHA1 certificate fingerprint.

data/docs/analyzers/securitytrails.md

@@ -28,6 +28,10 @@ api_key: ...
 
 ## Components
 
+### Analyzer
+
+`analyzer` (`string`) should be either of `securitytrails` and `st`.
+
 ### Query
 
 `query` (`string`) is a passive DNS search/reverse whois query. Domain, IP address or mail.

data/docs/analyzers/virustotal.md

@@ -30,6 +30,10 @@ api_key: ...
 
 ## Components
 
+### Analyzer
+
+`analyzer` (`string`) should be either of `virustoal` and `vt`.
+
 ### Query
 
 `query` (`string`) is a passive DNS search query. Domain or IP address.

data/docs/analyzers/virustotal_intelligence.md

@@ -20,6 +20,10 @@ api_key: ...
 
 ## Components
 
+### Analyzer
+
+`analyzer` (`string`) should be either of `virustotal_intelligence` and ``.
+
 ### Query
 
 `query` (`string`) is a search query.

data/docs/emitters/hive.md

@@ -5,7 +5,7 @@
 This emitter creates an alert on TheHive. TheHive v4 & v5 are supported.
 
 ```yaml
-emitter: the_hive
+emitter: thehive
 url: ...
 api_key: ...
 api_version: ...

data/docs/emitters/slack.md

@@ -10,11 +10,6 @@ webhook_url: ...
 channel: ...
 ```
 
-| Name        | Type   | Required? | Default                         | Desc.             |
-| ----------- | ------ | --------- | ------------------------------- | ----------------- |
-| webhook_url | String | No        | ENV[SLACK_WEBHOOK_URL]          | Slack webhook URL |
-| channel     | String | No        | ENV[SLACK_CHANNEL] / `#general` | Slack channel     |
-
 ## Components
 
 ### Webhook URL

data/docs/rule.md

@@ -54,7 +54,7 @@ emitters:
   - emitter: database
   - emitter: misp
   - emitter: slack
-  - emitter: the_hive
+  - emitter: thehive
 data_types:
   - hash
   - ip
@@ -124,9 +124,6 @@ See [Emitters](./emitters/index.md) to know details of each emitter.
 Defaults to:
 
 - `database`
-- `misp`
-- `slack`
-- `the_hive`
 
 ### Data Types
 

data/docs/usage.md

@@ -8,8 +8,11 @@ Commands:
   mihari db                   # Sub commands for DB
   mihari help [COMMAND]       # Describe available commands or one specific command
   mihari rule                 # Sub commands for rule
-  mihari search [PATH_OR_ID]  # Search by a rule
+  mihari search [PATH_OR_ID]  # Search by a rule (Outputs null if there is no new finding)
   mihari web                  # Launch the web app
+
+Options:
+  -d, [--debug], [--no-debug]  # Sets up debug mode
 ```
 
 ## `mihari db`
@@ -43,7 +46,7 @@ Mihari asks whether really you want to update a rule if there is a diff by defau
 
 ```bash
 $ mihari search /path/to/rule.yml
-There is a diff in the rule (6254bb74-5e5d-42ad-bc1e-231da0293b0f). Are you sure you want to overwrite the rule? (y/n)
+There is a diff in the rule. Are you sure you want to overwrite the rule? (y/n)
 ```
 
 It can be suppressed by providing `-f`.

data/frontend/src/components/ErrorMessage.vue

@@ -3,7 +3,6 @@
     <p v-if="error.response.data?.message">{{ error.response.data.message }}</p>
     <p v-else>{{ error }}</p>
   </div>
-
   <article class="message" v-if="error.response.data?.details">
     <div class="message-body">
       <VueJsonPretty :data="error.response.data.details"></VueJsonPretty>

data/frontend/src/components/alert/Alerts.vue

@@ -6,7 +6,6 @@
     @refresh-page="refreshPage"
     @update-tag="updateTag"
   ></Alert>
-
   <Pagination
     :total="alerts.total"
     :currentPage="alerts.currentPage"

data/frontend/src/components/alert/AlertsWithPagination.vue

@@ -1,6 +1,5 @@
 <template>
   <Loading v-if="getAlertsTask.isRunning"></Loading>
-
   <Alerts
     :alerts="getAlertsTask.last.value"
     v-if="getAlertsTask.last?.value"

data/frontend/src/components/alert/AlertsWrapper.vue

@@ -7,9 +7,7 @@
       :page="page"
       :tag="tag"
     ></FormComponent>
-
     <hr />
-
     <div class="columns">
       <div class="column">
         <div class="field is-grouped is-grouped-centered">
@@ -25,14 +23,10 @@
       </div>
     </div>
   </div>
-
   <div v-if="getAlertsTask.performCount > 0">
     <hr />
-
     <Loading v-if="getAlertsTask.isRunning"></Loading>
-
     <ErrorMessage v-if="getAlertsTask.isError" :error="getAlertsTask.last?.error"></ErrorMessage>
-
     <AlertsComponent
       :alerts="getAlertsTask.last.value"
       v-if="getAlertsTask.last?.value"

data/frontend/src/components/alert/Form.vue

@@ -36,7 +36,6 @@
       </div>
     </div>
   </div>
-
   <div class="columns">
     <div class="column">
       <div class="field is-horizontal">
@@ -61,7 +60,6 @@
     </div>
     <div class="column"></div>
   </div>
-
   <div class="columns">
     <div class="column">
       <div class="field is-horizontal">
@@ -95,7 +93,7 @@
 </template>
 
 <script lang="ts">
-import { defineComponent, type PropType, ref, toRef,watch } from "vue"
+import { defineComponent, type PropType, ref, toRef, watch } from "vue"
 import { useRoute } from "vue-router"
 
 import type { AlertSearchParams } from "@/types"

data/frontend/src/components/artifact/Artifact.vue

@@ -4,9 +4,7 @@
       <Loading></Loading>
       <hr />
     </div>
-
     <h2 class="is-size-2 mb-4">Artifact</h2>
-
     <div class="columns">
       <div
         class="column is-half"
@@ -21,7 +19,6 @@
           </h4>
           <iframe class="mb-4" :src="googleMapSrc" width="100%" height="240px"></iframe>
         </div>
-
         <div v-if="urlscanLiveshotSrc">
           <h4 class="is-size-4 mb-2">
             Live screenshot
@@ -30,11 +27,9 @@
           <img :src="urlscanLiveshotSrc" class="liveshot" alt="liveshot" />
         </div>
       </div>
-
       <div class="column">
         <div class="block">
           <h4 class="is-size-4 mb-2">Information</h4>
-
           <table class="table is-fullwidth is-completely-borderless">
             <tr>
               <th>ID</th>
@@ -47,7 +42,6 @@
                       <font-awesome-icon icon="lightbulb"></font-awesome-icon>
                     </span>
                   </button>
-
                   <button
                     class="button is-info is-light is-small"
                     @click="flipShowMetadata"
@@ -58,7 +52,6 @@
                       <font-awesome-icon icon="info-circle"></font-awesome-icon>
                     </span>
                   </button>
-
                   <button class="button is-light is-small" @click="deleteArtifact">
                     <span>Delete</span>
                     <span class="icon is-small">
@@ -86,7 +79,6 @@
             </tr>
           </table>
         </div>
-
         <div v-if="artifact.metadata && showMetadata">
           <div class="modal is-active">
             <div class="modal-background" @click="flipShowMetadata"></div>
@@ -103,45 +95,36 @@
         </div>
       </div>
     </div>
-
     <div class="block" v-if="artifact.autonomousSystem">
       <h4 class="is-size-4 mb-2">AS</h4>
       <AS :autonomousSystem="artifact.autonomousSystem"></AS>
     </div>
-
     <div class="block" v-if="artifact.reverseDnsNames">
       <h4 class="is-size-4 mb-2">Reverse DNS</h4>
       <ReverseDnsNames :reverseDnsNames="artifact.reverseDnsNames"></ReverseDnsNames>
     </div>
-
     <div class="block" v-if="artifact.dnsRecords">
       <h4 class="is-size-4 mb-2">DNS records</h4>
       <DnsRecords :dnsRecords="artifact.dnsRecords"></DnsRecords>
     </div>
-
     <div class="block" v-if="artifact.cpes">
       <h4 class="is-size-4 mb-2">CPEs</h4>
       <CPEs :cpes="artifact.cpes"></CPEs>
     </div>
-
     <div class="block" v-if="artifact.ports">
       <h4 class="is-size-4 mb-2">Ports</h4>
       <Ports :ports="artifact.ports"></Ports>
     </div>
-
     <div class="block" v-if="artifact.whoisRecord">
       <h4 class="is-size-4 mb-2">Whois record</h4>
       <WhoisRecord :whoisRecord="artifact.whoisRecord"></WhoisRecord>
     </div>
-
     <div class="block">
       <h4 class="is-size-4 mb-2">Links</h4>
       <Links :data="artifact.data" :type="artifact.dataType"></Links>
     </div>
   </div>
-
   <hr />
-
   <div class="column">
     <h2 class="is-size-2 mb-4">Related alerts</h2>
     <Alerts :artifact="artifact.data"></Alerts>

data/frontend/src/components/artifact/ArtifactWrapper.vue

@@ -1,8 +1,6 @@
 <template>
   <Loading v-if="getArtifactTask.isRunning"></Loading>
-
   <ErrorMessage v-if="getArtifactTask.isError" :error="getArtifactTask.last?.error"></ErrorMessage>
-
   <ArtifactComponent
     :artifact="getArtifactTask.last.value"
     @refresh="refresh"

data/frontend/src/components/artifact/WhoisRecord.vue

@@ -6,21 +6,18 @@
         <span class="tag is-light">{{ whoisRecord.registrar?.name || "N/A" }}</span>
       </div>
     </div>
-
     <div class="control">
       <div class="tags has-addons are-medium">
         <span class="tag is-dark">Created on</span>
         <span class="tag is-light">{{ whoisRecord.createdOn || "N/A" }}</span>
       </div>
     </div>
-
     <div class="control">
       <div class="tags has-addons are-medium">
         <span class="tag is-dark">Updated on</span>
         <span class="tag is-light">{{ whoisRecord.updatedOn || "N/A" }}</span>
       </div>
     </div>
-
     <div class="control">
       <div class="tags has-addons are-medium">
         <span class="tag is-dark">Exipres on</span>

data/frontend/src/components/config/ConfigsWrapper.vue

@@ -1,8 +1,6 @@
 <template>
   <Loading v-if="getConfigsTask.isRunning"></Loading>
-
   <ErrorMessage v-if="getConfigsTask.isError" :error="getConfigsTask.last?.error"></ErrorMessage>
-
   <Configs :configs="getConfigsTask.last.value" v-if="getConfigsTask.last?.value"></Configs>
 </template>
 

data/frontend/src/components/rule/EditRule.vue

@@ -1,9 +1,7 @@
 <template>
   <div class="column">
     <h2 class="is-size-2 mb-4">Edit rule: {{ rule.id }}</h2>
-
     <InputForm v-model:yaml="yaml" @update-yaml="updateYAML"></InputForm>
-
     <div class="field is-grouped is-grouped-centered">
       <p class="control">
         <a class="button is-primary" @click="edit">
@@ -14,7 +12,6 @@
         </a>
       </p>
     </div>
-
     <div v-if="updateRuleTask.last?.error">
       <hr />
       <ErrorMessage :error="updateRuleTask.last?.error"></ErrorMessage>

data/frontend/src/components/rule/EditRuleWrapper.vue

@@ -1,8 +1,6 @@
 <template>
   <Loading v-if="getRuleTask.isRunning"></Loading>
-
   <ErrorMessage v-if="getRuleTask.isError" :error="getRuleTask.last?.error"></ErrorMessage>
-
   <EditRule :rule="getRuleTask.last.value" v-if="getRuleTask.last?.value"></EditRule>
 </template>
 

data/frontend/src/components/rule/Form.vue

@@ -29,7 +29,6 @@
       </div>
     </div>
   </div>
-
   <div class="columns">
     <div class="column">
       <div class="field is-horizontal">
@@ -54,7 +53,6 @@
     </div>
     <div class="column"></div>
   </div>
-
   <div class="columns">
     <div class="column">
       <div class="field is-horizontal">
@@ -88,7 +86,7 @@
 </template>
 
 <script lang="ts">
-import { defineComponent, type PropType, ref, toRef,watch } from "vue"
+import { defineComponent, type PropType, ref, toRef, watch } from "vue"
 import { useRoute } from "vue-router"
 
 import type { RuleSearchParams } from "@/types"

data/frontend/src/components/rule/NewRule.vue

@@ -1,9 +1,7 @@
 <template>
   <div class="column">
     <h2 class="is-size-2 mb-4">New rule</h2>
-
     <InputForm v-model:yaml="yaml" @update-yaml="updateYAML"></InputForm>
-
     <div class="field is-grouped is-grouped-centered">
       <p class="control">
         <a class="button is-primary" @click="create">
@@ -14,7 +12,6 @@
         </a>
       </p>
     </div>
-
     <div v-if="createRuleTask.last?.error">
       <hr />
       <ErrorMessage :error="createRuleTask.last?.error"></ErrorMessage>

data/frontend/src/components/rule/Rule.vue

@@ -4,15 +4,12 @@
       <Loading></Loading>
       <hr />
     </div>
-
     <div v-if="runRuleTask.last?.error">
       <ErrorMessage :error="runRuleTask.last.error"></ErrorMessage>
       <hr />
     </div>
-
     <h2 class="is-size-2 mb-4">Rule</h2>
-
-    <p class="is-clearfix">
+    <p class="block is-clearfix">
       <span class="buttons is-pulled-right">
         <button class="button is-primary is-light is-small" @click="runRule">
           <span>Run</span>
@@ -37,12 +34,9 @@
         </button>
       </span>
     </p>
-
     <YAML :yaml="rule.yaml"></YAML>
   </div>
-
   <hr />
-
   <div class="column">
     <h2 class="is-size-2 mb-4">Related alerts</h2>
 

data/frontend/src/components/rule/RuleWrapper.vue

@@ -1,8 +1,6 @@
 <template>
   <Loading v-if="getRuleTask.isRunning"></Loading>
-
   <ErrorMessage v-if="getRuleTask.isError" :error="getRuleTask.last?.error"></ErrorMessage>
-
   <Rule :rule="getRuleTask.last.value" @refresh="refresh" v-if="getRuleTask.last?.value"></Rule>
 </template>
 

data/frontend/src/components/rule/RulesWrapper.vue

@@ -6,9 +6,7 @@
       :page="page"
       :tag="tag"
     ></FormComponent>
-
     <hr />
-
     <div class="column">
       <div class="field is-grouped is-grouped-centered">
         <p class="control">
@@ -22,14 +20,10 @@
       </div>
     </div>
   </div>
-
   <div v-if="getRulesTask.performCount > 0">
     <hr />
-
     <Loading v-if="getRulesTask.isRunning"></Loading>
-
     <ErrorMessage v-if="getRulesTask.isError" :error="getRulesTask.last?.error"></ErrorMessage>
-
     <Rules
       :rules="getRulesTask.last.value"
       v-if="getRulesTask.last?.value"