mihari 5.5.0 → 5.6.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/docs/analyzers/binaryedge.md +1 -1
- data/docs/analyzers/censys.md +1 -1
- data/docs/analyzers/circl.md +1 -1
- data/docs/analyzers/crtsh.md +1 -1
- data/docs/analyzers/dnstwister.md +1 -1
- data/docs/analyzers/greynoise.md +1 -1
- data/docs/analyzers/hunterhow.md +1 -1
- data/docs/analyzers/index.md +29 -15
- data/docs/analyzers/onyphe.md +1 -1
- data/docs/analyzers/otx.md +2 -2
- data/docs/analyzers/passivetotal.md +6 -2
- data/docs/analyzers/pulsedive.md +2 -2
- data/docs/analyzers/securitytrails.md +6 -2
- data/docs/analyzers/shodan.md +1 -1
- data/docs/analyzers/urlscan.md +3 -3
- data/docs/analyzers/virustotal.md +6 -2
- data/docs/analyzers/virustotal_intelligence.md +8 -4
- data/docs/analyzers/zoomeye.md +5 -0
- data/docs/emitters/hive.md +1 -1
- data/docs/emitters/slack.md +0 -5
- data/docs/enrichers/google_public_dns.md +1 -1
- data/docs/enrichers/ipinfo.md +2 -2
- data/docs/enrichers/shodan.md +4 -4
- data/docs/enrichers/whois.md +1 -1
- data/docs/rule.md +1 -4
- data/docs/usage.md +5 -2
- data/frontend/package-lock.json +3 -3
- data/frontend/src/components/ErrorMessage.vue +0 -1
- data/frontend/src/components/alert/Alerts.vue +0 -1
- data/frontend/src/components/alert/AlertsWithPagination.vue +0 -1
- data/frontend/src/components/alert/AlertsWrapper.vue +0 -6
- data/frontend/src/components/alert/Form.vue +1 -3
- data/frontend/src/components/artifact/Artifact.vue +0 -17
- data/frontend/src/components/artifact/ArtifactWrapper.vue +0 -2
- data/frontend/src/components/artifact/WhoisRecord.vue +0 -3
- data/frontend/src/components/config/ConfigsWrapper.vue +0 -2
- data/frontend/src/components/rule/EditRule.vue +0 -3
- data/frontend/src/components/rule/EditRuleWrapper.vue +0 -2
- data/frontend/src/components/rule/Form.vue +1 -3
- data/frontend/src/components/rule/NewRule.vue +0 -3
- data/frontend/src/components/rule/Rule.vue +1 -7
- data/frontend/src/components/rule/RuleWrapper.vue +0 -2
- data/frontend/src/components/rule/RulesWrapper.vue +0 -6
- data/frontend/src/swagger.yaml +254 -254
- data/lib/mihari/analyzers/base.rb +4 -41
- data/lib/mihari/analyzers/circl.rb +1 -1
- data/lib/mihari/analyzers/crtsh.rb +1 -1
- data/lib/mihari/analyzers/dnstwister.rb +1 -1
- data/lib/mihari/analyzers/otx.rb +1 -1
- data/lib/mihari/analyzers/passivetotal.rb +10 -1
- data/lib/mihari/analyzers/pulsedive.rb +2 -2
- data/lib/mihari/analyzers/rule.rb +24 -59
- data/lib/mihari/analyzers/securitytrails.rb +10 -1
- data/lib/mihari/analyzers/virustotal.rb +11 -2
- data/lib/mihari/analyzers/virustotal_intelligence.rb +16 -0
- data/lib/mihari/analyzers/zoomeye.rb +2 -2
- data/lib/mihari/base.rb +69 -0
- data/lib/mihari/cli/main.rb +36 -0
- data/lib/mihari/clients/base.rb +2 -2
- data/lib/mihari/clients/binaryedge.rb +3 -5
- data/lib/mihari/clients/censys.rb +3 -3
- data/lib/mihari/clients/circl.rb +5 -4
- data/lib/mihari/clients/crtsh.rb +3 -2
- data/lib/mihari/clients/dnstwister.rb +3 -2
- data/lib/mihari/clients/greynoise.rb +2 -2
- data/lib/mihari/clients/hunterhow.rb +2 -2
- data/lib/mihari/clients/misp.rb +1 -1
- data/lib/mihari/clients/onyphe.rb +2 -2
- data/lib/mihari/clients/otx.rb +4 -3
- data/lib/mihari/clients/passivetotal.rb +5 -4
- data/lib/mihari/clients/publsedive.rb +4 -3
- data/lib/mihari/clients/securitytrails.rb +5 -3
- data/lib/mihari/clients/shodan.rb +2 -2
- data/lib/mihari/clients/the_hive.rb +1 -1
- data/lib/mihari/clients/urlscan.rb +4 -4
- data/lib/mihari/clients/virustotal.rb +2 -2
- data/lib/mihari/clients/zoomeye.rb +2 -2
- data/lib/mihari/commands/alert.rb +6 -33
- data/lib/mihari/commands/rule.rb +7 -12
- data/lib/mihari/commands/search.rb +10 -38
- data/lib/mihari/constants.rb +3 -3
- data/lib/mihari/emitters/base.rb +3 -33
- data/lib/mihari/emitters/database.rb +1 -1
- data/lib/mihari/enrichers/base.rb +2 -33
- data/lib/mihari/enrichers/google_public_dns.rb +9 -0
- data/lib/mihari/schemas/analyzer.rb +24 -24
- data/lib/mihari/schemas/emitter.rb +6 -13
- data/lib/mihari/schemas/enricher.rb +4 -11
- data/lib/mihari/schemas/options.rb +27 -0
- data/lib/mihari/schemas/rule.rb +2 -2
- data/lib/mihari/services/alert_runner.rb +1 -1
- data/lib/mihari/services/rule_runner.rb +1 -11
- data/lib/mihari/types.rb +1 -14
- data/lib/mihari/version.rb +1 -1
- data/lib/mihari/web/public/assets/{index-33165282.css → index-56fc2187.css} +1 -1
- data/lib/mihari/web/public/assets/{index-b5d817a3.js → index-9cc489e6.js} +2 -2
- data/lib/mihari/web/public/index.html +2 -2
- data/lib/mihari.rb +67 -37
- data/mihari.gemspec +1 -0
- data/mkdocs.yml +0 -3
- metadata +20 -4
@@ -0,0 +1,27 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "dry/schema"
|
4
|
+
|
5
|
+
module Mihari
|
6
|
+
module Schemas
|
7
|
+
Options = Dry::Schema.Params do
|
8
|
+
optional(:retry_times).value(:integer).default(Mihari.config.retry_times)
|
9
|
+
optional(:retry_interval).value(:integer).default(Mihari.config.retry_interval)
|
10
|
+
optional(:retry_exponential_backoff).value(:bool).default(Mihari.config.retry_exponential_backoff)
|
11
|
+
optional(:timeout).value(:integer)
|
12
|
+
end
|
13
|
+
|
14
|
+
IgnoreErrorOptions = Dry::Schema.Params do
|
15
|
+
optional(:ignore_error).value(:bool).default(Mihari.config.ignore_error)
|
16
|
+
end
|
17
|
+
|
18
|
+
AnalyzerOptions = Options | IgnoreErrorOptions
|
19
|
+
|
20
|
+
PaginationOptions = Dry::Schema.Params do
|
21
|
+
optional(:pagination_interval).value(:integer).default(Mihari.config.pagination_interval)
|
22
|
+
optional(:pagination_limit).value(:integer).default(Mihari.config.pagination_limit)
|
23
|
+
end
|
24
|
+
|
25
|
+
AnalyzerPaginationOptions = AnalyzerOptions | PaginationOptions
|
26
|
+
end
|
27
|
+
end
|
data/lib/mihari/schemas/rule.rb
CHANGED
@@ -22,7 +22,7 @@ module Mihari
|
|
22
22
|
optional(:updated_on).value(:date)
|
23
23
|
|
24
24
|
required(:queries).value(:array).each do
|
25
|
-
|
25
|
+
AnalyzerAPIKey | AnalyzerAPIKeyPagination | Censys | CIRCL | PassiveTotal | ZoomEye | Crtsh | Feed | HunterHow | DNSTwister
|
26
26
|
end
|
27
27
|
|
28
28
|
optional(:emitters).value(:array).each do
|
@@ -33,7 +33,7 @@ module Mihari
|
|
33
33
|
Enrichers::Whois | Enrichers::IPInfo | Enrichers::Shodan | Enrichers::GooglePublicDNS
|
34
34
|
end.default(DEFAULT_ENRICHERS)
|
35
35
|
|
36
|
-
optional(:data_types).value(array[Types::DataTypes]).default(
|
36
|
+
optional(:data_types).value(array[Types::DataTypes]).default(Mihari::Types::DataTypes.values)
|
37
37
|
optional(:falsepositives).value(array[:string]).default([])
|
38
38
|
|
39
39
|
optional(:artifact_lifetime).value(:integer)
|
@@ -5,21 +5,11 @@ module Mihari
|
|
5
5
|
class RuleRunner
|
6
6
|
include Dry::Monads[:result, :try]
|
7
7
|
|
8
|
-
include Mixins::ErrorNotification
|
9
|
-
|
10
8
|
# @return [Mihari::Services::RuleProxy]
|
11
9
|
attr_reader :rule
|
12
10
|
|
13
|
-
|
14
|
-
attr_reader :force_overwrite
|
15
|
-
|
16
|
-
def initialize(rule, force_overwrite:)
|
11
|
+
def initialize(rule)
|
17
12
|
@rule = rule
|
18
|
-
@force_overwrite = force_overwrite
|
19
|
-
end
|
20
|
-
|
21
|
-
def force_overwrite?
|
22
|
-
force_overwrite
|
23
13
|
end
|
24
14
|
|
25
15
|
#
|
data/lib/mihari/types.rb
CHANGED
@@ -12,21 +12,8 @@ module Mihari
|
|
12
12
|
Double = Strict::Float | Strict::Integer
|
13
13
|
DateTime = Strict::DateTime
|
14
14
|
|
15
|
-
DataTypes = Types::String.enum(
|
15
|
+
DataTypes = Types::String.enum("hash", "ip", "domain", "url", "mail")
|
16
16
|
|
17
17
|
HTTPRequestMethods = Types::String.enum("GET", "POST")
|
18
|
-
HTTPRequestPayloadTypes = Types::String.enum("application/json", "application/x-www-form-urlencoded")
|
19
|
-
|
20
|
-
EmitterTypes = Types::String.enum(
|
21
|
-
"database",
|
22
|
-
"webhook"
|
23
|
-
)
|
24
|
-
|
25
|
-
EnricherTypes = Types::String.enum(
|
26
|
-
"whois",
|
27
|
-
"ipinfo",
|
28
|
-
"shodan",
|
29
|
-
"google_public_dns"
|
30
|
-
)
|
31
18
|
end
|
32
19
|
end
|
data/lib/mihari/version.rb
CHANGED