mihari 5.5.0 → 5.6.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (102) hide show
  1. checksums.yaml +4 -4
  2. data/docs/analyzers/binaryedge.md +1 -1
  3. data/docs/analyzers/censys.md +1 -1
  4. data/docs/analyzers/circl.md +1 -1
  5. data/docs/analyzers/crtsh.md +1 -1
  6. data/docs/analyzers/dnstwister.md +1 -1
  7. data/docs/analyzers/greynoise.md +1 -1
  8. data/docs/analyzers/hunterhow.md +1 -1
  9. data/docs/analyzers/index.md +29 -15
  10. data/docs/analyzers/onyphe.md +1 -1
  11. data/docs/analyzers/otx.md +2 -2
  12. data/docs/analyzers/passivetotal.md +6 -2
  13. data/docs/analyzers/pulsedive.md +2 -2
  14. data/docs/analyzers/securitytrails.md +6 -2
  15. data/docs/analyzers/shodan.md +1 -1
  16. data/docs/analyzers/urlscan.md +3 -3
  17. data/docs/analyzers/virustotal.md +6 -2
  18. data/docs/analyzers/virustotal_intelligence.md +8 -4
  19. data/docs/analyzers/zoomeye.md +5 -0
  20. data/docs/emitters/hive.md +1 -1
  21. data/docs/emitters/slack.md +0 -5
  22. data/docs/enrichers/google_public_dns.md +1 -1
  23. data/docs/enrichers/ipinfo.md +2 -2
  24. data/docs/enrichers/shodan.md +4 -4
  25. data/docs/enrichers/whois.md +1 -1
  26. data/docs/rule.md +1 -4
  27. data/docs/usage.md +5 -2
  28. data/frontend/package-lock.json +3 -3
  29. data/frontend/src/components/ErrorMessage.vue +0 -1
  30. data/frontend/src/components/alert/Alerts.vue +0 -1
  31. data/frontend/src/components/alert/AlertsWithPagination.vue +0 -1
  32. data/frontend/src/components/alert/AlertsWrapper.vue +0 -6
  33. data/frontend/src/components/alert/Form.vue +1 -3
  34. data/frontend/src/components/artifact/Artifact.vue +0 -17
  35. data/frontend/src/components/artifact/ArtifactWrapper.vue +0 -2
  36. data/frontend/src/components/artifact/WhoisRecord.vue +0 -3
  37. data/frontend/src/components/config/ConfigsWrapper.vue +0 -2
  38. data/frontend/src/components/rule/EditRule.vue +0 -3
  39. data/frontend/src/components/rule/EditRuleWrapper.vue +0 -2
  40. data/frontend/src/components/rule/Form.vue +1 -3
  41. data/frontend/src/components/rule/NewRule.vue +0 -3
  42. data/frontend/src/components/rule/Rule.vue +1 -7
  43. data/frontend/src/components/rule/RuleWrapper.vue +0 -2
  44. data/frontend/src/components/rule/RulesWrapper.vue +0 -6
  45. data/frontend/src/swagger.yaml +254 -254
  46. data/lib/mihari/analyzers/base.rb +4 -41
  47. data/lib/mihari/analyzers/circl.rb +1 -1
  48. data/lib/mihari/analyzers/crtsh.rb +1 -1
  49. data/lib/mihari/analyzers/dnstwister.rb +1 -1
  50. data/lib/mihari/analyzers/otx.rb +1 -1
  51. data/lib/mihari/analyzers/passivetotal.rb +10 -1
  52. data/lib/mihari/analyzers/pulsedive.rb +2 -2
  53. data/lib/mihari/analyzers/rule.rb +24 -59
  54. data/lib/mihari/analyzers/securitytrails.rb +10 -1
  55. data/lib/mihari/analyzers/virustotal.rb +11 -2
  56. data/lib/mihari/analyzers/virustotal_intelligence.rb +16 -0
  57. data/lib/mihari/analyzers/zoomeye.rb +2 -2
  58. data/lib/mihari/base.rb +69 -0
  59. data/lib/mihari/cli/main.rb +36 -0
  60. data/lib/mihari/clients/base.rb +2 -2
  61. data/lib/mihari/clients/binaryedge.rb +3 -5
  62. data/lib/mihari/clients/censys.rb +3 -3
  63. data/lib/mihari/clients/circl.rb +5 -4
  64. data/lib/mihari/clients/crtsh.rb +3 -2
  65. data/lib/mihari/clients/dnstwister.rb +3 -2
  66. data/lib/mihari/clients/greynoise.rb +2 -2
  67. data/lib/mihari/clients/hunterhow.rb +2 -2
  68. data/lib/mihari/clients/misp.rb +1 -1
  69. data/lib/mihari/clients/onyphe.rb +2 -2
  70. data/lib/mihari/clients/otx.rb +4 -3
  71. data/lib/mihari/clients/passivetotal.rb +5 -4
  72. data/lib/mihari/clients/publsedive.rb +4 -3
  73. data/lib/mihari/clients/securitytrails.rb +5 -3
  74. data/lib/mihari/clients/shodan.rb +2 -2
  75. data/lib/mihari/clients/the_hive.rb +1 -1
  76. data/lib/mihari/clients/urlscan.rb +4 -4
  77. data/lib/mihari/clients/virustotal.rb +2 -2
  78. data/lib/mihari/clients/zoomeye.rb +2 -2
  79. data/lib/mihari/commands/alert.rb +6 -33
  80. data/lib/mihari/commands/rule.rb +7 -12
  81. data/lib/mihari/commands/search.rb +10 -38
  82. data/lib/mihari/constants.rb +3 -3
  83. data/lib/mihari/emitters/base.rb +3 -33
  84. data/lib/mihari/emitters/database.rb +1 -1
  85. data/lib/mihari/enrichers/base.rb +2 -33
  86. data/lib/mihari/enrichers/google_public_dns.rb +9 -0
  87. data/lib/mihari/schemas/analyzer.rb +24 -24
  88. data/lib/mihari/schemas/emitter.rb +6 -13
  89. data/lib/mihari/schemas/enricher.rb +4 -11
  90. data/lib/mihari/schemas/options.rb +27 -0
  91. data/lib/mihari/schemas/rule.rb +2 -2
  92. data/lib/mihari/services/alert_runner.rb +1 -1
  93. data/lib/mihari/services/rule_runner.rb +1 -11
  94. data/lib/mihari/types.rb +1 -14
  95. data/lib/mihari/version.rb +1 -1
  96. data/lib/mihari/web/public/assets/{index-33165282.css → index-56fc2187.css} +1 -1
  97. data/lib/mihari/web/public/assets/{index-b5d817a3.js → index-9cc489e6.js} +2 -2
  98. data/lib/mihari/web/public/index.html +2 -2
  99. data/lib/mihari.rb +67 -37
  100. data/mihari.gemspec +1 -0
  101. data/mkdocs.yml +0 -3
  102. metadata +20 -4
data/lib/mihari/schemas/options.rb ADDED
@@ -0,0 +1,27 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "dry/schema"
4
+
5
+ module Mihari
6
+ module Schemas
7
+ Options = Dry::Schema.Params do
8
+ optional(:retry_times).value(:integer).default(Mihari.config.retry_times)
9
+ optional(:retry_interval).value(:integer).default(Mihari.config.retry_interval)
10
+ optional(:retry_exponential_backoff).value(:bool).default(Mihari.config.retry_exponential_backoff)
11
+ optional(:timeout).value(:integer)
12
+ end
13
+
14
+ IgnoreErrorOptions = Dry::Schema.Params do
15
+ optional(:ignore_error).value(:bool).default(Mihari.config.ignore_error)
16
+ end
17
+
18
+ AnalyzerOptions = Options | IgnoreErrorOptions
19
+
20
+ PaginationOptions = Dry::Schema.Params do
21
+ optional(:pagination_interval).value(:integer).default(Mihari.config.pagination_interval)
22
+ optional(:pagination_limit).value(:integer).default(Mihari.config.pagination_limit)
23
+ end
24
+
25
+ AnalyzerPaginationOptions = AnalyzerOptions | PaginationOptions
26
+ end
27
+ end
data/lib/mihari/schemas/rule.rb CHANGED
@@ -22,7 +22,7 @@ module Mihari
22
22
  optional(:updated_on).value(:date)
23
23
 
24
24
  required(:queries).value(:array).each do
25
- AnalyzerWithoutAPIKey | AnalyzerWithAPIKey | Censys | CIRCL | PassiveTotal | ZoomEye | Crtsh | Feed | HunterHow
25
+ AnalyzerAPIKey | AnalyzerAPIKeyPagination | Censys | CIRCL | PassiveTotal | ZoomEye | Crtsh | Feed | HunterHow | DNSTwister
26
26
  end
27
27
 
28
28
  optional(:emitters).value(:array).each do
@@ -33,7 +33,7 @@ module Mihari
33
33
  Enrichers::Whois | Enrichers::IPInfo | Enrichers::Shodan | Enrichers::GooglePublicDNS
34
34
  end.default(DEFAULT_ENRICHERS)
35
35
 
36
- optional(:data_types).value(array[Types::DataTypes]).default(DEFAULT_DATA_TYPES)
36
+ optional(:data_types).value(array[Types::DataTypes]).default(Mihari::Types::DataTypes.values)
37
37
  optional(:falsepositives).value(array[:string]).default([])
38
38
 
39
39
  optional(:artifact_lifetime).value(:integer)
data/lib/mihari/services/alert_runner.rb CHANGED
@@ -16,7 +16,7 @@ module Mihari
16
16
  # @return [Mihari::Alert]
17
17
  #
18
18
  def run
19
- emitter = Mihari::Emitters::Database.new(artifacts: alert.artifacts, rule: alert.rule)
19
+ emitter = Emitters::Database.new(artifacts: alert.artifacts, rule: alert.rule)
20
20
  emitter.emit
21
21
  end
22
22
 
data/lib/mihari/services/rule_runner.rb CHANGED
@@ -5,21 +5,11 @@ module Mihari
5
5
  class RuleRunner
6
6
  include Dry::Monads[:result, :try]
7
7
 
8
- include Mixins::ErrorNotification
9
-
10
8
  # @return [Mihari::Services::RuleProxy]
11
9
  attr_reader :rule
12
10
 
13
- # @return [Boolean]
14
- attr_reader :force_overwrite
15
-
16
- def initialize(rule, force_overwrite:)
11
+ def initialize(rule)
17
12
  @rule = rule
18
- @force_overwrite = force_overwrite
19
- end
20
-
21
- def force_overwrite?
22
- force_overwrite
23
13
  end
24
14
 
25
15
  #
data/lib/mihari/types.rb CHANGED
@@ -12,21 +12,8 @@ module Mihari
12
12
  Double = Strict::Float | Strict::Integer
13
13
  DateTime = Strict::DateTime
14
14
 
15
- DataTypes = Types::String.enum(*DEFAULT_DATA_TYPES)
15
+ DataTypes = Types::String.enum("hash", "ip", "domain", "url", "mail")
16
16
 
17
17
  HTTPRequestMethods = Types::String.enum("GET", "POST")
18
- HTTPRequestPayloadTypes = Types::String.enum("application/json", "application/x-www-form-urlencoded")
19
-
20
- EmitterTypes = Types::String.enum(
21
- "database",
22
- "webhook"
23
- )
24
-
25
- EnricherTypes = Types::String.enum(
26
- "whois",
27
- "ipinfo",
28
- "shodan",
29
- "google_public_dns"
30
- )
31
18
  end
32
19
  end
data/lib/mihari/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Mihari
4
- VERSION = "5.5.0"
4
+ VERSION = "5.6.1"
5
5
  end