mihari 5.6.0 → 5.6.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/docs/analyzers/binaryedge.md +1 -1
- data/docs/analyzers/censys.md +1 -1
- data/docs/analyzers/circl.md +1 -1
- data/docs/analyzers/crtsh.md +1 -1
- data/docs/analyzers/dnstwister.md +1 -1
- data/docs/analyzers/greynoise.md +1 -1
- data/docs/analyzers/hunterhow.md +1 -1
- data/docs/analyzers/index.md +29 -15
- data/docs/analyzers/onyphe.md +1 -1
- data/docs/analyzers/otx.md +2 -2
- data/docs/analyzers/passivetotal.md +2 -2
- data/docs/analyzers/pulsedive.md +2 -2
- data/docs/analyzers/securitytrails.md +2 -2
- data/docs/analyzers/shodan.md +1 -1
- data/docs/analyzers/urlscan.md +3 -3
- data/docs/analyzers/virustotal.md +2 -2
- data/docs/analyzers/virustotal_intelligence.md +4 -4
- data/docs/analyzers/zoomeye.md +5 -0
- data/docs/enrichers/google_public_dns.md +1 -1
- data/docs/enrichers/ipinfo.md +2 -2
- data/docs/enrichers/shodan.md +4 -4
- data/docs/enrichers/whois.md +1 -1
- data/frontend/package-lock.json +176 -179
- data/frontend/package.json +9 -9
- data/lib/mihari/{base.rb → actor.rb} +16 -2
- data/lib/mihari/analyzers/base.rb +5 -10
- data/lib/mihari/analyzers/censys.rb +1 -1
- data/lib/mihari/analyzers/circl.rb +1 -1
- data/lib/mihari/analyzers/crtsh.rb +1 -1
- data/lib/mihari/analyzers/dnstwister.rb +1 -1
- data/lib/mihari/analyzers/hunterhow.rb +1 -1
- data/lib/mihari/analyzers/otx.rb +1 -1
- data/lib/mihari/analyzers/passivetotal.rb +2 -2
- data/lib/mihari/analyzers/pulsedive.rb +2 -2
- data/lib/mihari/analyzers/securitytrails.rb +2 -2
- data/lib/mihari/analyzers/urlscan.rb +1 -1
- data/lib/mihari/analyzers/virustotal.rb +5 -5
- data/lib/mihari/analyzers/zoomeye.rb +3 -3
- data/lib/mihari/clients/base.rb +2 -2
- data/lib/mihari/clients/binaryedge.rb +3 -5
- data/lib/mihari/clients/censys.rb +3 -3
- data/lib/mihari/clients/circl.rb +5 -4
- data/lib/mihari/clients/crtsh.rb +5 -4
- data/lib/mihari/clients/dnstwister.rb +3 -2
- data/lib/mihari/clients/greynoise.rb +2 -2
- data/lib/mihari/clients/hunterhow.rb +2 -2
- data/lib/mihari/clients/misp.rb +1 -1
- data/lib/mihari/clients/onyphe.rb +2 -2
- data/lib/mihari/clients/otx.rb +4 -3
- data/lib/mihari/clients/passivetotal.rb +9 -8
- data/lib/mihari/clients/publsedive.rb +4 -3
- data/lib/mihari/clients/securitytrails.rb +8 -6
- data/lib/mihari/clients/shodan.rb +2 -2
- data/lib/mihari/clients/the_hive.rb +1 -1
- data/lib/mihari/clients/urlscan.rb +4 -4
- data/lib/mihari/clients/virustotal.rb +2 -2
- data/lib/mihari/clients/zoomeye.rb +2 -2
- data/lib/mihari/commands/rule.rb +2 -11
- data/lib/mihari/commands/search.rb +1 -1
- data/lib/mihari/emitters/base.rb +13 -24
- data/lib/mihari/emitters/database.rb +7 -9
- data/lib/mihari/emitters/misp.rb +14 -38
- data/lib/mihari/emitters/slack.rb +14 -11
- data/lib/mihari/emitters/the_hive.rb +16 -44
- data/lib/mihari/emitters/webhook.rb +31 -21
- data/lib/mihari/enrichers/base.rb +1 -6
- data/lib/mihari/enrichers/whois.rb +1 -1
- data/lib/mihari/models/alert.rb +75 -73
- data/lib/mihari/models/artifact.rb +182 -180
- data/lib/mihari/models/autonomous_system.rb +22 -20
- data/lib/mihari/models/cpe.rb +21 -19
- data/lib/mihari/models/dns.rb +24 -22
- data/lib/mihari/models/geolocation.rb +22 -20
- data/lib/mihari/models/port.rb +21 -19
- data/lib/mihari/models/reverse_dns.rb +21 -19
- data/lib/mihari/models/rule.rb +67 -65
- data/lib/mihari/models/tag.rb +5 -3
- data/lib/mihari/models/tagging.rb +5 -3
- data/lib/mihari/models/whois.rb +18 -16
- data/lib/mihari/rule.rb +352 -0
- data/lib/mihari/schemas/analyzer.rb +94 -87
- data/lib/mihari/schemas/emitter.rb +9 -5
- data/lib/mihari/schemas/enricher.rb +8 -4
- data/lib/mihari/schemas/mixins.rb +15 -0
- data/lib/mihari/schemas/rule.rb +3 -10
- data/lib/mihari/services/alert_builder.rb +1 -1
- data/lib/mihari/services/alert_proxy.rb +10 -6
- data/lib/mihari/services/alert_runner.rb +4 -4
- data/lib/mihari/services/rule_builder.rb +3 -3
- data/lib/mihari/services/rule_runner.rb +5 -5
- data/lib/mihari/structs/binaryedge.rb +1 -1
- data/lib/mihari/structs/censys.rb +6 -6
- data/lib/mihari/structs/config.rb +1 -1
- data/lib/mihari/structs/greynoise.rb +5 -5
- data/lib/mihari/structs/hunterhow.rb +3 -3
- data/lib/mihari/structs/onyphe.rb +5 -5
- data/lib/mihari/structs/shodan.rb +6 -6
- data/lib/mihari/structs/urlscan.rb +3 -3
- data/lib/mihari/structs/virustotal_intelligence.rb +3 -3
- data/lib/mihari/version.rb +1 -1
- data/lib/mihari/web/endpoints/alerts.rb +4 -4
- data/lib/mihari/web/endpoints/artifacts.rb +6 -6
- data/lib/mihari/web/endpoints/rules.rb +10 -17
- data/lib/mihari/web/endpoints/tags.rb +2 -2
- data/lib/mihari/web/public/assets/{index-9cc489e6.js → index-28d4c79d.js} +48 -48
- data/lib/mihari/web/public/index.html +1 -1
- data/lib/mihari.rb +6 -8
- data/mihari.gemspec +1 -2
- data/mkdocs.yml +0 -3
- data/requirements.txt +1 -1
- metadata +8 -22
- data/lib/mihari/analyzers/rule.rb +0 -232
- data/lib/mihari/services/rule_proxy.rb +0 -182
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7136011e523fa8b61ed048932c1ca7e265425a4eaf89c76a5f8052f74c108f17
|
|
4
|
+
data.tar.gz: 243dfcbc17341520912a626210a336d0cdd419b011160d4d2f60ddd1f2326c33
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: eade462830cc2258517594564713cd5b612755f359a4efafb40fd16973282785f9a0ad610e3063c9b372ffddcf45e98773e6047f3761547493a68f6bafe25769
|
|
7
|
+
data.tar.gz: 7ff869faaaf0782d842e241e476d5b7602d94e3c08ae2588d4fcbe56d0c44bb6b38714db72fa6be5da70ca5989c6803193b0516614af80d2752114783ff3a5bf
|
data/docs/analyzers/censys.md
CHANGED
data/docs/analyzers/circl.md
CHANGED
data/docs/analyzers/crtsh.md
CHANGED
data/docs/analyzers/greynoise.md
CHANGED
data/docs/analyzers/hunterhow.md
CHANGED
data/docs/analyzers/index.md
CHANGED
|
@@ -26,29 +26,28 @@ All the analyzers can have optional `options`.
|
|
|
26
26
|
analyzer: ...
|
|
27
27
|
query: ...
|
|
28
28
|
options:
|
|
29
|
-
timeout: ...
|
|
30
|
-
pagination_interval: ...
|
|
31
|
-
pagination_limit: ...
|
|
32
29
|
retry_times: ...
|
|
33
30
|
retry_interval: ...
|
|
34
31
|
retry_exponential_backoff: ...
|
|
32
|
+
timeout: ...
|
|
35
33
|
ignore_error: ...
|
|
36
34
|
```
|
|
37
35
|
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
`timeout` (`integer`) is an HTTP timeout in seconds. Optional.
|
|
41
|
-
|
|
42
|
-
### Pagination Interval
|
|
43
|
-
|
|
44
|
-
`pagination_interval` (`integer`) is an interval in seconds between pagination. Optional. Defaults to 0.
|
|
36
|
+
Also the following analyzers can have pagination options.
|
|
45
37
|
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
38
|
+
- [Shodan](./shodan.md)
|
|
39
|
+
- [BinaryEdge](./binaryedge.md)
|
|
40
|
+
- [Censys](./censys.md)
|
|
41
|
+
- [ZoomEye](./zoomeye.md)
|
|
42
|
+
- [urlscan.io](./urlscan.md)
|
|
43
|
+
- [VirusTotal Intelligence](./virustotal_intelligence.md)
|
|
44
|
+
- [HunterHow](./hunterhow.md)
|
|
49
45
|
|
|
50
|
-
|
|
51
|
-
|
|
46
|
+
```yaml
|
|
47
|
+
options:
|
|
48
|
+
pagination_interval: ...
|
|
49
|
+
pagination_limit: ...
|
|
50
|
+
```
|
|
52
51
|
|
|
53
52
|
### Retry Times
|
|
54
53
|
|
|
@@ -62,6 +61,10 @@ In the worst case, if something wrong with Mihari or a service, Mihari can drain
|
|
|
62
61
|
|
|
63
62
|
`retry_exponential_backoff` (`bool`) controls whether to do exponential backoff. Optional. Defaults to `true`.
|
|
64
63
|
|
|
64
|
+
### Timeout
|
|
65
|
+
|
|
66
|
+
`timeout` (`integer`) is an HTTP timeout in seconds. Optional.
|
|
67
|
+
|
|
65
68
|
### Ignore Error
|
|
66
69
|
|
|
67
70
|
`ignore_error` (`bool`) controls whether to ignore an error or not. Optional. Defaults to `false`.
|
|
@@ -87,3 +90,14 @@ queries:
|
|
|
87
90
|
- analyzer: censys
|
|
88
91
|
query: ip:8.8.8.8
|
|
89
92
|
```
|
|
93
|
+
|
|
94
|
+
### Pagination Interval
|
|
95
|
+
|
|
96
|
+
`pagination_interval` (`integer`) is an interval in seconds between pagination. Optional. Defaults to 0.
|
|
97
|
+
|
|
98
|
+
### Pagination Limit
|
|
99
|
+
|
|
100
|
+
`pagination_limit` (`integer`) is an limit for pagination. Optional. Defaults to 100.
|
|
101
|
+
|
|
102
|
+
In the worst case, if something wrong with Mihari or a service, Mihari can drain API quota by doing pagination forever.
|
|
103
|
+
`pagination_limit` is a safety valve for that. A number of pagination is limited as `pagination_limit` times.
|
data/docs/analyzers/onyphe.md
CHANGED
data/docs/analyzers/otx.md
CHANGED
data/docs/analyzers/pulsedive.md
CHANGED
data/docs/analyzers/shodan.md
CHANGED
data/docs/analyzers/urlscan.md
CHANGED
data/docs/analyzers/zoomeye.md
CHANGED
data/docs/enrichers/ipinfo.md
CHANGED
data/docs/enrichers/shodan.md
CHANGED