mihari 5.6.0 → 5.6.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/docs/analyzers/binaryedge.md +1 -1
- data/docs/analyzers/censys.md +1 -1
- data/docs/analyzers/circl.md +1 -1
- data/docs/analyzers/crtsh.md +1 -1
- data/docs/analyzers/dnstwister.md +1 -1
- data/docs/analyzers/greynoise.md +1 -1
- data/docs/analyzers/hunterhow.md +1 -1
- data/docs/analyzers/index.md +29 -15
- data/docs/analyzers/onyphe.md +1 -1
- data/docs/analyzers/otx.md +2 -2
- data/docs/analyzers/passivetotal.md +2 -2
- data/docs/analyzers/pulsedive.md +2 -2
- data/docs/analyzers/securitytrails.md +2 -2
- data/docs/analyzers/shodan.md +1 -1
- data/docs/analyzers/urlscan.md +3 -3
- data/docs/analyzers/virustotal.md +2 -2
- data/docs/analyzers/virustotal_intelligence.md +4 -4
- data/docs/analyzers/zoomeye.md +5 -0
- data/docs/enrichers/google_public_dns.md +1 -1
- data/docs/enrichers/ipinfo.md +2 -2
- data/docs/enrichers/shodan.md +4 -4
- data/docs/enrichers/whois.md +1 -1
- data/frontend/package-lock.json +176 -179
- data/frontend/package.json +9 -9
- data/lib/mihari/{base.rb → actor.rb} +16 -2
- data/lib/mihari/analyzers/base.rb +5 -10
- data/lib/mihari/analyzers/censys.rb +1 -1
- data/lib/mihari/analyzers/circl.rb +1 -1
- data/lib/mihari/analyzers/crtsh.rb +1 -1
- data/lib/mihari/analyzers/dnstwister.rb +1 -1
- data/lib/mihari/analyzers/hunterhow.rb +1 -1
- data/lib/mihari/analyzers/otx.rb +1 -1
- data/lib/mihari/analyzers/passivetotal.rb +2 -2
- data/lib/mihari/analyzers/pulsedive.rb +2 -2
- data/lib/mihari/analyzers/securitytrails.rb +2 -2
- data/lib/mihari/analyzers/urlscan.rb +1 -1
- data/lib/mihari/analyzers/virustotal.rb +5 -5
- data/lib/mihari/analyzers/zoomeye.rb +3 -3
- data/lib/mihari/clients/base.rb +2 -2
- data/lib/mihari/clients/binaryedge.rb +3 -5
- data/lib/mihari/clients/censys.rb +3 -3
- data/lib/mihari/clients/circl.rb +5 -4
- data/lib/mihari/clients/crtsh.rb +5 -4
- data/lib/mihari/clients/dnstwister.rb +3 -2
- data/lib/mihari/clients/greynoise.rb +2 -2
- data/lib/mihari/clients/hunterhow.rb +2 -2
- data/lib/mihari/clients/misp.rb +1 -1
- data/lib/mihari/clients/onyphe.rb +2 -2
- data/lib/mihari/clients/otx.rb +4 -3
- data/lib/mihari/clients/passivetotal.rb +9 -8
- data/lib/mihari/clients/publsedive.rb +4 -3
- data/lib/mihari/clients/securitytrails.rb +8 -6
- data/lib/mihari/clients/shodan.rb +2 -2
- data/lib/mihari/clients/the_hive.rb +1 -1
- data/lib/mihari/clients/urlscan.rb +4 -4
- data/lib/mihari/clients/virustotal.rb +2 -2
- data/lib/mihari/clients/zoomeye.rb +2 -2
- data/lib/mihari/commands/rule.rb +2 -11
- data/lib/mihari/commands/search.rb +1 -1
- data/lib/mihari/emitters/base.rb +13 -24
- data/lib/mihari/emitters/database.rb +7 -9
- data/lib/mihari/emitters/misp.rb +14 -38
- data/lib/mihari/emitters/slack.rb +14 -11
- data/lib/mihari/emitters/the_hive.rb +16 -44
- data/lib/mihari/emitters/webhook.rb +31 -21
- data/lib/mihari/enrichers/base.rb +1 -6
- data/lib/mihari/enrichers/whois.rb +1 -1
- data/lib/mihari/models/alert.rb +75 -73
- data/lib/mihari/models/artifact.rb +182 -180
- data/lib/mihari/models/autonomous_system.rb +22 -20
- data/lib/mihari/models/cpe.rb +21 -19
- data/lib/mihari/models/dns.rb +24 -22
- data/lib/mihari/models/geolocation.rb +22 -20
- data/lib/mihari/models/port.rb +21 -19
- data/lib/mihari/models/reverse_dns.rb +21 -19
- data/lib/mihari/models/rule.rb +67 -65
- data/lib/mihari/models/tag.rb +5 -3
- data/lib/mihari/models/tagging.rb +5 -3
- data/lib/mihari/models/whois.rb +18 -16
- data/lib/mihari/rule.rb +352 -0
- data/lib/mihari/schemas/analyzer.rb +94 -87
- data/lib/mihari/schemas/emitter.rb +9 -5
- data/lib/mihari/schemas/enricher.rb +8 -4
- data/lib/mihari/schemas/mixins.rb +15 -0
- data/lib/mihari/schemas/rule.rb +3 -10
- data/lib/mihari/services/alert_builder.rb +1 -1
- data/lib/mihari/services/alert_proxy.rb +10 -6
- data/lib/mihari/services/alert_runner.rb +4 -4
- data/lib/mihari/services/rule_builder.rb +3 -3
- data/lib/mihari/services/rule_runner.rb +5 -5
- data/lib/mihari/structs/binaryedge.rb +1 -1
- data/lib/mihari/structs/censys.rb +6 -6
- data/lib/mihari/structs/config.rb +1 -1
- data/lib/mihari/structs/greynoise.rb +5 -5
- data/lib/mihari/structs/hunterhow.rb +3 -3
- data/lib/mihari/structs/onyphe.rb +5 -5
- data/lib/mihari/structs/shodan.rb +6 -6
- data/lib/mihari/structs/urlscan.rb +3 -3
- data/lib/mihari/structs/virustotal_intelligence.rb +3 -3
- data/lib/mihari/version.rb +1 -1
- data/lib/mihari/web/endpoints/alerts.rb +4 -4
- data/lib/mihari/web/endpoints/artifacts.rb +6 -6
- data/lib/mihari/web/endpoints/rules.rb +10 -17
- data/lib/mihari/web/endpoints/tags.rb +2 -2
- data/lib/mihari/web/public/assets/{index-9cc489e6.js → index-28d4c79d.js} +48 -48
- data/lib/mihari/web/public/index.html +1 -1
- data/lib/mihari.rb +6 -8
- data/mihari.gemspec +1 -2
- data/mkdocs.yml +0 -3
- data/requirements.txt +1 -1
- metadata +8 -22
- data/lib/mihari/analyzers/rule.rb +0 -232
- data/lib/mihari/services/rule_proxy.rb +0 -182
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7136011e523fa8b61ed048932c1ca7e265425a4eaf89c76a5f8052f74c108f17
|
|
4
|
+
data.tar.gz: 243dfcbc17341520912a626210a336d0cdd419b011160d4d2f60ddd1f2326c33
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: eade462830cc2258517594564713cd5b612755f359a4efafb40fd16973282785f9a0ad610e3063c9b372ffddcf45e98773e6047f3761547493a68f6bafe25769
|
|
7
|
+
data.tar.gz: 7ff869faaaf0782d842e241e476d5b7602d94e3c08ae2588d4fcbe56d0c44bb6b38714db72fa6be5da70ca5989c6803193b0516614af80d2752114783ff3a5bf
|
data/docs/analyzers/censys.md
CHANGED
data/docs/analyzers/circl.md
CHANGED
data/docs/analyzers/crtsh.md
CHANGED
data/docs/analyzers/greynoise.md
CHANGED
data/docs/analyzers/hunterhow.md
CHANGED
data/docs/analyzers/index.md
CHANGED
|
@@ -26,29 +26,28 @@ All the analyzers can have optional `options`.
|
|
|
26
26
|
analyzer: ...
|
|
27
27
|
query: ...
|
|
28
28
|
options:
|
|
29
|
-
timeout: ...
|
|
30
|
-
pagination_interval: ...
|
|
31
|
-
pagination_limit: ...
|
|
32
29
|
retry_times: ...
|
|
33
30
|
retry_interval: ...
|
|
34
31
|
retry_exponential_backoff: ...
|
|
32
|
+
timeout: ...
|
|
35
33
|
ignore_error: ...
|
|
36
34
|
```
|
|
37
35
|
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
`timeout` (`integer`) is an HTTP timeout in seconds. Optional.
|
|
41
|
-
|
|
42
|
-
### Pagination Interval
|
|
43
|
-
|
|
44
|
-
`pagination_interval` (`integer`) is an interval in seconds between pagination. Optional. Defaults to 0.
|
|
36
|
+
Also the following analyzers can have pagination options.
|
|
45
37
|
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
38
|
+
- [Shodan](./shodan.md)
|
|
39
|
+
- [BinaryEdge](./binaryedge.md)
|
|
40
|
+
- [Censys](./censys.md)
|
|
41
|
+
- [ZoomEye](./zoomeye.md)
|
|
42
|
+
- [urlscan.io](./urlscan.md)
|
|
43
|
+
- [VirusTotal Intelligence](./virustotal_intelligence.md)
|
|
44
|
+
- [HunterHow](./hunterhow.md)
|
|
49
45
|
|
|
50
|
-
|
|
51
|
-
|
|
46
|
+
```yaml
|
|
47
|
+
options:
|
|
48
|
+
pagination_interval: ...
|
|
49
|
+
pagination_limit: ...
|
|
50
|
+
```
|
|
52
51
|
|
|
53
52
|
### Retry Times
|
|
54
53
|
|
|
@@ -62,6 +61,10 @@ In the worst case, if something wrong with Mihari or a service, Mihari can drain
|
|
|
62
61
|
|
|
63
62
|
`retry_exponential_backoff` (`bool`) controls whether to do exponential backoff. Optional. Defaults to `true`.
|
|
64
63
|
|
|
64
|
+
### Timeout
|
|
65
|
+
|
|
66
|
+
`timeout` (`integer`) is an HTTP timeout in seconds. Optional.
|
|
67
|
+
|
|
65
68
|
### Ignore Error
|
|
66
69
|
|
|
67
70
|
`ignore_error` (`bool`) controls whether to ignore an error or not. Optional. Defaults to `false`.
|
|
@@ -87,3 +90,14 @@ queries:
|
|
|
87
90
|
- analyzer: censys
|
|
88
91
|
query: ip:8.8.8.8
|
|
89
92
|
```
|
|
93
|
+
|
|
94
|
+
### Pagination Interval
|
|
95
|
+
|
|
96
|
+
`pagination_interval` (`integer`) is an interval in seconds between pagination. Optional. Defaults to 0.
|
|
97
|
+
|
|
98
|
+
### Pagination Limit
|
|
99
|
+
|
|
100
|
+
`pagination_limit` (`integer`) is an limit for pagination. Optional. Defaults to 100.
|
|
101
|
+
|
|
102
|
+
In the worst case, if something wrong with Mihari or a service, Mihari can drain API quota by doing pagination forever.
|
|
103
|
+
`pagination_limit` is a safety valve for that. A number of pagination is limited as `pagination_limit` times.
|
data/docs/analyzers/onyphe.md
CHANGED
data/docs/analyzers/otx.md
CHANGED
data/docs/analyzers/pulsedive.md
CHANGED
data/docs/analyzers/shodan.md
CHANGED
data/docs/analyzers/urlscan.md
CHANGED
data/docs/analyzers/zoomeye.md
CHANGED
data/docs/enrichers/ipinfo.md
CHANGED
data/docs/enrichers/shodan.md
CHANGED