RubyGems - mihari - Versions diffs - 5.6.1 → 5.6.2 - Mend

mihari 5.6.1 → 5.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (71) hide show

checksums.yaml +4 -4
data/frontend/package-lock.json +173 -176
data/frontend/package.json +9 -9
data/lib/mihari/{base.rb → actor.rb} +16 -2
data/lib/mihari/analyzers/base.rb +5 -10
data/lib/mihari/analyzers/censys.rb +1 -1
data/lib/mihari/analyzers/hunterhow.rb +1 -1
data/lib/mihari/analyzers/passivetotal.rb +1 -1
data/lib/mihari/analyzers/pulsedive.rb +1 -1
data/lib/mihari/analyzers/securitytrails.rb +1 -1
data/lib/mihari/analyzers/urlscan.rb +1 -1
data/lib/mihari/analyzers/virustotal.rb +5 -5
data/lib/mihari/analyzers/zoomeye.rb +3 -3
data/lib/mihari/clients/crtsh.rb +2 -2
data/lib/mihari/clients/passivetotal.rb +4 -4
data/lib/mihari/clients/securitytrails.rb +3 -3
data/lib/mihari/commands/rule.rb +2 -11
data/lib/mihari/commands/search.rb +1 -1
data/lib/mihari/emitters/base.rb +13 -24
data/lib/mihari/emitters/database.rb +7 -9
data/lib/mihari/emitters/misp.rb +14 -38
data/lib/mihari/emitters/slack.rb +14 -11
data/lib/mihari/emitters/the_hive.rb +16 -44
data/lib/mihari/emitters/webhook.rb +31 -21
data/lib/mihari/enrichers/base.rb +1 -6
data/lib/mihari/enrichers/whois.rb +1 -1
data/lib/mihari/models/alert.rb +75 -73
data/lib/mihari/models/artifact.rb +182 -180
data/lib/mihari/models/autonomous_system.rb +22 -20
data/lib/mihari/models/cpe.rb +21 -19
data/lib/mihari/models/dns.rb +24 -22
data/lib/mihari/models/geolocation.rb +22 -20
data/lib/mihari/models/port.rb +21 -19
data/lib/mihari/models/reverse_dns.rb +21 -19
data/lib/mihari/models/rule.rb +67 -65
data/lib/mihari/models/tag.rb +5 -3
data/lib/mihari/models/tagging.rb +5 -3
data/lib/mihari/models/whois.rb +18 -16
data/lib/mihari/rule.rb +352 -0
data/lib/mihari/schemas/analyzer.rb +94 -87
data/lib/mihari/schemas/emitter.rb +9 -5
data/lib/mihari/schemas/enricher.rb +8 -4
data/lib/mihari/schemas/mixins.rb +15 -0
data/lib/mihari/schemas/rule.rb +3 -10
data/lib/mihari/services/alert_builder.rb +1 -1
data/lib/mihari/services/alert_proxy.rb +10 -6
data/lib/mihari/services/alert_runner.rb +4 -4
data/lib/mihari/services/rule_builder.rb +3 -3
data/lib/mihari/services/rule_runner.rb +5 -5
data/lib/mihari/structs/binaryedge.rb +1 -1
data/lib/mihari/structs/censys.rb +6 -6
data/lib/mihari/structs/config.rb +1 -1
data/lib/mihari/structs/greynoise.rb +5 -5
data/lib/mihari/structs/hunterhow.rb +3 -3
data/lib/mihari/structs/onyphe.rb +5 -5
data/lib/mihari/structs/shodan.rb +6 -6
data/lib/mihari/structs/urlscan.rb +3 -3
data/lib/mihari/structs/virustotal_intelligence.rb +3 -3
data/lib/mihari/version.rb +1 -1
data/lib/mihari/web/endpoints/alerts.rb +4 -4
data/lib/mihari/web/endpoints/artifacts.rb +6 -6
data/lib/mihari/web/endpoints/rules.rb +10 -17
data/lib/mihari/web/endpoints/tags.rb +2 -2
data/lib/mihari/web/public/assets/{index-9cc489e6.js → index-28d4c79d.js} +48 -48
data/lib/mihari/web/public/index.html +1 -1
data/lib/mihari.rb +6 -8
data/mihari.gemspec +1 -2
data/requirements.txt +1 -1
metadata +8 -22
data/lib/mihari/analyzers/rule.rb +0 -232
data/lib/mihari/services/rule_proxy.rb +0 -182

data/lib/mihari/structs/urlscan.rb CHANGED Viewed

@@ -81,11 +81,11 @@ module Mihari
         end
         #
-        # @return [Array<Mihari::Artifact>]
+        # @return [Array<Mihari::Models::Artifact>]
         #
         def artifacts
           values = [page.url, page.domain, page.ip].compact
-          values.map { |value| Mihari::Artifact.new(data: value, metadata: metadata) }
+          values.map { |value| Mihari::Models::Artifact.new(data: value, metadata: metadata) }
         end
         class << self
@@ -125,7 +125,7 @@ module Mihari
         end
         #
-        # @return [Array<Mihari::Artifact>]
+        # @return [Array<Mihari::Models::Artifact>]
         #
         def artifacts
           results.map(&:artifacts).flatten

data/lib/mihari/structs/virustotal_intelligence.rb CHANGED Viewed

@@ -77,10 +77,10 @@ module Mihari
         end
         #
-        # @return [Mihari::Artifact]
+        # @return [Mihari::Models::Artifact]
         #
         def artifact
-          Artifact.new(data: value, metadata: metadata)
+          Models::Artifact.new(data: value, metadata: metadata)
         end
         class << self
@@ -151,7 +151,7 @@ module Mihari
         end
         #
-        # @return [Array<Mihari::Artifact>]
+        # @return [Array<Mihari::Models::Artifact>]
         #
         def artifacts
           data.map(&:artifact)

data/lib/mihari/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Mihari
-  VERSION = "5.6.1"
+  VERSION = "5.6.2"
 end

data/lib/mihari/web/endpoints/alerts.rb CHANGED Viewed

@@ -31,8 +31,8 @@ module Mihari
           filter = filter.to_h.symbolize_keys
           search_filter_with_pagination = Structs::Filters::Alert::SearchFilterWithPagination.new(**filter)
-          alerts = Mihari::Alert.search(search_filter_with_pagination)
-          total = Mihari::Alert.count(search_filter_with_pagination.without_pagination)
+          alerts = Mihari::Models::Alert.search(search_filter_with_pagination)
+          total = Mihari::Models::Alert.count(search_filter_with_pagination.without_pagination)
           present(
             {
@@ -59,7 +59,7 @@ module Mihari
           id = params["id"].to_i
           result = Try do
-            alert = Mihari::Alert.find(id)
+            alert = Mihari::Models::Alert.find(id)
             alert.destroy
           end.to_result
@@ -89,7 +89,7 @@ module Mihari
           extend Dry::Monads[:result, :try]
           result = Try do
-            proxy = Services::AlertProxy.new(params.to_snake_keys)
+            proxy = Services::AlertProxy.new(**params.to_snake_keys)
             runner = Services::AlertRunner.new(proxy)
             runner.run
           end.to_result

data/lib/mihari/web/endpoints/artifacts.rb CHANGED Viewed

@@ -18,7 +18,7 @@ module Mihari
           id = params[:id].to_i
           result = Try do
-            artifact = Mihari::Artifact.includes(
+            artifact = Mihari::Models::Artifact.includes(
               :autonomous_system,
               :geolocation,
               :whois_record,
@@ -26,9 +26,9 @@ module Mihari
               :reverse_dns_names
             ).find(id)
             # TODO: improve queries
-            alert_ids = Mihari::Artifact.where(data: artifact.data).pluck(:alert_id)
-            tag_ids = Mihari::Tagging.where(alert_id: alert_ids).pluck(:tag_id)
-            tag_names = Mihari::Tag.where(id: tag_ids).distinct.pluck(:name)
+            alert_ids = Mihari::Models::Artifact.where(data: artifact.data).pluck(:alert_id)
+            tag_ids = Mihari::Models::Tagging.where(alert_id: alert_ids).pluck(:tag_id)
+            tag_names = Mihari::Models::Tag.where(id: tag_ids).distinct.pluck(:name)
             artifact.tags = tag_names
@@ -60,7 +60,7 @@ module Mihari
           id = params["id"].to_i
           result = Try do
-            artifact = Mihari::Artifact.includes(
+            artifact = Mihari::Models::Artifact.includes(
               :autonomous_system,
               :geolocation,
               :whois_record,
@@ -102,7 +102,7 @@ module Mihari
           id = params["id"].to_i
           result = Try do
-            alert = Mihari::Artifact.find(id)
+            alert = Mihari::Models::Artifact.find(id)
             alert.destroy
           end.to_result

data/lib/mihari/web/endpoints/rules.rb CHANGED Viewed

@@ -10,7 +10,7 @@ module Mihari
           summary: "Get rule IDs"
         }
         get "/ids" do
-          rule_ids = Mihari::Rule.distinct.pluck(:id)
+          rule_ids = Mihari::Models::Rule.distinct.pluck(:id)
           present({ rule_ids: rule_ids }, with: Entities::RuleIDs)
         end
@@ -40,8 +40,8 @@ module Mihari
           filter = filter.to_h.symbolize_keys
           search_filter_with_pagenation = Structs::Filters::Rule::SearchFilterWithPagination.new(**filter)
-          rules = Mihari::Rule.search(search_filter_with_pagenation)
-          total = Mihari::Rule.count(search_filter_with_pagenation.without_pagination)
+          rules = Mihari::Models::Rule.search(search_filter_with_pagenation)
+          total = Mihari::Models::Rule.count(search_filter_with_pagenation.without_pagination)
           present(
             { rules: rules,
@@ -66,7 +66,7 @@ module Mihari
           id = params["id"].to_s
           result = Try do
-            Mihari::Rule.find(id)
+            Mihari::Models::Rule.find(id)
           end.to_result
           return present(result.value!, with: Entities::Rule) if result.success?
@@ -92,10 +92,7 @@ module Mihari
           id = params["id"].to_s
-          result = Try do
-            Mihari::Services::RuleProxy.from_model(Mihari::Rule.find(id))
-          end.to_result
+          result = Try { Rule.from_model(Mihari::Models::Rule.find(id)) }.to_result
           if result.success?
             result.value!.analyzer.run
             status 201
@@ -122,11 +119,9 @@ module Mihari
           extend Dry::Monads[:result, :try]
           yaml = params[:yaml]
-          result = Try do
-            Services::RuleProxy.from_yaml(yaml)
-          end.to_result.bind do |rule|
+          result = Try { Rule.from_yaml(yaml) }.to_result.bind do |rule|
             Try do
-              found = Mihari::Rule.find_by_id(rule.id)
+              found = Mihari::Models::Rule.find_by_id(rule.id)
               error!({ message: "ID:#{rule.id} is already registered" }, 400) unless found.nil?
               rule
             end.to_result
@@ -168,11 +163,9 @@ module Mihari
           yaml = params[:yaml]
           result = Try do
-            Mihari::Rule.find(id)
+            Mihari::Models::Rule.find(id)
           end.to_result.bind do |_|
-            Try do
-              Services::RuleProxy.from_yaml(yaml)
-            end.to_result
+            Try { Rule.from_yaml(yaml) }.to_result
           end.bind do |rule|
             Try do
               rule.model.save
@@ -212,7 +205,7 @@ module Mihari
           id = params["id"].to_s
           result = Try do
-            rule = Mihari::Rule.find(id)
+            rule = Mihari::Models::Rule.find(id)
             rule.destroy
           end.to_result

data/lib/mihari/web/endpoints/tags.rb CHANGED Viewed

@@ -10,7 +10,7 @@ module Mihari
           summary: "Get tags"
         }
         get "/" do
-          tags = Mihari::Tag.distinct.pluck(:name)
+          tags = Mihari::Models::Tag.distinct.pluck(:name)
           present({ tags: tags }, with: Entities::Tags)
         end
@@ -28,7 +28,7 @@ module Mihari
           name = params[:name].to_s
           result = Try do
-            Mihari::Tag.where(name: name).destroy_all
+            Mihari::Models::Tag.where(name: name).destroy_all
           end.to_result
           if result.success?