mihari 5.6.1 → 5.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +5 -1
- data/README.md +1 -0
- data/config.ru +1 -1
- data/docs/analyzers/fofa.md +31 -0
- data/docs/analyzers/index.md +1 -0
- data/frontend/package-lock.json +183 -186
- data/frontend/package.json +10 -10
- data/frontend/src/components/alert/Form.vue +1 -14
- data/frontend/src/components/artifact/AS.vue +2 -8
- data/frontend/src/components/artifact/DnsRecords.vue +2 -8
- data/frontend/src/components/artifact/ReverseDnsNames.vue +2 -10
- data/frontend/src/components/artifact/WhoisRecord.vue +1 -1
- data/lib/mihari/{base.rb → actor.rb} +27 -3
- data/lib/mihari/analyzers/base.rb +16 -20
- data/lib/mihari/analyzers/binaryedge.rb +4 -1
- data/lib/mihari/analyzers/censys.rb +5 -3
- data/lib/mihari/analyzers/circl.rb +4 -1
- data/lib/mihari/analyzers/crtsh.rb +4 -1
- data/lib/mihari/analyzers/dnstwister.rb +4 -1
- data/lib/mihari/analyzers/feed.rb +3 -0
- data/lib/mihari/analyzers/fofa.rb +65 -0
- data/lib/mihari/analyzers/greynoise.rb +4 -1
- data/lib/mihari/analyzers/hunterhow.rb +7 -2
- data/lib/mihari/analyzers/onyphe.rb +4 -1
- data/lib/mihari/analyzers/otx.rb +4 -1
- data/lib/mihari/analyzers/passivetotal.rb +5 -2
- data/lib/mihari/analyzers/pulsedive.rb +4 -1
- data/lib/mihari/analyzers/securitytrails.rb +5 -2
- data/lib/mihari/analyzers/shodan.rb +4 -1
- data/lib/mihari/analyzers/urlscan.rb +5 -2
- data/lib/mihari/analyzers/virustotal.rb +9 -6
- data/lib/mihari/analyzers/virustotal_intelligence.rb +4 -1
- data/lib/mihari/analyzers/zoomeye.rb +8 -5
- data/lib/mihari/cli/alert.rb +3 -0
- data/lib/mihari/cli/base.rb +3 -0
- data/lib/mihari/cli/database.rb +3 -0
- data/lib/mihari/cli/main.rb +3 -0
- data/lib/mihari/cli/rule.rb +3 -0
- data/lib/mihari/clients/base.rb +3 -0
- data/lib/mihari/clients/binaryedge.rb +5 -2
- data/lib/mihari/clients/censys.rb +7 -4
- data/lib/mihari/clients/circl.rb +3 -0
- data/lib/mihari/clients/crtsh.rb +5 -2
- data/lib/mihari/clients/dnstwister.rb +3 -0
- data/lib/mihari/clients/fofa.rb +83 -0
- data/lib/mihari/clients/greynoise.rb +5 -2
- data/lib/mihari/clients/hunterhow.rb +5 -2
- data/lib/mihari/clients/misp.rb +3 -0
- data/lib/mihari/clients/onyphe.rb +5 -2
- data/lib/mihari/clients/otx.rb +3 -0
- data/lib/mihari/clients/passivetotal.rb +7 -4
- data/lib/mihari/clients/publsedive.rb +4 -1
- data/lib/mihari/clients/securitytrails.rb +6 -3
- data/lib/mihari/clients/shodan.rb +5 -2
- data/lib/mihari/clients/the_hive.rb +3 -0
- data/lib/mihari/clients/urlscan.rb +7 -4
- data/lib/mihari/clients/virustotal.rb +5 -2
- data/lib/mihari/clients/zoomeye.rb +3 -0
- data/lib/mihari/commands/alert.rb +5 -14
- data/lib/mihari/commands/database.rb +3 -0
- data/lib/mihari/commands/rule.rb +11 -11
- data/lib/mihari/commands/search.rb +9 -6
- data/lib/mihari/commands/version.rb +3 -0
- data/lib/mihari/commands/web.rb +4 -1
- data/lib/mihari/config.rb +139 -150
- data/lib/mihari/constants.rb +1 -1
- data/lib/mihari/database.rb +6 -0
- data/lib/mihari/emitters/base.rb +16 -25
- data/lib/mihari/emitters/database.rb +10 -9
- data/lib/mihari/emitters/misp.rb +20 -41
- data/lib/mihari/emitters/slack.rb +16 -13
- data/lib/mihari/emitters/the_hive.rb +18 -46
- data/lib/mihari/emitters/webhook.rb +34 -23
- data/lib/mihari/enrichers/base.rb +16 -15
- data/lib/mihari/enrichers/google_public_dns.rb +6 -5
- data/lib/mihari/enrichers/ipinfo.rb +10 -8
- data/lib/mihari/enrichers/shodan.rb +4 -6
- data/lib/mihari/enrichers/whois.rb +13 -10
- data/lib/mihari/errors.rb +6 -0
- data/lib/mihari/feed/parser.rb +3 -0
- data/lib/mihari/feed/reader.rb +3 -0
- data/lib/mihari/http.rb +6 -0
- data/lib/mihari/mixins/autonomous_system.rb +3 -0
- data/lib/mihari/mixins/configurable.rb +3 -0
- data/lib/mihari/mixins/error_notification.rb +3 -0
- data/lib/mihari/mixins/falsepositive.rb +3 -0
- data/lib/mihari/mixins/refang.rb +3 -0
- data/lib/mihari/mixins/retriable.rb +6 -2
- data/lib/mihari/models/alert.rb +78 -73
- data/lib/mihari/models/artifact.rb +186 -178
- data/lib/mihari/models/autonomous_system.rb +25 -20
- data/lib/mihari/models/cpe.rb +24 -19
- data/lib/mihari/models/dns.rb +27 -22
- data/lib/mihari/models/geolocation.rb +25 -20
- data/lib/mihari/models/port.rb +24 -19
- data/lib/mihari/models/reverse_dns.rb +24 -19
- data/lib/mihari/models/rule.rb +71 -66
- data/lib/mihari/models/tag.rb +8 -3
- data/lib/mihari/models/tagging.rb +8 -3
- data/lib/mihari/models/whois.rb +20 -17
- data/lib/mihari/rule.rb +357 -0
- data/lib/mihari/schemas/alert.rb +3 -0
- data/lib/mihari/schemas/analyzer.rb +105 -87
- data/lib/mihari/schemas/emitter.rb +12 -5
- data/lib/mihari/schemas/enricher.rb +11 -4
- data/lib/mihari/schemas/macros.rb +4 -0
- data/lib/mihari/schemas/mixins.rb +20 -0
- data/lib/mihari/schemas/rule.rb +6 -10
- data/lib/mihari/service.rb +16 -0
- data/lib/mihari/services/alert_builder.rb +8 -5
- data/lib/mihari/services/alert_proxy.rb +16 -7
- data/lib/mihari/services/alert_runner.rb +10 -14
- data/lib/mihari/services/rule_builder.rb +10 -7
- data/lib/mihari/services/rule_runner.rb +11 -13
- data/lib/mihari/structs/binaryedge.rb +14 -29
- data/lib/mihari/structs/censys.rb +54 -133
- data/lib/mihari/structs/config.rb +20 -31
- data/lib/mihari/structs/filters.rb +38 -0
- data/lib/mihari/structs/fofa.rb +44 -0
- data/lib/mihari/structs/google_public_dns.rb +10 -28
- data/lib/mihari/structs/greynoise.rb +38 -89
- data/lib/mihari/structs/hunterhow.rb +27 -25
- data/lib/mihari/structs/ipinfo.rb +14 -35
- data/lib/mihari/structs/onyphe.rb +36 -81
- data/lib/mihari/structs/shodan.rb +53 -118
- data/lib/mihari/structs/urlscan.rb +27 -66
- data/lib/mihari/structs/virustotal_intelligence.rb +23 -59
- data/lib/mihari/type_checker.rb +4 -0
- data/lib/mihari/types.rb +3 -0
- data/lib/mihari/version.rb +1 -1
- data/lib/mihari/web/api.rb +15 -10
- data/lib/mihari/web/app.rb +59 -54
- data/lib/mihari/web/endpoints/alerts.rb +94 -89
- data/lib/mihari/web/endpoints/artifacts.rb +115 -110
- data/lib/mihari/web/endpoints/configs.rb +18 -13
- data/lib/mihari/web/endpoints/ip_addresses.rb +21 -16
- data/lib/mihari/web/endpoints/rules.rb +202 -204
- data/lib/mihari/web/endpoints/tags.rb +41 -36
- data/lib/mihari/web/middleware/connection_adapter.rb +16 -9
- data/lib/mihari/web/middleware/error_notification_adapter.rb +17 -10
- data/lib/mihari/web/public/assets/{index-9cc489e6.js → index-821134e2.js} +54 -54
- data/lib/mihari/web/public/assets/mode-yaml-24faa242.js +8 -0
- data/lib/mihari/web/public/index.html +1 -1
- data/lib/mihari.rb +30 -13
- data/mihari.gemspec +9 -3
- data/mkdocs.yml +3 -2
- data/requirements.txt +1 -1
- metadata +44 -26
- data/lib/mihari/analyzers/rule.rb +0 -232
- data/lib/mihari/services/rule_proxy.rb +0 -182
- data/lib/mihari/templates/rule.yml.erb +0 -5
- data/lib/mihari/web/public/assets/mode-yaml-a21faa53.js +0 -8
@@ -6,44 +6,28 @@ module Mihari
|
|
6
6
|
class Result < Dry::Struct
|
7
7
|
include Mixins::AutonomousSystem
|
8
8
|
|
9
|
+
# @!attribute [r] asn
|
10
|
+
# @return [String]
|
9
11
|
attribute :asn, Types::String
|
12
|
+
|
13
|
+
# @!attribute [r] country_code
|
14
|
+
# @return [String, nll]
|
10
15
|
attribute :country_code, Types::String.optional
|
11
|
-
attribute :ip, Types::String
|
12
|
-
attribute :metadata, Types::Hash
|
13
16
|
|
14
|
-
#
|
15
|
-
#
|
16
|
-
#
|
17
|
-
def asn
|
18
|
-
attributes[:asn]
|
19
|
-
end
|
17
|
+
# @!attribute [r] ip
|
18
|
+
# @return [String]
|
20
19
|
|
21
|
-
|
22
|
-
# @return [String, nil]
|
23
|
-
#
|
24
|
-
def country_code
|
25
|
-
attributes[:country_code]
|
26
|
-
end
|
27
|
-
|
28
|
-
#
|
29
|
-
# @return [String]
|
30
|
-
#
|
31
|
-
def ip
|
32
|
-
attributes[:ip]
|
33
|
-
end
|
20
|
+
attribute :ip, Types::String
|
34
21
|
|
35
|
-
#
|
36
|
-
#
|
37
|
-
|
38
|
-
def metadata
|
39
|
-
attributes[:metadata]
|
40
|
-
end
|
22
|
+
# @!attribute [r] metadata
|
23
|
+
# @return [Hash]
|
24
|
+
attribute :metadata, Types::Hash
|
41
25
|
|
42
26
|
#
|
43
|
-
# @return [Mihari::Artifact]
|
27
|
+
# @return [Mihari::Models::Artifact]
|
44
28
|
#
|
45
29
|
def artifact
|
46
|
-
Mihari::Artifact.new(
|
30
|
+
Mihari::Models::Artifact.new(
|
47
31
|
data: ip,
|
48
32
|
metadata: metadata,
|
49
33
|
autonomous_system: as,
|
@@ -57,7 +41,7 @@ module Mihari
|
|
57
41
|
def geolocation
|
58
42
|
return nil if country_code.nil?
|
59
43
|
|
60
|
-
Mihari::Geolocation.new(
|
44
|
+
Mihari::Models::Geolocation.new(
|
61
45
|
country: NormalizeCountry(country_code, to: :short),
|
62
46
|
country_code: country_code
|
63
47
|
)
|
@@ -67,7 +51,7 @@ module Mihari
|
|
67
51
|
# @return [Mihari::AutonomousSystem]
|
68
52
|
#
|
69
53
|
def as
|
70
|
-
Mihari::AutonomousSystem.new(asn: normalize_asn(asn))
|
54
|
+
Mihari::Models::AutonomousSystem.new(asn: normalize_asn(asn))
|
71
55
|
end
|
72
56
|
|
73
57
|
class << self
|
@@ -90,65 +74,36 @@ module Mihari
|
|
90
74
|
end
|
91
75
|
|
92
76
|
class Response < Dry::Struct
|
77
|
+
# @!attribute [r] count
|
78
|
+
# @return [Integer]
|
93
79
|
attribute :count, Types::Int
|
94
|
-
attribute :error, Types::Int
|
95
|
-
attribute :max_page, Types::Int
|
96
|
-
attribute :page, Types::Int
|
97
|
-
attribute :results, Types.Array(Result)
|
98
|
-
attribute :status, Types::String
|
99
|
-
attribute :total, Types::Int
|
100
|
-
|
101
|
-
#
|
102
|
-
# @return [Integer]
|
103
|
-
#
|
104
|
-
def count
|
105
|
-
attributes[:count]
|
106
|
-
end
|
107
80
|
|
108
|
-
#
|
109
|
-
#
|
110
|
-
|
111
|
-
def error
|
112
|
-
attributes[:error]
|
113
|
-
end
|
81
|
+
# @!attribute [r] error
|
82
|
+
# @return [Integer]
|
83
|
+
attribute :error, Types::Int
|
114
84
|
|
115
|
-
#
|
116
|
-
#
|
117
|
-
|
118
|
-
def max_page
|
119
|
-
attributes[:max_page]
|
120
|
-
end
|
85
|
+
# @!attribute [r] max_page
|
86
|
+
# @return [Integer]
|
87
|
+
attribute :max_page, Types::Int
|
121
88
|
|
122
|
-
#
|
123
|
-
#
|
124
|
-
|
125
|
-
def page
|
126
|
-
attributes[:page]
|
127
|
-
end
|
89
|
+
# @!attribute [r] page
|
90
|
+
# @return [Integer]
|
91
|
+
attribute :page, Types::Int
|
128
92
|
|
129
|
-
#
|
130
|
-
#
|
131
|
-
|
132
|
-
def results
|
133
|
-
attributes[:results]
|
134
|
-
end
|
93
|
+
# @!attribute [r] results
|
94
|
+
# @return [Array<Result>]
|
95
|
+
attribute :results, Types.Array(Result)
|
135
96
|
|
136
|
-
#
|
137
|
-
#
|
138
|
-
|
139
|
-
def status
|
140
|
-
attributes[:status]
|
141
|
-
end
|
97
|
+
# @!attribute [r] status
|
98
|
+
# @return [String]
|
99
|
+
attribute :status, Types::String
|
142
100
|
|
143
|
-
#
|
144
|
-
#
|
145
|
-
|
146
|
-
def total
|
147
|
-
attributes[:total]
|
148
|
-
end
|
101
|
+
# @!attribute [r] total
|
102
|
+
# @return [Integer]
|
103
|
+
attribute :total, Types::Int
|
149
104
|
|
150
105
|
#
|
151
|
-
# @return [Array<Mihari::Artifact>]
|
106
|
+
# @return [Array<Mihari::Models::Artifact>]
|
152
107
|
#
|
153
108
|
def artifacts
|
154
109
|
results.map(&:artifact)
|
@@ -4,22 +4,13 @@ module Mihari
|
|
4
4
|
module Structs
|
5
5
|
module Shodan
|
6
6
|
class Location < Dry::Struct
|
7
|
+
# @!attribute [r] country_code
|
8
|
+
# @return [String, nil]
|
7
9
|
attribute :country_code, Types::String.optional
|
8
|
-
attribute :country_name, Types::String.optional
|
9
|
-
|
10
|
-
#
|
11
|
-
# @return [String, nil]
|
12
|
-
#
|
13
|
-
def country_code
|
14
|
-
attributes[:country_code]
|
15
|
-
end
|
16
10
|
|
17
|
-
#
|
18
|
-
#
|
19
|
-
|
20
|
-
def country_name
|
21
|
-
attributes[:country_name]
|
22
|
-
end
|
11
|
+
# @!attribute [r] country_name
|
12
|
+
# @return [String, nil]
|
13
|
+
attribute :country_name, Types::String.optional
|
23
14
|
|
24
15
|
#
|
25
16
|
# @return [Mihari::Geolocation, nil]
|
@@ -27,7 +18,7 @@ module Mihari
|
|
27
18
|
def geolocation
|
28
19
|
return nil if country_name.nil? && country_code.nil?
|
29
20
|
|
30
|
-
Mihari::Geolocation.new(
|
21
|
+
Mihari::Models::Geolocation.new(
|
31
22
|
country: country_name,
|
32
23
|
country_code: country_code
|
33
24
|
)
|
@@ -52,55 +43,33 @@ module Mihari
|
|
52
43
|
class Match < Dry::Struct
|
53
44
|
include Mixins::AutonomousSystem
|
54
45
|
|
46
|
+
# @!attribute [r] asn
|
47
|
+
# @return [String, nil]
|
55
48
|
attribute :asn, Types::String.optional
|
56
|
-
attribute :hostnames, Types.Array(Types::String)
|
57
|
-
attribute :location, Location
|
58
|
-
attribute :domains, Types.Array(Types::String)
|
59
|
-
attribute :ip_str, Types::String
|
60
|
-
attribute :port, Types::Integer
|
61
|
-
attribute :metadata, Types::Hash
|
62
49
|
|
63
|
-
#
|
64
|
-
#
|
65
|
-
|
66
|
-
def asn
|
67
|
-
attributes[:asn]
|
68
|
-
end
|
50
|
+
# @!attribute [r] hostname
|
51
|
+
# @return [Array<String>]
|
52
|
+
attribute :hostnames, Types.Array(Types::String)
|
69
53
|
|
70
|
-
#
|
71
|
-
#
|
72
|
-
|
73
|
-
def hostnames
|
74
|
-
attributes[:hostnames]
|
75
|
-
end
|
54
|
+
# @!attribute [r] location
|
55
|
+
# @return [Location]
|
56
|
+
attribute :location, Location
|
76
57
|
|
77
|
-
#
|
78
|
-
#
|
79
|
-
|
80
|
-
def location
|
81
|
-
attributes[:location]
|
82
|
-
end
|
58
|
+
# @!attribute [r] domains
|
59
|
+
# @return [Array<String>]
|
60
|
+
attribute :domains, Types.Array(Types::String)
|
83
61
|
|
84
|
-
#
|
85
|
-
#
|
86
|
-
|
87
|
-
def ip_str
|
88
|
-
attributes[:ip_str]
|
89
|
-
end
|
62
|
+
# @!attribute [r] ip_str
|
63
|
+
# @return [String]
|
64
|
+
attribute :ip_str, Types::String
|
90
65
|
|
91
|
-
#
|
92
|
-
#
|
93
|
-
|
94
|
-
def port
|
95
|
-
attributes[:port]
|
96
|
-
end
|
66
|
+
# @!attribute [r] port
|
67
|
+
# @return [Integer]
|
68
|
+
attribute :port, Types::Int
|
97
69
|
|
98
|
-
#
|
99
|
-
#
|
100
|
-
|
101
|
-
def metadata
|
102
|
-
attributes[:metadata]
|
103
|
-
end
|
70
|
+
# @!attribute [r] metadata
|
71
|
+
# @return [Hash]
|
72
|
+
attribute :metadata, Types::Hash
|
104
73
|
|
105
74
|
#
|
106
75
|
# @return [Mihari::AutonomousSystem, nil]
|
@@ -108,7 +77,7 @@ module Mihari
|
|
108
77
|
def _asn
|
109
78
|
return nil if asn.nil?
|
110
79
|
|
111
|
-
Mihari::AutonomousSystem.new(asn: normalize_asn(asn))
|
80
|
+
Mihari::Models::AutonomousSystem.new(asn: normalize_asn(asn))
|
112
81
|
end
|
113
82
|
|
114
83
|
class << self
|
@@ -141,22 +110,13 @@ module Mihari
|
|
141
110
|
end
|
142
111
|
|
143
112
|
class Response < Dry::Struct
|
113
|
+
# @!attribute [r] matches
|
114
|
+
# @return [Array<Match>]
|
144
115
|
attribute :matches, Types.Array(Match)
|
145
|
-
attribute :total, Types::Int
|
146
|
-
|
147
|
-
#
|
148
|
-
# @return [Array<Match>]
|
149
|
-
#
|
150
|
-
def matches
|
151
|
-
attributes[:matches]
|
152
|
-
end
|
153
116
|
|
154
|
-
#
|
155
|
-
#
|
156
|
-
|
157
|
-
def total
|
158
|
-
attributes[:total]
|
159
|
-
end
|
117
|
+
# @!attribute [r] total
|
118
|
+
# @return [Integer]
|
119
|
+
attribute :total, Types::Int
|
160
120
|
|
161
121
|
#
|
162
122
|
# Collect metadata from matches
|
@@ -192,20 +152,20 @@ module Mihari
|
|
192
152
|
end
|
193
153
|
|
194
154
|
#
|
195
|
-
# @return [Array<Mihari::Artifact>]
|
155
|
+
# @return [Array<Mihari::Models::Artifact>]
|
196
156
|
#
|
197
157
|
def artifacts
|
198
158
|
matches.map do |match|
|
199
159
|
metadata = collect_metadata_by_ip(match.ip_str)
|
200
160
|
|
201
161
|
ports = collect_ports_by_ip(match.ip_str).map do |port|
|
202
|
-
Mihari::Port.new(port: port)
|
162
|
+
Mihari::Models::Port.new(port: port)
|
203
163
|
end
|
204
164
|
reverse_dns_names = collect_hostnames_by_ip(match.ip_str).map do |name|
|
205
|
-
Mihari::ReverseDnsName.new(name: name)
|
165
|
+
Mihari::Models::ReverseDnsName.new(name: name)
|
206
166
|
end
|
207
167
|
|
208
|
-
Mihari::Artifact.new(
|
168
|
+
Mihari::Models::Artifact.new(
|
209
169
|
data: match.ip_str,
|
210
170
|
metadata: metadata,
|
211
171
|
autonomous_system: match._asn,
|
@@ -233,54 +193,29 @@ module Mihari
|
|
233
193
|
end
|
234
194
|
|
235
195
|
class InternetDBResponse < Dry::Struct
|
196
|
+
# @!attribute [r] ip
|
197
|
+
# @return [String]
|
236
198
|
attribute :ip, Types::String
|
237
|
-
attribute :ports, Types.Array(Types::Int)
|
238
|
-
attribute :cpes, Types.Array(Types::String)
|
239
|
-
attribute :hostnames, Types.Array(Types::String)
|
240
|
-
attribute :tags, Types.Array(Types::String)
|
241
|
-
attribute :vulns, Types.Array(Types::String)
|
242
|
-
|
243
|
-
#
|
244
|
-
# @return [String]
|
245
|
-
#
|
246
|
-
def ip
|
247
|
-
attributes[:ip]
|
248
|
-
end
|
249
199
|
|
250
|
-
#
|
251
|
-
#
|
252
|
-
|
253
|
-
def ports
|
254
|
-
attributes[:ports]
|
255
|
-
end
|
200
|
+
# @!attribute [r] ports
|
201
|
+
# @return [Array<Integer>]
|
202
|
+
attribute :ports, Types.Array(Types::Int)
|
256
203
|
|
257
|
-
#
|
258
|
-
#
|
259
|
-
|
260
|
-
def cpes
|
261
|
-
attributes[:cpes]
|
262
|
-
end
|
204
|
+
# @!attribute [r] cpes
|
205
|
+
# @return [Array<String>]
|
206
|
+
attribute :cpes, Types.Array(Types::String)
|
263
207
|
|
264
|
-
#
|
265
|
-
#
|
266
|
-
|
267
|
-
def hostnames
|
268
|
-
attributes[:hostnames]
|
269
|
-
end
|
208
|
+
# @!attribute [r] hostnames
|
209
|
+
# @return [Array<String>]
|
210
|
+
attribute :hostnames, Types.Array(Types::String)
|
270
211
|
|
271
|
-
#
|
272
|
-
#
|
273
|
-
|
274
|
-
def tags
|
275
|
-
attributes[:tags]
|
276
|
-
end
|
212
|
+
# @!attribute [r] tags
|
213
|
+
# @return [Array<String>]
|
214
|
+
attribute :tags, Types.Array(Types::String)
|
277
215
|
|
278
|
-
#
|
279
|
-
#
|
280
|
-
|
281
|
-
def vulns
|
282
|
-
attributes[:vulns]
|
283
|
-
end
|
216
|
+
# @!attribute [r] vulns
|
217
|
+
# @return [Array<String>]
|
218
|
+
attribute :vulns, Types.Array(Types::String)
|
284
219
|
|
285
220
|
class << self
|
286
221
|
#
|
@@ -4,30 +4,17 @@ module Mihari
|
|
4
4
|
module Structs
|
5
5
|
module Urlscan
|
6
6
|
class Page < Dry::Struct
|
7
|
+
# @!attribute [r] domain
|
8
|
+
# @return [String]
|
7
9
|
attribute :domain, Types::String.optional
|
8
|
-
attribute :ip, Types::String.optional
|
9
|
-
attribute :url, Types::String
|
10
|
-
|
11
|
-
#
|
12
|
-
# @return [String, nil]
|
13
|
-
#
|
14
|
-
def domain
|
15
|
-
attributes[:domain]
|
16
|
-
end
|
17
10
|
|
18
|
-
#
|
19
|
-
#
|
20
|
-
|
21
|
-
def ip
|
22
|
-
attributes[:ip]
|
23
|
-
end
|
11
|
+
# @!attribute [r] ip
|
12
|
+
# @return [String, nil]
|
13
|
+
attribute :ip, Types::String.optional
|
24
14
|
|
25
|
-
#
|
26
|
-
#
|
27
|
-
|
28
|
-
def url
|
29
|
-
attributes[:url]
|
30
|
-
end
|
15
|
+
# @!attribute [r] url
|
16
|
+
# @return [String]
|
17
|
+
attribute :url, Types::String
|
31
18
|
|
32
19
|
class << self
|
33
20
|
#
|
@@ -47,45 +34,28 @@ module Mihari
|
|
47
34
|
end
|
48
35
|
|
49
36
|
class Result < Dry::Struct
|
37
|
+
# @!attribute [r] page
|
38
|
+
# @return [Page]
|
50
39
|
attribute :page, Page
|
51
|
-
attribute :id, Types::String
|
52
|
-
attribute :sort, Types.Array(Types::String | Types::Integer)
|
53
|
-
attribute :metadata, Types::Hash
|
54
|
-
|
55
|
-
#
|
56
|
-
# @return [Page]
|
57
|
-
#
|
58
|
-
def page
|
59
|
-
attributes[:page]
|
60
|
-
end
|
61
40
|
|
62
|
-
#
|
63
|
-
#
|
64
|
-
|
65
|
-
def id
|
66
|
-
attributes[:id]
|
67
|
-
end
|
41
|
+
# @!attribute [r] pid
|
42
|
+
# @return [String]
|
43
|
+
attribute :id, Types::String
|
68
44
|
|
69
|
-
#
|
70
|
-
#
|
71
|
-
|
72
|
-
def sort
|
73
|
-
attributes[:sort]
|
74
|
-
end
|
45
|
+
# @!attribute [r] sort
|
46
|
+
# @return [Array<String, Integer>]
|
47
|
+
attribute :sort, Types.Array(Types::String | Types::Int)
|
75
48
|
|
76
|
-
#
|
77
|
-
#
|
78
|
-
|
79
|
-
def metadata
|
80
|
-
attributes[:metadata]
|
81
|
-
end
|
49
|
+
# @!attribute [r] metadata
|
50
|
+
# @return [Hash]
|
51
|
+
attribute :metadata, Types::Hash
|
82
52
|
|
83
53
|
#
|
84
|
-
# @return [Array<Mihari::Artifact>]
|
54
|
+
# @return [Array<Mihari::Models::Artifact>]
|
85
55
|
#
|
86
56
|
def artifacts
|
87
57
|
values = [page.url, page.domain, page.ip].compact
|
88
|
-
values.map { |value| Mihari::Artifact.new(data: value, metadata: metadata) }
|
58
|
+
values.map { |value| Mihari::Models::Artifact.new(data: value, metadata: metadata) }
|
89
59
|
end
|
90
60
|
|
91
61
|
class << self
|
@@ -107,25 +77,16 @@ module Mihari
|
|
107
77
|
end
|
108
78
|
|
109
79
|
class Response < Dry::Struct
|
80
|
+
# @!attribute [r] results
|
81
|
+
# @return [Array<Result>]
|
110
82
|
attribute :results, Types.Array(Result)
|
111
|
-
attribute :has_more, Types::Bool
|
112
|
-
|
113
|
-
#
|
114
|
-
# @return [Array<Result>]
|
115
|
-
#
|
116
|
-
def results
|
117
|
-
attributes[:results]
|
118
|
-
end
|
119
83
|
|
120
|
-
#
|
121
|
-
#
|
122
|
-
|
123
|
-
def has_more
|
124
|
-
attributes[:has_more]
|
125
|
-
end
|
84
|
+
# @!attribute [r] has_more
|
85
|
+
# @return [Boolean]
|
86
|
+
attribute :has_more, Types::Bool
|
126
87
|
|
127
88
|
#
|
128
|
-
# @return [Array<Mihari::Artifact>]
|
89
|
+
# @return [Array<Mihari::Models::Artifact>]
|
129
90
|
#
|
130
91
|
def artifacts
|
131
92
|
results.map(&:artifacts).flatten
|
@@ -4,15 +4,10 @@ module Mihari
|
|
4
4
|
module Structs
|
5
5
|
module VirusTotalIntelligence
|
6
6
|
class ContextAttributes < Dry::Struct
|
7
|
+
# @!attribute [r] url
|
8
|
+
# @return [String, nil]
|
7
9
|
attribute :url, Types::String.optional
|
8
10
|
|
9
|
-
#
|
10
|
-
# @return [String, nil]
|
11
|
-
#
|
12
|
-
def url
|
13
|
-
attributes[:url]
|
14
|
-
end
|
15
|
-
|
16
11
|
class << self
|
17
12
|
#
|
18
13
|
# @param [Hash] d
|
@@ -27,38 +22,21 @@ module Mihari
|
|
27
22
|
end
|
28
23
|
|
29
24
|
class Datum < Dry::Struct
|
25
|
+
# @!attribute [r] type
|
26
|
+
# @return [String]
|
30
27
|
attribute :type, Types::String
|
31
|
-
attribute :id, Types::String
|
32
|
-
attribute :context_attributes, ContextAttributes.optional
|
33
|
-
attribute :metadata, Types::Hash
|
34
28
|
|
35
|
-
#
|
36
|
-
#
|
37
|
-
|
38
|
-
def type
|
39
|
-
attributes[:type]
|
40
|
-
end
|
41
|
-
|
42
|
-
#
|
43
|
-
# @return [String]
|
44
|
-
#
|
45
|
-
def id
|
46
|
-
attributes[:id]
|
47
|
-
end
|
29
|
+
# @!attribute [r] id
|
30
|
+
# @return [String]
|
31
|
+
attribute :id, Types::String
|
48
32
|
|
49
|
-
#
|
50
|
-
#
|
51
|
-
|
52
|
-
def context_attributes
|
53
|
-
attributes[:context_attributes]
|
54
|
-
end
|
33
|
+
# @!attribute [r] context_attributes
|
34
|
+
# @return [ContextAttributes, nil]
|
35
|
+
attribute :context_attributes, ContextAttributes.optional
|
55
36
|
|
56
|
-
#
|
57
|
-
#
|
58
|
-
|
59
|
-
def metadata
|
60
|
-
attributes[:metadata]
|
61
|
-
end
|
37
|
+
# @!attribute [r] metadata
|
38
|
+
# @return [Hash]
|
39
|
+
attribute :metadata, Types::Hash
|
62
40
|
|
63
41
|
#
|
64
42
|
# @return [String, nil]
|
@@ -77,10 +55,10 @@ module Mihari
|
|
77
55
|
end
|
78
56
|
|
79
57
|
#
|
80
|
-
# @return [Mihari::Artifact]
|
58
|
+
# @return [Mihari::Models::Artifact]
|
81
59
|
#
|
82
60
|
def artifact
|
83
|
-
Artifact.new(data: value, metadata: metadata)
|
61
|
+
Models::Artifact.new(data: value, metadata: metadata)
|
84
62
|
end
|
85
63
|
|
86
64
|
class << self
|
@@ -108,15 +86,10 @@ module Mihari
|
|
108
86
|
end
|
109
87
|
|
110
88
|
class Meta < Dry::Struct
|
89
|
+
# @!attribute [r] cursor
|
90
|
+
# @return [String, nil]
|
111
91
|
attribute :cursor, Types::String.optional
|
112
92
|
|
113
|
-
#
|
114
|
-
# @return [String, nil]
|
115
|
-
#
|
116
|
-
def cursor
|
117
|
-
attributes[:cursor]
|
118
|
-
end
|
119
|
-
|
120
93
|
class << self
|
121
94
|
#
|
122
95
|
# @param [Hash] d
|
@@ -133,25 +106,16 @@ module Mihari
|
|
133
106
|
end
|
134
107
|
|
135
108
|
class Response < Dry::Struct
|
109
|
+
# @!attribute [r] meta
|
110
|
+
# @return [Meta]
|
136
111
|
attribute :meta, Meta
|
137
|
-
attribute :data, Types.Array(Datum)
|
138
|
-
|
139
|
-
#
|
140
|
-
# @return [Meta]
|
141
|
-
#
|
142
|
-
def meta
|
143
|
-
attributes[:meta]
|
144
|
-
end
|
145
112
|
|
146
|
-
#
|
147
|
-
#
|
148
|
-
|
149
|
-
def data
|
150
|
-
attributes[:data]
|
151
|
-
end
|
113
|
+
# @!attribute [r] data
|
114
|
+
# @return [Array<Datum>]
|
115
|
+
attribute :data, Types.Array(Datum)
|
152
116
|
|
153
117
|
#
|
154
|
-
# @return [Array<Mihari::Artifact>]
|
118
|
+
# @return [Array<Mihari::Models::Artifact>]
|
155
119
|
#
|
156
120
|
def artifacts
|
157
121
|
data.map(&:artifact)
|
data/lib/mihari/type_checker.rb
CHANGED
@@ -1,6 +1,9 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
module Mihari
|
4
|
+
#
|
5
|
+
# Artifact type checker
|
6
|
+
#
|
4
7
|
class TypeChecker
|
5
8
|
# @return [String]
|
6
9
|
attr_reader :data
|
@@ -54,6 +57,7 @@ module Mihari
|
|
54
57
|
return "ip" if ip?
|
55
58
|
return "domain" if domain?
|
56
59
|
return "url" if url?
|
60
|
+
|
57
61
|
"mail" if mail?
|
58
62
|
end
|
59
63
|
|
data/lib/mihari/types.rb
CHANGED
data/lib/mihari/version.rb
CHANGED