mihari 5.7.0 → 5.7.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +1 -1
- data/lib/mihari/actor.rb +10 -4
- data/lib/mihari/commands/alert.rb +6 -4
- data/lib/mihari/commands/search.rb +10 -29
- data/lib/mihari/enrichers/ipinfo.rb +1 -1
- data/lib/mihari/entities/tag.rb +1 -0
- data/lib/mihari/rule.rb +14 -0
- data/lib/mihari/service.rb +12 -2
- data/lib/mihari/services/alert_builder.rb +81 -8
- data/lib/mihari/services/alert_runner.rb +3 -10
- data/lib/mihari/services/rule_builder.rb +8 -10
- data/lib/mihari/services/rule_runner.rb +2 -25
- data/lib/mihari/structs/binaryedge.rb +9 -0
- data/lib/mihari/structs/censys.rb +0 -14
- data/lib/mihari/structs/fofa.rb +3 -0
- data/lib/mihari/structs/google_public_dns.rb +0 -4
- data/lib/mihari/structs/greynoise.rb +0 -6
- data/lib/mihari/structs/hunterhow.rb +0 -6
- data/lib/mihari/structs/ipinfo.rb +0 -2
- data/lib/mihari/structs/onyphe.rb +0 -4
- data/lib/mihari/structs/shodan.rb +0 -2
- data/lib/mihari/structs/urlscan.rb +0 -6
- data/lib/mihari/structs/virustotal_intelligence.rb +0 -8
- data/lib/mihari/version.rb +1 -1
- data/lib/mihari/web/app.rb +20 -17
- data/lib/mihari/web/endpoints/alerts.rb +75 -38
- data/lib/mihari/web/endpoints/artifacts.rb +60 -53
- data/lib/mihari/web/endpoints/ip_addresses.rb +19 -4
- data/lib/mihari/web/endpoints/rules.rb +132 -88
- data/lib/mihari/web/endpoints/tags.rb +15 -13
- data/lib/mihari/web/public/assets/{index-821134e2.js → index-07fafab5.js} +4 -3
- data/lib/mihari/web/public/index.html +1 -1
- data/lib/mihari.rb +0 -1
- data/mihari.gemspec +1 -1
- data/mkdocs.yml +1 -0
- metadata +3 -130
- data/docs/alternatives.md +0 -5
- data/docs/analyzers/binaryedge.md +0 -26
- data/docs/analyzers/censys.md +0 -31
- data/docs/analyzers/circl.md +0 -37
- data/docs/analyzers/crtsh.md +0 -26
- data/docs/analyzers/dnstwister.md +0 -25
- data/docs/analyzers/feed.md +0 -73
- data/docs/analyzers/fofa.md +0 -31
- data/docs/analyzers/greynoise.md +0 -26
- data/docs/analyzers/hunterhow.md +0 -33
- data/docs/analyzers/index.md +0 -104
- data/docs/analyzers/onyphe.md +0 -26
- data/docs/analyzers/otx.md +0 -28
- data/docs/analyzers/passivetotal.md +0 -52
- data/docs/analyzers/pulsedive.md +0 -28
- data/docs/analyzers/securitytrails.md +0 -41
- data/docs/analyzers/shodan.md +0 -26
- data/docs/analyzers/urlscan.md +0 -28
- data/docs/analyzers/virustotal.md +0 -43
- data/docs/analyzers/virustotal_intelligence.md +0 -33
- data/docs/analyzers/zoomeye.md +0 -38
- data/docs/configuration.md +0 -35
- data/docs/emitters/database.md +0 -22
- data/docs/emitters/hive.md +0 -26
- data/docs/emitters/index.md +0 -36
- data/docs/emitters/misp.md +0 -21
- data/docs/emitters/slack.md +0 -21
- data/docs/emitters/webhook.md +0 -63
- data/docs/enrichers/google_public_dns.md +0 -19
- data/docs/enrichers/index.md +0 -35
- data/docs/enrichers/ipinfo.md +0 -26
- data/docs/enrichers/shodan.md +0 -22
- data/docs/enrichers/whois.md +0 -17
- data/docs/github_actions.md +0 -43
- data/docs/index.md +0 -11
- data/docs/installation.md +0 -31
- data/docs/requirements.md +0 -13
- data/docs/rule.md +0 -168
- data/docs/tags.md +0 -3
- data/docs/usage.md +0 -103
- data/frontend/.eslintrc.cjs +0 -22
- data/frontend/.gitignore +0 -31
- data/frontend/.prettierrc.json +0 -8
- data/frontend/README.md +0 -3
- data/frontend/env.d.ts +0 -5
- data/frontend/index.html +0 -21
- data/frontend/package-lock.json +0 -7219
- data/frontend/package.json +0 -67
- data/frontend/public/favicon.ico +0 -0
- data/frontend/scripts/swagger_doc_to_yaml.rb +0 -23
- data/frontend/src/App.vue +0 -27
- data/frontend/src/ace-config.ts +0 -6
- data/frontend/src/api-helper.ts +0 -111
- data/frontend/src/api.ts +0 -105
- data/frontend/src/components/ErrorMessage.vue +0 -31
- data/frontend/src/components/Loading.vue +0 -15
- data/frontend/src/components/Navbar.vue +0 -42
- data/frontend/src/components/Pagination.vue +0 -119
- data/frontend/src/components/alert/Alert.vue +0 -87
- data/frontend/src/components/alert/Alerts.vue +0 -63
- data/frontend/src/components/alert/AlertsWithPagination.vue +0 -90
- data/frontend/src/components/alert/AlertsWrapper.vue +0 -128
- data/frontend/src/components/alert/Form.vue +0 -169
- data/frontend/src/components/artifact/AS.vue +0 -23
- data/frontend/src/components/artifact/Artifact.vue +0 -287
- data/frontend/src/components/artifact/ArtifactTag.vue +0 -64
- data/frontend/src/components/artifact/ArtifactTags.vue +0 -29
- data/frontend/src/components/artifact/ArtifactWrapper.vue +0 -57
- data/frontend/src/components/artifact/CPEs.vue +0 -23
- data/frontend/src/components/artifact/DnsRecords.vue +0 -32
- data/frontend/src/components/artifact/Ports.vue +0 -23
- data/frontend/src/components/artifact/ReverseDnsNames.vue +0 -23
- data/frontend/src/components/artifact/Tags.vue +0 -29
- data/frontend/src/components/artifact/WhoisRecord.vue +0 -44
- data/frontend/src/components/config/Configs.vue +0 -65
- data/frontend/src/components/config/ConfigsWrapper.vue +0 -32
- data/frontend/src/components/link/Link.vue +0 -32
- data/frontend/src/components/link/Links.vue +0 -42
- data/frontend/src/components/rule/EditRule.vue +0 -72
- data/frontend/src/components/rule/EditRuleWrapper.vue +0 -48
- data/frontend/src/components/rule/Form.vue +0 -158
- data/frontend/src/components/rule/InputForm.vue +0 -45
- data/frontend/src/components/rule/NewRule.vue +0 -57
- data/frontend/src/components/rule/Rule.vue +0 -100
- data/frontend/src/components/rule/RuleWrapper.vue +0 -53
- data/frontend/src/components/rule/Rules.vue +0 -84
- data/frontend/src/components/rule/RulesWrapper.vue +0 -121
- data/frontend/src/components/rule/YAML.vue +0 -37
- data/frontend/src/components/tag/Tag.vue +0 -65
- data/frontend/src/components/tag/Tags.vue +0 -37
- data/frontend/src/countries.ts +0 -350
- data/frontend/src/index.ts +0 -20
- data/frontend/src/links/anyrun.ts +0 -19
- data/frontend/src/links/base.ts +0 -14
- data/frontend/src/links/censys.ts +0 -20
- data/frontend/src/links/crtsh.ts +0 -20
- data/frontend/src/links/dnslytics.ts +0 -38
- data/frontend/src/links/greynoise.ts +0 -20
- data/frontend/src/links/index.ts +0 -40
- data/frontend/src/links/intezer.ts +0 -20
- data/frontend/src/links/otx.ts +0 -33
- data/frontend/src/links/securitytrails.ts +0 -38
- data/frontend/src/links/shodan.ts +0 -20
- data/frontend/src/links/urlscan.ts +0 -50
- data/frontend/src/links/virustotal.ts +0 -72
- data/frontend/src/main.ts +0 -41
- data/frontend/src/router/index.ts +0 -57
- data/frontend/src/rule.ts +0 -14
- data/frontend/src/shims-vue.d.ts +0 -6
- data/frontend/src/swagger.yaml +0 -771
- data/frontend/src/types.ts +0 -188
- data/frontend/src/utils.ts +0 -54
- data/frontend/src/views/Alerts.vue +0 -20
- data/frontend/src/views/Artifact.vue +0 -39
- data/frontend/src/views/Configs.vue +0 -20
- data/frontend/src/views/EditRule.vue +0 -39
- data/frontend/src/views/NewRule.vue +0 -26
- data/frontend/src/views/Rule.vue +0 -39
- data/frontend/src/views/Rules.vue +0 -20
- data/frontend/tests/utils.spec.ts +0 -9
- data/frontend/tsconfig.app.json +0 -21
- data/frontend/tsconfig.json +0 -14
- data/frontend/tsconfig.node.json +0 -13
- data/frontend/tsconfig.vitest.json +0 -12
- data/frontend/vite.config.ts +0 -24
- data/frontend/vitest.config.ts +0 -21
- data/lib/mihari/services/alert_proxy.rb +0 -97
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2d27340b82929d2a9dba6cab93c9e429112eed2f254f18595b765bd65852cdfa
|
|
4
|
+
data.tar.gz: 137141dad2d1b3c4f5b33a2ed38824a9e19c965c7d13e99d20358c2d546dd24c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 84825a14e57d1e740d7ee1e312ac23454017665b92dbdbe9fd2fe0cb55eb900addda0d9563049cf493094b67e9f1e5888d09fe37e7a102db5732f09837558fec
|
|
7
|
+
data.tar.gz: 393031f2550d7943271dd4b662c65b1da2df322661cdf1228808848e93f7bb7f65acaf8d1861599036bd951b464b5248f615e2abd738b171699eaf396b64f7c4
|
data/.rubocop.yml
CHANGED
data/lib/mihari/actor.rb
CHANGED
|
@@ -2,9 +2,11 @@
|
|
|
2
2
|
|
|
3
3
|
module Mihari
|
|
4
4
|
#
|
|
5
|
-
#
|
|
5
|
+
# Yet another base service class for Analyzer, Emitter and Enricher
|
|
6
6
|
#
|
|
7
|
-
class Actor
|
|
7
|
+
class Actor
|
|
8
|
+
include Dry::Monads[:result, :try]
|
|
9
|
+
|
|
8
10
|
include Mixins::Configurable
|
|
9
11
|
include Mixins::Retriable
|
|
10
12
|
|
|
@@ -57,13 +59,17 @@ module Mihari
|
|
|
57
59
|
raise ConfigurationError, message
|
|
58
60
|
end
|
|
59
61
|
|
|
60
|
-
def
|
|
62
|
+
def call(*args, **kwargs)
|
|
63
|
+
raise NotImplementedError, "You must implement #{self.class}##{__method__}"
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
def result(...)
|
|
61
67
|
Try[StandardError] do
|
|
62
68
|
retry_on_error(
|
|
63
69
|
times: retry_times,
|
|
64
70
|
interval: retry_interval,
|
|
65
71
|
exponential_backoff: retry_exponential_backoff
|
|
66
|
-
) { call }
|
|
72
|
+
) { call(...) }
|
|
67
73
|
end.to_result
|
|
68
74
|
end
|
|
69
75
|
|
|
@@ -17,11 +17,13 @@ module Mihari
|
|
|
17
17
|
#
|
|
18
18
|
def add(path)
|
|
19
19
|
Mihari::Database.with_db_connection do
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
20
|
+
result = Dry::Monads::Try[StandardError] do
|
|
21
|
+
# @type [Mihari::Services::AlertProxy]
|
|
22
|
+
proxy = Mihari::Services::AlertBuilder.call(path)
|
|
23
|
+
Mihari::Services::AlertRunner.call(proxy)
|
|
24
|
+
end.to_result
|
|
24
25
|
|
|
26
|
+
# @type [Mihari::Models::Alert]
|
|
25
27
|
alert = result.value!
|
|
26
28
|
data = Entities::Alert.represent(alert)
|
|
27
29
|
puts JSON.pretty_generate(data.as_json)
|
|
@@ -20,43 +20,24 @@ module Mihari
|
|
|
20
20
|
#
|
|
21
21
|
def search(path_or_id)
|
|
22
22
|
Mihari::Database.with_db_connection do
|
|
23
|
-
|
|
23
|
+
result = Dry::Monads::Try[StandardError] do
|
|
24
|
+
# @type [Mihari::Rule]
|
|
25
|
+
rule = Services::RuleBuilder.call(path_or_id)
|
|
24
26
|
|
|
25
|
-
|
|
26
|
-
|
|
27
|
+
force_overwrite = options["force_overwrite"] || false
|
|
28
|
+
message = "There is a diff in the rule. Are you sure you want to overwrite the rule? (y/n)"
|
|
29
|
+
exit 0 if rule.diff? && !force_overwrite && !yes?(message)
|
|
27
30
|
|
|
28
|
-
|
|
31
|
+
rule.update_or_create
|
|
32
|
+
rule.call
|
|
33
|
+
end.to_result
|
|
29
34
|
|
|
35
|
+
# @type [Mihari::Models::Alert]
|
|
30
36
|
alert = result.value!
|
|
31
37
|
data = Entities::Alert.represent(alert)
|
|
32
38
|
puts JSON.pretty_generate(data.as_json)
|
|
33
39
|
end
|
|
34
40
|
end
|
|
35
|
-
|
|
36
|
-
no_commands do
|
|
37
|
-
#
|
|
38
|
-
# @param [Mihari::RuleRunner] rule
|
|
39
|
-
#
|
|
40
|
-
def check_diff(rule)
|
|
41
|
-
force_overwrite = options["force_overwrite"] || false
|
|
42
|
-
message = "There is a diff in the rule. Are you sure you want to overwrite the rule? (y/n)"
|
|
43
|
-
runner = Services::RuleRunner.new(rule)
|
|
44
|
-
|
|
45
|
-
exit 0 if runner.diff? && !force_overwrite && !yes?(message)
|
|
46
|
-
|
|
47
|
-
Success runner
|
|
48
|
-
end
|
|
49
|
-
|
|
50
|
-
#
|
|
51
|
-
# @param [Mihari::RuleRunner] runner
|
|
52
|
-
#
|
|
53
|
-
def update_and_call(runner)
|
|
54
|
-
Dry::Monads::Try[StandardError] do
|
|
55
|
-
runner.update_or_create
|
|
56
|
-
runner.call
|
|
57
|
-
end.to_result
|
|
58
|
-
end
|
|
59
|
-
end
|
|
60
41
|
end
|
|
61
42
|
end
|
|
62
43
|
end
|
data/lib/mihari/entities/tag.rb
CHANGED
data/lib/mihari/rule.rb
CHANGED
|
@@ -218,6 +218,20 @@ module Mihari
|
|
|
218
218
|
)
|
|
219
219
|
end
|
|
220
220
|
|
|
221
|
+
#
|
|
222
|
+
# @return [Boolean]
|
|
223
|
+
#
|
|
224
|
+
def diff?
|
|
225
|
+
model = Mihari::Models::Rule.find(id)
|
|
226
|
+
model.data != data.deep_stringify_keys
|
|
227
|
+
rescue ActiveRecord::RecordNotFound
|
|
228
|
+
false
|
|
229
|
+
end
|
|
230
|
+
|
|
231
|
+
def update_or_create
|
|
232
|
+
model.save
|
|
233
|
+
end
|
|
234
|
+
|
|
221
235
|
class << self
|
|
222
236
|
#
|
|
223
237
|
# Load rule from YAML string
|
data/lib/mihari/service.rb
CHANGED
|
@@ -9,8 +9,18 @@ module Mihari
|
|
|
9
9
|
raise NotImplementedError, "You must implement #{self.class}##{__method__}"
|
|
10
10
|
end
|
|
11
11
|
|
|
12
|
-
def result
|
|
13
|
-
Try[StandardError] { call }.to_result
|
|
12
|
+
def result(...)
|
|
13
|
+
Try[StandardError] { call(...) }.to_result
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
class << self
|
|
17
|
+
def call(...)
|
|
18
|
+
new.call(...)
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def result(...)
|
|
22
|
+
new.result(...)
|
|
23
|
+
end
|
|
14
24
|
end
|
|
15
25
|
end
|
|
16
26
|
end
|
|
@@ -9,23 +9,90 @@ require "yaml"
|
|
|
9
9
|
module Mihari
|
|
10
10
|
module Services
|
|
11
11
|
#
|
|
12
|
-
# Alert
|
|
12
|
+
# Alert proxy
|
|
13
13
|
#
|
|
14
|
-
class
|
|
15
|
-
# @return [
|
|
16
|
-
attr_reader :
|
|
14
|
+
class AlertProxy
|
|
15
|
+
# @return [Hash]
|
|
16
|
+
attr_reader :data
|
|
17
|
+
|
|
18
|
+
# @return [Array, nil]
|
|
19
|
+
attr_reader :errors
|
|
17
20
|
|
|
18
21
|
#
|
|
19
22
|
# Initialize
|
|
20
23
|
#
|
|
21
|
-
# @param [
|
|
24
|
+
# @param [Hash] data
|
|
22
25
|
#
|
|
23
|
-
def initialize(
|
|
26
|
+
def initialize(**data)
|
|
24
27
|
super()
|
|
25
28
|
|
|
26
|
-
@
|
|
29
|
+
@data = data.deep_symbolize_keys
|
|
30
|
+
@errors = nil
|
|
31
|
+
|
|
32
|
+
validate!
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
#
|
|
36
|
+
# @return [Boolean]
|
|
37
|
+
#
|
|
38
|
+
def errors?
|
|
39
|
+
return false if @errors.nil?
|
|
40
|
+
|
|
41
|
+
!@errors.empty?
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
def validate!
|
|
45
|
+
contract = Schemas::AlertContract.new
|
|
46
|
+
result = contract.call(data)
|
|
47
|
+
|
|
48
|
+
@data = result.to_h
|
|
49
|
+
@errors = result.errors
|
|
50
|
+
|
|
51
|
+
raise ValidationError.new("Validation failed", errors) if errors?
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
def [](key)
|
|
55
|
+
data key.to_sym
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
#
|
|
59
|
+
# @return [String]
|
|
60
|
+
#
|
|
61
|
+
def rule_id
|
|
62
|
+
@rule_id ||= data[:rule_id]
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
#
|
|
66
|
+
# @return [Array<Mihari::Models::Artifact>]
|
|
67
|
+
#
|
|
68
|
+
def artifacts
|
|
69
|
+
@artifacts ||= data[:artifacts].map do |data|
|
|
70
|
+
artifact = Models::Artifact.new(data: data)
|
|
71
|
+
artifact.rule_id = rule_id
|
|
72
|
+
artifact
|
|
73
|
+
end.uniq(&:data).select(&:valid?)
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
#
|
|
77
|
+
# @return [Mihari::Rule]
|
|
78
|
+
#
|
|
79
|
+
def rule
|
|
80
|
+
@rule ||= [].tap do |out|
|
|
81
|
+
data = Mihari::Models::Rule.find(rule_id).data
|
|
82
|
+
out << Rule.new(**data)
|
|
83
|
+
end.first
|
|
27
84
|
end
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
#
|
|
88
|
+
# Alert builder
|
|
89
|
+
#
|
|
90
|
+
class AlertBuilder < Service
|
|
91
|
+
# @return [String]
|
|
92
|
+
attr_reader :path
|
|
28
93
|
|
|
94
|
+
#
|
|
95
|
+
# @param [String] path
|
|
29
96
|
#
|
|
30
97
|
# @return [Hash]
|
|
31
98
|
#
|
|
@@ -38,7 +105,13 @@ module Mihari
|
|
|
38
105
|
)
|
|
39
106
|
end
|
|
40
107
|
|
|
41
|
-
|
|
108
|
+
#
|
|
109
|
+
# @param [String] path
|
|
110
|
+
#
|
|
111
|
+
# @return [Mihari::AlertProxy]
|
|
112
|
+
#
|
|
113
|
+
def call(path)
|
|
114
|
+
@path = path
|
|
42
115
|
AlertProxy.new(**data)
|
|
43
116
|
end
|
|
44
117
|
end
|
|
@@ -6,19 +6,12 @@ module Mihari
|
|
|
6
6
|
# Alert runner
|
|
7
7
|
#
|
|
8
8
|
class AlertRunner < Service
|
|
9
|
-
#
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
def initialize(alert)
|
|
13
|
-
super()
|
|
14
|
-
|
|
15
|
-
@alert = alert
|
|
16
|
-
end
|
|
17
|
-
|
|
9
|
+
#
|
|
10
|
+
# @param [Mihari::Services::AlertProxy] alert
|
|
18
11
|
#
|
|
19
12
|
# @return [Mihari::Models::Alert]
|
|
20
13
|
#
|
|
21
|
-
def call
|
|
14
|
+
def call(alert)
|
|
22
15
|
emitter = Emitters::Database.new(rule: alert.rule)
|
|
23
16
|
emitter.call alert.artifacts
|
|
24
17
|
end
|
|
@@ -14,17 +14,8 @@ module Mihari
|
|
|
14
14
|
# @return [String]
|
|
15
15
|
attr_reader :path_or_id
|
|
16
16
|
|
|
17
|
-
#
|
|
18
|
-
# Initialize
|
|
19
17
|
#
|
|
20
18
|
# @param [String] path_or_id
|
|
21
|
-
#
|
|
22
|
-
def initialize(path_or_id)
|
|
23
|
-
super()
|
|
24
|
-
|
|
25
|
-
@path_or_id = path_or_id
|
|
26
|
-
end
|
|
27
|
-
|
|
28
19
|
#
|
|
29
20
|
# @return [Hash]
|
|
30
21
|
#
|
|
@@ -42,7 +33,14 @@ module Mihari
|
|
|
42
33
|
)
|
|
43
34
|
end
|
|
44
35
|
|
|
45
|
-
|
|
36
|
+
#
|
|
37
|
+
# @param [String] path_or_id
|
|
38
|
+
#
|
|
39
|
+
# @return [Mihari::Rule]
|
|
40
|
+
#
|
|
41
|
+
def call(path_or_id)
|
|
42
|
+
@path_or_id = path_or_id
|
|
43
|
+
|
|
46
44
|
Rule.new(**data)
|
|
47
45
|
end
|
|
48
46
|
end
|
|
@@ -6,35 +6,12 @@ module Mihari
|
|
|
6
6
|
# Rule runner
|
|
7
7
|
#
|
|
8
8
|
class RuleRunner < Service
|
|
9
|
-
include Dry::Monads[:result, :try]
|
|
10
|
-
|
|
11
|
-
# @return [Mihari::Rule]
|
|
12
|
-
attr_reader :rule
|
|
13
|
-
|
|
14
|
-
def initialize(rule)
|
|
15
|
-
super()
|
|
16
|
-
|
|
17
|
-
@rule = rule
|
|
18
|
-
end
|
|
19
|
-
|
|
20
9
|
#
|
|
21
|
-
# @
|
|
22
|
-
#
|
|
23
|
-
def diff?
|
|
24
|
-
model = Mihari::Models::Rule.find(rule.id)
|
|
25
|
-
model.data != rule.data.deep_stringify_keys
|
|
26
|
-
rescue ActiveRecord::RecordNotFound
|
|
27
|
-
false
|
|
28
|
-
end
|
|
29
|
-
|
|
30
|
-
def update_or_create
|
|
31
|
-
rule.model.save
|
|
32
|
-
end
|
|
33
|
-
|
|
10
|
+
# @params [Mihari::Rule]
|
|
34
11
|
#
|
|
35
12
|
# @return [Mihari::Models::Alert, nil]
|
|
36
13
|
#
|
|
37
|
-
def call
|
|
14
|
+
def call(rule)
|
|
38
15
|
rule.call
|
|
39
16
|
end
|
|
40
17
|
end
|
|
@@ -9,6 +9,9 @@ module Mihari
|
|
|
9
9
|
attribute :ip, Types::String
|
|
10
10
|
|
|
11
11
|
class << self
|
|
12
|
+
#
|
|
13
|
+
# @param [Hash] d
|
|
14
|
+
#
|
|
12
15
|
def from_dynamic!(d)
|
|
13
16
|
d = Types::Hash[d]
|
|
14
17
|
new(
|
|
@@ -24,6 +27,9 @@ module Mihari
|
|
|
24
27
|
attribute :target, Target
|
|
25
28
|
|
|
26
29
|
class << self
|
|
30
|
+
#
|
|
31
|
+
# @param [Hash] d
|
|
32
|
+
#
|
|
27
33
|
def from_dynamic!(d)
|
|
28
34
|
d = Types::Hash[d]
|
|
29
35
|
new(
|
|
@@ -58,6 +64,9 @@ module Mihari
|
|
|
58
64
|
end
|
|
59
65
|
|
|
60
66
|
class << self
|
|
67
|
+
#
|
|
68
|
+
# @param [Hash] d
|
|
69
|
+
#
|
|
61
70
|
def from_dynamic!(d)
|
|
62
71
|
d = Types::Hash[d]
|
|
63
72
|
new(
|
|
@@ -21,8 +21,6 @@ module Mihari
|
|
|
21
21
|
#
|
|
22
22
|
# @param [Hash] d
|
|
23
23
|
#
|
|
24
|
-
# @return [AutonomousSystem]
|
|
25
|
-
#
|
|
26
24
|
def from_dynamic!(d)
|
|
27
25
|
d = Types::Hash[d]
|
|
28
26
|
new(
|
|
@@ -59,8 +57,6 @@ module Mihari
|
|
|
59
57
|
#
|
|
60
58
|
# @param [Hash] d
|
|
61
59
|
#
|
|
62
|
-
# @return [Location]
|
|
63
|
-
#
|
|
64
60
|
def from_dynamic!(d)
|
|
65
61
|
d = Types::Hash[d]
|
|
66
62
|
new(
|
|
@@ -87,8 +83,6 @@ module Mihari
|
|
|
87
83
|
#
|
|
88
84
|
# @param [Hash] d
|
|
89
85
|
#
|
|
90
|
-
# @return [Service]
|
|
91
|
-
#
|
|
92
86
|
def from_dynamic!(d)
|
|
93
87
|
d = Types::Hash[d]
|
|
94
88
|
new(
|
|
@@ -143,8 +137,6 @@ module Mihari
|
|
|
143
137
|
#
|
|
144
138
|
# @param [Hash] d
|
|
145
139
|
#
|
|
146
|
-
# @return [Hit]
|
|
147
|
-
#
|
|
148
140
|
def from_dynamic!(d)
|
|
149
141
|
d = Types::Hash[d]
|
|
150
142
|
new(
|
|
@@ -171,8 +163,6 @@ module Mihari
|
|
|
171
163
|
#
|
|
172
164
|
# @param [Hash] d
|
|
173
165
|
#
|
|
174
|
-
# @return [Links]
|
|
175
|
-
#
|
|
176
166
|
def from_dynamic!(d)
|
|
177
167
|
d = Types::Hash[d]
|
|
178
168
|
new(
|
|
@@ -211,8 +201,6 @@ module Mihari
|
|
|
211
201
|
#
|
|
212
202
|
# @param [Hash] d
|
|
213
203
|
#
|
|
214
|
-
# @return [Result]
|
|
215
|
-
#
|
|
216
204
|
def from_dynamic!(d)
|
|
217
205
|
d = Types::Hash[d]
|
|
218
206
|
new(
|
|
@@ -242,8 +230,6 @@ module Mihari
|
|
|
242
230
|
#
|
|
243
231
|
# @param [Hash] d
|
|
244
232
|
#
|
|
245
|
-
# @return [Response]
|
|
246
|
-
#
|
|
247
233
|
def from_dynamic!(d)
|
|
248
234
|
d = Types::Hash[d]
|
|
249
235
|
new(
|
data/lib/mihari/structs/fofa.rb
CHANGED
|
@@ -28,8 +28,6 @@ module Mihari
|
|
|
28
28
|
#
|
|
29
29
|
# @param [Hash] d
|
|
30
30
|
#
|
|
31
|
-
# @return [Answer]
|
|
32
|
-
#
|
|
33
31
|
def from_dynamic!(d)
|
|
34
32
|
d = Types::Hash[d]
|
|
35
33
|
resource_type = INT_TYPE_TO_TYPE[d.fetch("type")]
|
|
@@ -51,8 +49,6 @@ module Mihari
|
|
|
51
49
|
#
|
|
52
50
|
# @param [Hash] d
|
|
53
51
|
#
|
|
54
|
-
# @return [Response]
|
|
55
|
-
#
|
|
56
52
|
def from_dynamic!(d)
|
|
57
53
|
d = Types::Hash[d]
|
|
58
54
|
new(
|
|
@@ -39,8 +39,6 @@ module Mihari
|
|
|
39
39
|
#
|
|
40
40
|
# @param [Hash] d
|
|
41
41
|
#
|
|
42
|
-
# @return [Metadata]
|
|
43
|
-
#
|
|
44
42
|
def from_dynamic!(d)
|
|
45
43
|
d = Types::Hash[d]
|
|
46
44
|
new(
|
|
@@ -81,8 +79,6 @@ module Mihari
|
|
|
81
79
|
#
|
|
82
80
|
# @param [Hash] d
|
|
83
81
|
#
|
|
84
|
-
# @return [Datum]
|
|
85
|
-
#
|
|
86
82
|
def from_dynamic!(d)
|
|
87
83
|
d = Types::Hash[d]
|
|
88
84
|
new(
|
|
@@ -130,8 +126,6 @@ module Mihari
|
|
|
130
126
|
#
|
|
131
127
|
# @param [Hash] d
|
|
132
128
|
#
|
|
133
|
-
# @return [Response]
|
|
134
|
-
#
|
|
135
129
|
def from_dynamic!(d)
|
|
136
130
|
d = Types::Hash[d]
|
|
137
131
|
new(
|
|
@@ -27,8 +27,6 @@ module Mihari
|
|
|
27
27
|
#
|
|
28
28
|
# @param [Hash] d
|
|
29
29
|
#
|
|
30
|
-
# @return [ListItem]
|
|
31
|
-
#
|
|
32
30
|
def from_dynamic!(d)
|
|
33
31
|
d = Types::Hash[d]
|
|
34
32
|
new(
|
|
@@ -60,8 +58,6 @@ module Mihari
|
|
|
60
58
|
#
|
|
61
59
|
# @param [Hash] d
|
|
62
60
|
#
|
|
63
|
-
# @return [DataClass]
|
|
64
|
-
#
|
|
65
61
|
def from_dynamic!(d)
|
|
66
62
|
d = Types::Hash[d]
|
|
67
63
|
new(
|
|
@@ -89,8 +85,6 @@ module Mihari
|
|
|
89
85
|
#
|
|
90
86
|
# @param [Hash] d
|
|
91
87
|
#
|
|
92
|
-
# @return [Response]
|
|
93
|
-
#
|
|
94
88
|
def from_dynamic!(d)
|
|
95
89
|
d = Types::Hash[d]
|
|
96
90
|
new(
|
|
@@ -58,8 +58,6 @@ module Mihari
|
|
|
58
58
|
#
|
|
59
59
|
# @param [Hash] d
|
|
60
60
|
#
|
|
61
|
-
# @return [Result]
|
|
62
|
-
#
|
|
63
61
|
def from_dynamic!(d)
|
|
64
62
|
d = Types::Hash[d]
|
|
65
63
|
new(
|
|
@@ -113,8 +111,6 @@ module Mihari
|
|
|
113
111
|
#
|
|
114
112
|
# @param [Hash] d
|
|
115
113
|
#
|
|
116
|
-
# @return [Response]
|
|
117
|
-
#
|
|
118
114
|
def from_dynamic!(d)
|
|
119
115
|
d = Types::Hash[d]
|
|
120
116
|
new(
|
|
@@ -20,8 +20,6 @@ module Mihari
|
|
|
20
20
|
#
|
|
21
21
|
# @param [Hash] d
|
|
22
22
|
#
|
|
23
|
-
# @return [Page]
|
|
24
|
-
#
|
|
25
23
|
def from_dynamic!(d)
|
|
26
24
|
d = Types::Hash[d]
|
|
27
25
|
new(
|
|
@@ -62,8 +60,6 @@ module Mihari
|
|
|
62
60
|
#
|
|
63
61
|
# @param [Hash] d
|
|
64
62
|
#
|
|
65
|
-
# @return [Result]
|
|
66
|
-
#
|
|
67
63
|
def from_dynamic!(d)
|
|
68
64
|
d = Types::Hash[d]
|
|
69
65
|
new(
|
|
@@ -96,8 +92,6 @@ module Mihari
|
|
|
96
92
|
#
|
|
97
93
|
# @param [Hash] d
|
|
98
94
|
#
|
|
99
|
-
# @return [Response]
|
|
100
|
-
#
|
|
101
95
|
def from_dynamic!(d)
|
|
102
96
|
d = Types::Hash[d]
|
|
103
97
|
new(
|
|
@@ -12,8 +12,6 @@ module Mihari
|
|
|
12
12
|
#
|
|
13
13
|
# @param [Hash] d
|
|
14
14
|
#
|
|
15
|
-
# @return [ContextAttributes]
|
|
16
|
-
#
|
|
17
15
|
def from_dynamic!(d)
|
|
18
16
|
d = Types::Hash[d]
|
|
19
17
|
new(url: d["url"])
|
|
@@ -65,8 +63,6 @@ module Mihari
|
|
|
65
63
|
#
|
|
66
64
|
# @param [Hash] d
|
|
67
65
|
#
|
|
68
|
-
# @return [Datum]
|
|
69
|
-
#
|
|
70
66
|
def from_dynamic!(d)
|
|
71
67
|
d = Types::Hash[d]
|
|
72
68
|
|
|
@@ -94,8 +90,6 @@ module Mihari
|
|
|
94
90
|
#
|
|
95
91
|
# @param [Hash] d
|
|
96
92
|
#
|
|
97
|
-
# @return [Meta]
|
|
98
|
-
#
|
|
99
93
|
def from_dynamic!(d)
|
|
100
94
|
d = Types::Hash[d]
|
|
101
95
|
new(
|
|
@@ -125,8 +119,6 @@ module Mihari
|
|
|
125
119
|
#
|
|
126
120
|
# @param [Hash] d
|
|
127
121
|
#
|
|
128
|
-
# @return [Response]
|
|
129
|
-
#
|
|
130
122
|
def from_dynamic!(d)
|
|
131
123
|
d = Types::Hash[d]
|
|
132
124
|
new(
|
data/lib/mihari/version.rb
CHANGED