mihari 5.7.0 → 5.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +1 -1
- data/lib/mihari/actor.rb +10 -4
- data/lib/mihari/commands/alert.rb +6 -4
- data/lib/mihari/commands/search.rb +10 -29
- data/lib/mihari/enrichers/ipinfo.rb +1 -1
- data/lib/mihari/entities/tag.rb +1 -0
- data/lib/mihari/rule.rb +14 -0
- data/lib/mihari/service.rb +12 -2
- data/lib/mihari/services/alert_builder.rb +81 -8
- data/lib/mihari/services/alert_runner.rb +3 -10
- data/lib/mihari/services/rule_builder.rb +8 -10
- data/lib/mihari/services/rule_runner.rb +2 -25
- data/lib/mihari/structs/binaryedge.rb +9 -0
- data/lib/mihari/structs/censys.rb +0 -14
- data/lib/mihari/structs/fofa.rb +3 -0
- data/lib/mihari/structs/google_public_dns.rb +0 -4
- data/lib/mihari/structs/greynoise.rb +0 -6
- data/lib/mihari/structs/hunterhow.rb +0 -6
- data/lib/mihari/structs/ipinfo.rb +0 -2
- data/lib/mihari/structs/onyphe.rb +0 -4
- data/lib/mihari/structs/shodan.rb +0 -2
- data/lib/mihari/structs/urlscan.rb +0 -6
- data/lib/mihari/structs/virustotal_intelligence.rb +0 -8
- data/lib/mihari/version.rb +1 -1
- data/lib/mihari/web/app.rb +20 -17
- data/lib/mihari/web/endpoints/alerts.rb +75 -38
- data/lib/mihari/web/endpoints/artifacts.rb +60 -53
- data/lib/mihari/web/endpoints/ip_addresses.rb +19 -4
- data/lib/mihari/web/endpoints/rules.rb +132 -88
- data/lib/mihari/web/endpoints/tags.rb +15 -13
- data/lib/mihari/web/public/assets/{index-821134e2.js → index-07fafab5.js} +4 -3
- data/lib/mihari/web/public/index.html +1 -1
- data/lib/mihari.rb +0 -1
- data/mihari.gemspec +1 -1
- data/mkdocs.yml +1 -0
- metadata +3 -130
- data/docs/alternatives.md +0 -5
- data/docs/analyzers/binaryedge.md +0 -26
- data/docs/analyzers/censys.md +0 -31
- data/docs/analyzers/circl.md +0 -37
- data/docs/analyzers/crtsh.md +0 -26
- data/docs/analyzers/dnstwister.md +0 -25
- data/docs/analyzers/feed.md +0 -73
- data/docs/analyzers/fofa.md +0 -31
- data/docs/analyzers/greynoise.md +0 -26
- data/docs/analyzers/hunterhow.md +0 -33
- data/docs/analyzers/index.md +0 -104
- data/docs/analyzers/onyphe.md +0 -26
- data/docs/analyzers/otx.md +0 -28
- data/docs/analyzers/passivetotal.md +0 -52
- data/docs/analyzers/pulsedive.md +0 -28
- data/docs/analyzers/securitytrails.md +0 -41
- data/docs/analyzers/shodan.md +0 -26
- data/docs/analyzers/urlscan.md +0 -28
- data/docs/analyzers/virustotal.md +0 -43
- data/docs/analyzers/virustotal_intelligence.md +0 -33
- data/docs/analyzers/zoomeye.md +0 -38
- data/docs/configuration.md +0 -35
- data/docs/emitters/database.md +0 -22
- data/docs/emitters/hive.md +0 -26
- data/docs/emitters/index.md +0 -36
- data/docs/emitters/misp.md +0 -21
- data/docs/emitters/slack.md +0 -21
- data/docs/emitters/webhook.md +0 -63
- data/docs/enrichers/google_public_dns.md +0 -19
- data/docs/enrichers/index.md +0 -35
- data/docs/enrichers/ipinfo.md +0 -26
- data/docs/enrichers/shodan.md +0 -22
- data/docs/enrichers/whois.md +0 -17
- data/docs/github_actions.md +0 -43
- data/docs/index.md +0 -11
- data/docs/installation.md +0 -31
- data/docs/requirements.md +0 -13
- data/docs/rule.md +0 -168
- data/docs/tags.md +0 -3
- data/docs/usage.md +0 -103
- data/frontend/.eslintrc.cjs +0 -22
- data/frontend/.gitignore +0 -31
- data/frontend/.prettierrc.json +0 -8
- data/frontend/README.md +0 -3
- data/frontend/env.d.ts +0 -5
- data/frontend/index.html +0 -21
- data/frontend/package-lock.json +0 -7219
- data/frontend/package.json +0 -67
- data/frontend/public/favicon.ico +0 -0
- data/frontend/scripts/swagger_doc_to_yaml.rb +0 -23
- data/frontend/src/App.vue +0 -27
- data/frontend/src/ace-config.ts +0 -6
- data/frontend/src/api-helper.ts +0 -111
- data/frontend/src/api.ts +0 -105
- data/frontend/src/components/ErrorMessage.vue +0 -31
- data/frontend/src/components/Loading.vue +0 -15
- data/frontend/src/components/Navbar.vue +0 -42
- data/frontend/src/components/Pagination.vue +0 -119
- data/frontend/src/components/alert/Alert.vue +0 -87
- data/frontend/src/components/alert/Alerts.vue +0 -63
- data/frontend/src/components/alert/AlertsWithPagination.vue +0 -90
- data/frontend/src/components/alert/AlertsWrapper.vue +0 -128
- data/frontend/src/components/alert/Form.vue +0 -169
- data/frontend/src/components/artifact/AS.vue +0 -23
- data/frontend/src/components/artifact/Artifact.vue +0 -287
- data/frontend/src/components/artifact/ArtifactTag.vue +0 -64
- data/frontend/src/components/artifact/ArtifactTags.vue +0 -29
- data/frontend/src/components/artifact/ArtifactWrapper.vue +0 -57
- data/frontend/src/components/artifact/CPEs.vue +0 -23
- data/frontend/src/components/artifact/DnsRecords.vue +0 -32
- data/frontend/src/components/artifact/Ports.vue +0 -23
- data/frontend/src/components/artifact/ReverseDnsNames.vue +0 -23
- data/frontend/src/components/artifact/Tags.vue +0 -29
- data/frontend/src/components/artifact/WhoisRecord.vue +0 -44
- data/frontend/src/components/config/Configs.vue +0 -65
- data/frontend/src/components/config/ConfigsWrapper.vue +0 -32
- data/frontend/src/components/link/Link.vue +0 -32
- data/frontend/src/components/link/Links.vue +0 -42
- data/frontend/src/components/rule/EditRule.vue +0 -72
- data/frontend/src/components/rule/EditRuleWrapper.vue +0 -48
- data/frontend/src/components/rule/Form.vue +0 -158
- data/frontend/src/components/rule/InputForm.vue +0 -45
- data/frontend/src/components/rule/NewRule.vue +0 -57
- data/frontend/src/components/rule/Rule.vue +0 -100
- data/frontend/src/components/rule/RuleWrapper.vue +0 -53
- data/frontend/src/components/rule/Rules.vue +0 -84
- data/frontend/src/components/rule/RulesWrapper.vue +0 -121
- data/frontend/src/components/rule/YAML.vue +0 -37
- data/frontend/src/components/tag/Tag.vue +0 -65
- data/frontend/src/components/tag/Tags.vue +0 -37
- data/frontend/src/countries.ts +0 -350
- data/frontend/src/index.ts +0 -20
- data/frontend/src/links/anyrun.ts +0 -19
- data/frontend/src/links/base.ts +0 -14
- data/frontend/src/links/censys.ts +0 -20
- data/frontend/src/links/crtsh.ts +0 -20
- data/frontend/src/links/dnslytics.ts +0 -38
- data/frontend/src/links/greynoise.ts +0 -20
- data/frontend/src/links/index.ts +0 -40
- data/frontend/src/links/intezer.ts +0 -20
- data/frontend/src/links/otx.ts +0 -33
- data/frontend/src/links/securitytrails.ts +0 -38
- data/frontend/src/links/shodan.ts +0 -20
- data/frontend/src/links/urlscan.ts +0 -50
- data/frontend/src/links/virustotal.ts +0 -72
- data/frontend/src/main.ts +0 -41
- data/frontend/src/router/index.ts +0 -57
- data/frontend/src/rule.ts +0 -14
- data/frontend/src/shims-vue.d.ts +0 -6
- data/frontend/src/swagger.yaml +0 -771
- data/frontend/src/types.ts +0 -188
- data/frontend/src/utils.ts +0 -54
- data/frontend/src/views/Alerts.vue +0 -20
- data/frontend/src/views/Artifact.vue +0 -39
- data/frontend/src/views/Configs.vue +0 -20
- data/frontend/src/views/EditRule.vue +0 -39
- data/frontend/src/views/NewRule.vue +0 -26
- data/frontend/src/views/Rule.vue +0 -39
- data/frontend/src/views/Rules.vue +0 -20
- data/frontend/tests/utils.spec.ts +0 -9
- data/frontend/tsconfig.app.json +0 -21
- data/frontend/tsconfig.json +0 -14
- data/frontend/tsconfig.node.json +0 -13
- data/frontend/tsconfig.vitest.json +0 -12
- data/frontend/vite.config.ts +0 -24
- data/frontend/vitest.config.ts +0 -21
- data/lib/mihari/services/alert_proxy.rb +0 -97
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2d27340b82929d2a9dba6cab93c9e429112eed2f254f18595b765bd65852cdfa
|
|
4
|
+
data.tar.gz: 137141dad2d1b3c4f5b33a2ed38824a9e19c965c7d13e99d20358c2d546dd24c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 84825a14e57d1e740d7ee1e312ac23454017665b92dbdbe9fd2fe0cb55eb900addda0d9563049cf493094b67e9f1e5888d09fe37e7a102db5732f09837558fec
|
|
7
|
+
data.tar.gz: 393031f2550d7943271dd4b662c65b1da2df322661cdf1228808848e93f7bb7f65acaf8d1861599036bd951b464b5248f615e2abd738b171699eaf396b64f7c4
|
data/.rubocop.yml
CHANGED
data/lib/mihari/actor.rb
CHANGED
|
@@ -2,9 +2,11 @@
|
|
|
2
2
|
|
|
3
3
|
module Mihari
|
|
4
4
|
#
|
|
5
|
-
#
|
|
5
|
+
# Yet another base service class for Analyzer, Emitter and Enricher
|
|
6
6
|
#
|
|
7
|
-
class Actor
|
|
7
|
+
class Actor
|
|
8
|
+
include Dry::Monads[:result, :try]
|
|
9
|
+
|
|
8
10
|
include Mixins::Configurable
|
|
9
11
|
include Mixins::Retriable
|
|
10
12
|
|
|
@@ -57,13 +59,17 @@ module Mihari
|
|
|
57
59
|
raise ConfigurationError, message
|
|
58
60
|
end
|
|
59
61
|
|
|
60
|
-
def
|
|
62
|
+
def call(*args, **kwargs)
|
|
63
|
+
raise NotImplementedError, "You must implement #{self.class}##{__method__}"
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
def result(...)
|
|
61
67
|
Try[StandardError] do
|
|
62
68
|
retry_on_error(
|
|
63
69
|
times: retry_times,
|
|
64
70
|
interval: retry_interval,
|
|
65
71
|
exponential_backoff: retry_exponential_backoff
|
|
66
|
-
) { call }
|
|
72
|
+
) { call(...) }
|
|
67
73
|
end.to_result
|
|
68
74
|
end
|
|
69
75
|
|
|
@@ -17,11 +17,13 @@ module Mihari
|
|
|
17
17
|
#
|
|
18
18
|
def add(path)
|
|
19
19
|
Mihari::Database.with_db_connection do
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
20
|
+
result = Dry::Monads::Try[StandardError] do
|
|
21
|
+
# @type [Mihari::Services::AlertProxy]
|
|
22
|
+
proxy = Mihari::Services::AlertBuilder.call(path)
|
|
23
|
+
Mihari::Services::AlertRunner.call(proxy)
|
|
24
|
+
end.to_result
|
|
24
25
|
|
|
26
|
+
# @type [Mihari::Models::Alert]
|
|
25
27
|
alert = result.value!
|
|
26
28
|
data = Entities::Alert.represent(alert)
|
|
27
29
|
puts JSON.pretty_generate(data.as_json)
|
|
@@ -20,43 +20,24 @@ module Mihari
|
|
|
20
20
|
#
|
|
21
21
|
def search(path_or_id)
|
|
22
22
|
Mihari::Database.with_db_connection do
|
|
23
|
-
|
|
23
|
+
result = Dry::Monads::Try[StandardError] do
|
|
24
|
+
# @type [Mihari::Rule]
|
|
25
|
+
rule = Services::RuleBuilder.call(path_or_id)
|
|
24
26
|
|
|
25
|
-
|
|
26
|
-
|
|
27
|
+
force_overwrite = options["force_overwrite"] || false
|
|
28
|
+
message = "There is a diff in the rule. Are you sure you want to overwrite the rule? (y/n)"
|
|
29
|
+
exit 0 if rule.diff? && !force_overwrite && !yes?(message)
|
|
27
30
|
|
|
28
|
-
|
|
31
|
+
rule.update_or_create
|
|
32
|
+
rule.call
|
|
33
|
+
end.to_result
|
|
29
34
|
|
|
35
|
+
# @type [Mihari::Models::Alert]
|
|
30
36
|
alert = result.value!
|
|
31
37
|
data = Entities::Alert.represent(alert)
|
|
32
38
|
puts JSON.pretty_generate(data.as_json)
|
|
33
39
|
end
|
|
34
40
|
end
|
|
35
|
-
|
|
36
|
-
no_commands do
|
|
37
|
-
#
|
|
38
|
-
# @param [Mihari::RuleRunner] rule
|
|
39
|
-
#
|
|
40
|
-
def check_diff(rule)
|
|
41
|
-
force_overwrite = options["force_overwrite"] || false
|
|
42
|
-
message = "There is a diff in the rule. Are you sure you want to overwrite the rule? (y/n)"
|
|
43
|
-
runner = Services::RuleRunner.new(rule)
|
|
44
|
-
|
|
45
|
-
exit 0 if runner.diff? && !force_overwrite && !yes?(message)
|
|
46
|
-
|
|
47
|
-
Success runner
|
|
48
|
-
end
|
|
49
|
-
|
|
50
|
-
#
|
|
51
|
-
# @param [Mihari::RuleRunner] runner
|
|
52
|
-
#
|
|
53
|
-
def update_and_call(runner)
|
|
54
|
-
Dry::Monads::Try[StandardError] do
|
|
55
|
-
runner.update_or_create
|
|
56
|
-
runner.call
|
|
57
|
-
end.to_result
|
|
58
|
-
end
|
|
59
|
-
end
|
|
60
41
|
end
|
|
61
42
|
end
|
|
62
43
|
end
|
data/lib/mihari/entities/tag.rb
CHANGED
data/lib/mihari/rule.rb
CHANGED
|
@@ -218,6 +218,20 @@ module Mihari
|
|
|
218
218
|
)
|
|
219
219
|
end
|
|
220
220
|
|
|
221
|
+
#
|
|
222
|
+
# @return [Boolean]
|
|
223
|
+
#
|
|
224
|
+
def diff?
|
|
225
|
+
model = Mihari::Models::Rule.find(id)
|
|
226
|
+
model.data != data.deep_stringify_keys
|
|
227
|
+
rescue ActiveRecord::RecordNotFound
|
|
228
|
+
false
|
|
229
|
+
end
|
|
230
|
+
|
|
231
|
+
def update_or_create
|
|
232
|
+
model.save
|
|
233
|
+
end
|
|
234
|
+
|
|
221
235
|
class << self
|
|
222
236
|
#
|
|
223
237
|
# Load rule from YAML string
|
data/lib/mihari/service.rb
CHANGED
|
@@ -9,8 +9,18 @@ module Mihari
|
|
|
9
9
|
raise NotImplementedError, "You must implement #{self.class}##{__method__}"
|
|
10
10
|
end
|
|
11
11
|
|
|
12
|
-
def result
|
|
13
|
-
Try[StandardError] { call }.to_result
|
|
12
|
+
def result(...)
|
|
13
|
+
Try[StandardError] { call(...) }.to_result
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
class << self
|
|
17
|
+
def call(...)
|
|
18
|
+
new.call(...)
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def result(...)
|
|
22
|
+
new.result(...)
|
|
23
|
+
end
|
|
14
24
|
end
|
|
15
25
|
end
|
|
16
26
|
end
|
|
@@ -9,23 +9,90 @@ require "yaml"
|
|
|
9
9
|
module Mihari
|
|
10
10
|
module Services
|
|
11
11
|
#
|
|
12
|
-
# Alert
|
|
12
|
+
# Alert proxy
|
|
13
13
|
#
|
|
14
|
-
class
|
|
15
|
-
# @return [
|
|
16
|
-
attr_reader :
|
|
14
|
+
class AlertProxy
|
|
15
|
+
# @return [Hash]
|
|
16
|
+
attr_reader :data
|
|
17
|
+
|
|
18
|
+
# @return [Array, nil]
|
|
19
|
+
attr_reader :errors
|
|
17
20
|
|
|
18
21
|
#
|
|
19
22
|
# Initialize
|
|
20
23
|
#
|
|
21
|
-
# @param [
|
|
24
|
+
# @param [Hash] data
|
|
22
25
|
#
|
|
23
|
-
def initialize(
|
|
26
|
+
def initialize(**data)
|
|
24
27
|
super()
|
|
25
28
|
|
|
26
|
-
@
|
|
29
|
+
@data = data.deep_symbolize_keys
|
|
30
|
+
@errors = nil
|
|
31
|
+
|
|
32
|
+
validate!
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
#
|
|
36
|
+
# @return [Boolean]
|
|
37
|
+
#
|
|
38
|
+
def errors?
|
|
39
|
+
return false if @errors.nil?
|
|
40
|
+
|
|
41
|
+
!@errors.empty?
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
def validate!
|
|
45
|
+
contract = Schemas::AlertContract.new
|
|
46
|
+
result = contract.call(data)
|
|
47
|
+
|
|
48
|
+
@data = result.to_h
|
|
49
|
+
@errors = result.errors
|
|
50
|
+
|
|
51
|
+
raise ValidationError.new("Validation failed", errors) if errors?
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
def [](key)
|
|
55
|
+
data key.to_sym
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
#
|
|
59
|
+
# @return [String]
|
|
60
|
+
#
|
|
61
|
+
def rule_id
|
|
62
|
+
@rule_id ||= data[:rule_id]
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
#
|
|
66
|
+
# @return [Array<Mihari::Models::Artifact>]
|
|
67
|
+
#
|
|
68
|
+
def artifacts
|
|
69
|
+
@artifacts ||= data[:artifacts].map do |data|
|
|
70
|
+
artifact = Models::Artifact.new(data: data)
|
|
71
|
+
artifact.rule_id = rule_id
|
|
72
|
+
artifact
|
|
73
|
+
end.uniq(&:data).select(&:valid?)
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
#
|
|
77
|
+
# @return [Mihari::Rule]
|
|
78
|
+
#
|
|
79
|
+
def rule
|
|
80
|
+
@rule ||= [].tap do |out|
|
|
81
|
+
data = Mihari::Models::Rule.find(rule_id).data
|
|
82
|
+
out << Rule.new(**data)
|
|
83
|
+
end.first
|
|
27
84
|
end
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
#
|
|
88
|
+
# Alert builder
|
|
89
|
+
#
|
|
90
|
+
class AlertBuilder < Service
|
|
91
|
+
# @return [String]
|
|
92
|
+
attr_reader :path
|
|
28
93
|
|
|
94
|
+
#
|
|
95
|
+
# @param [String] path
|
|
29
96
|
#
|
|
30
97
|
# @return [Hash]
|
|
31
98
|
#
|
|
@@ -38,7 +105,13 @@ module Mihari
|
|
|
38
105
|
)
|
|
39
106
|
end
|
|
40
107
|
|
|
41
|
-
|
|
108
|
+
#
|
|
109
|
+
# @param [String] path
|
|
110
|
+
#
|
|
111
|
+
# @return [Mihari::AlertProxy]
|
|
112
|
+
#
|
|
113
|
+
def call(path)
|
|
114
|
+
@path = path
|
|
42
115
|
AlertProxy.new(**data)
|
|
43
116
|
end
|
|
44
117
|
end
|
|
@@ -6,19 +6,12 @@ module Mihari
|
|
|
6
6
|
# Alert runner
|
|
7
7
|
#
|
|
8
8
|
class AlertRunner < Service
|
|
9
|
-
#
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
def initialize(alert)
|
|
13
|
-
super()
|
|
14
|
-
|
|
15
|
-
@alert = alert
|
|
16
|
-
end
|
|
17
|
-
|
|
9
|
+
#
|
|
10
|
+
# @param [Mihari::Services::AlertProxy] alert
|
|
18
11
|
#
|
|
19
12
|
# @return [Mihari::Models::Alert]
|
|
20
13
|
#
|
|
21
|
-
def call
|
|
14
|
+
def call(alert)
|
|
22
15
|
emitter = Emitters::Database.new(rule: alert.rule)
|
|
23
16
|
emitter.call alert.artifacts
|
|
24
17
|
end
|
|
@@ -14,17 +14,8 @@ module Mihari
|
|
|
14
14
|
# @return [String]
|
|
15
15
|
attr_reader :path_or_id
|
|
16
16
|
|
|
17
|
-
#
|
|
18
|
-
# Initialize
|
|
19
17
|
#
|
|
20
18
|
# @param [String] path_or_id
|
|
21
|
-
#
|
|
22
|
-
def initialize(path_or_id)
|
|
23
|
-
super()
|
|
24
|
-
|
|
25
|
-
@path_or_id = path_or_id
|
|
26
|
-
end
|
|
27
|
-
|
|
28
19
|
#
|
|
29
20
|
# @return [Hash]
|
|
30
21
|
#
|
|
@@ -42,7 +33,14 @@ module Mihari
|
|
|
42
33
|
)
|
|
43
34
|
end
|
|
44
35
|
|
|
45
|
-
|
|
36
|
+
#
|
|
37
|
+
# @param [String] path_or_id
|
|
38
|
+
#
|
|
39
|
+
# @return [Mihari::Rule]
|
|
40
|
+
#
|
|
41
|
+
def call(path_or_id)
|
|
42
|
+
@path_or_id = path_or_id
|
|
43
|
+
|
|
46
44
|
Rule.new(**data)
|
|
47
45
|
end
|
|
48
46
|
end
|
|
@@ -6,35 +6,12 @@ module Mihari
|
|
|
6
6
|
# Rule runner
|
|
7
7
|
#
|
|
8
8
|
class RuleRunner < Service
|
|
9
|
-
include Dry::Monads[:result, :try]
|
|
10
|
-
|
|
11
|
-
# @return [Mihari::Rule]
|
|
12
|
-
attr_reader :rule
|
|
13
|
-
|
|
14
|
-
def initialize(rule)
|
|
15
|
-
super()
|
|
16
|
-
|
|
17
|
-
@rule = rule
|
|
18
|
-
end
|
|
19
|
-
|
|
20
9
|
#
|
|
21
|
-
# @
|
|
22
|
-
#
|
|
23
|
-
def diff?
|
|
24
|
-
model = Mihari::Models::Rule.find(rule.id)
|
|
25
|
-
model.data != rule.data.deep_stringify_keys
|
|
26
|
-
rescue ActiveRecord::RecordNotFound
|
|
27
|
-
false
|
|
28
|
-
end
|
|
29
|
-
|
|
30
|
-
def update_or_create
|
|
31
|
-
rule.model.save
|
|
32
|
-
end
|
|
33
|
-
|
|
10
|
+
# @params [Mihari::Rule]
|
|
34
11
|
#
|
|
35
12
|
# @return [Mihari::Models::Alert, nil]
|
|
36
13
|
#
|
|
37
|
-
def call
|
|
14
|
+
def call(rule)
|
|
38
15
|
rule.call
|
|
39
16
|
end
|
|
40
17
|
end
|
|
@@ -9,6 +9,9 @@ module Mihari
|
|
|
9
9
|
attribute :ip, Types::String
|
|
10
10
|
|
|
11
11
|
class << self
|
|
12
|
+
#
|
|
13
|
+
# @param [Hash] d
|
|
14
|
+
#
|
|
12
15
|
def from_dynamic!(d)
|
|
13
16
|
d = Types::Hash[d]
|
|
14
17
|
new(
|
|
@@ -24,6 +27,9 @@ module Mihari
|
|
|
24
27
|
attribute :target, Target
|
|
25
28
|
|
|
26
29
|
class << self
|
|
30
|
+
#
|
|
31
|
+
# @param [Hash] d
|
|
32
|
+
#
|
|
27
33
|
def from_dynamic!(d)
|
|
28
34
|
d = Types::Hash[d]
|
|
29
35
|
new(
|
|
@@ -58,6 +64,9 @@ module Mihari
|
|
|
58
64
|
end
|
|
59
65
|
|
|
60
66
|
class << self
|
|
67
|
+
#
|
|
68
|
+
# @param [Hash] d
|
|
69
|
+
#
|
|
61
70
|
def from_dynamic!(d)
|
|
62
71
|
d = Types::Hash[d]
|
|
63
72
|
new(
|
|
@@ -21,8 +21,6 @@ module Mihari
|
|
|
21
21
|
#
|
|
22
22
|
# @param [Hash] d
|
|
23
23
|
#
|
|
24
|
-
# @return [AutonomousSystem]
|
|
25
|
-
#
|
|
26
24
|
def from_dynamic!(d)
|
|
27
25
|
d = Types::Hash[d]
|
|
28
26
|
new(
|
|
@@ -59,8 +57,6 @@ module Mihari
|
|
|
59
57
|
#
|
|
60
58
|
# @param [Hash] d
|
|
61
59
|
#
|
|
62
|
-
# @return [Location]
|
|
63
|
-
#
|
|
64
60
|
def from_dynamic!(d)
|
|
65
61
|
d = Types::Hash[d]
|
|
66
62
|
new(
|
|
@@ -87,8 +83,6 @@ module Mihari
|
|
|
87
83
|
#
|
|
88
84
|
# @param [Hash] d
|
|
89
85
|
#
|
|
90
|
-
# @return [Service]
|
|
91
|
-
#
|
|
92
86
|
def from_dynamic!(d)
|
|
93
87
|
d = Types::Hash[d]
|
|
94
88
|
new(
|
|
@@ -143,8 +137,6 @@ module Mihari
|
|
|
143
137
|
#
|
|
144
138
|
# @param [Hash] d
|
|
145
139
|
#
|
|
146
|
-
# @return [Hit]
|
|
147
|
-
#
|
|
148
140
|
def from_dynamic!(d)
|
|
149
141
|
d = Types::Hash[d]
|
|
150
142
|
new(
|
|
@@ -171,8 +163,6 @@ module Mihari
|
|
|
171
163
|
#
|
|
172
164
|
# @param [Hash] d
|
|
173
165
|
#
|
|
174
|
-
# @return [Links]
|
|
175
|
-
#
|
|
176
166
|
def from_dynamic!(d)
|
|
177
167
|
d = Types::Hash[d]
|
|
178
168
|
new(
|
|
@@ -211,8 +201,6 @@ module Mihari
|
|
|
211
201
|
#
|
|
212
202
|
# @param [Hash] d
|
|
213
203
|
#
|
|
214
|
-
# @return [Result]
|
|
215
|
-
#
|
|
216
204
|
def from_dynamic!(d)
|
|
217
205
|
d = Types::Hash[d]
|
|
218
206
|
new(
|
|
@@ -242,8 +230,6 @@ module Mihari
|
|
|
242
230
|
#
|
|
243
231
|
# @param [Hash] d
|
|
244
232
|
#
|
|
245
|
-
# @return [Response]
|
|
246
|
-
#
|
|
247
233
|
def from_dynamic!(d)
|
|
248
234
|
d = Types::Hash[d]
|
|
249
235
|
new(
|
data/lib/mihari/structs/fofa.rb
CHANGED
|
@@ -28,8 +28,6 @@ module Mihari
|
|
|
28
28
|
#
|
|
29
29
|
# @param [Hash] d
|
|
30
30
|
#
|
|
31
|
-
# @return [Answer]
|
|
32
|
-
#
|
|
33
31
|
def from_dynamic!(d)
|
|
34
32
|
d = Types::Hash[d]
|
|
35
33
|
resource_type = INT_TYPE_TO_TYPE[d.fetch("type")]
|
|
@@ -51,8 +49,6 @@ module Mihari
|
|
|
51
49
|
#
|
|
52
50
|
# @param [Hash] d
|
|
53
51
|
#
|
|
54
|
-
# @return [Response]
|
|
55
|
-
#
|
|
56
52
|
def from_dynamic!(d)
|
|
57
53
|
d = Types::Hash[d]
|
|
58
54
|
new(
|
|
@@ -39,8 +39,6 @@ module Mihari
|
|
|
39
39
|
#
|
|
40
40
|
# @param [Hash] d
|
|
41
41
|
#
|
|
42
|
-
# @return [Metadata]
|
|
43
|
-
#
|
|
44
42
|
def from_dynamic!(d)
|
|
45
43
|
d = Types::Hash[d]
|
|
46
44
|
new(
|
|
@@ -81,8 +79,6 @@ module Mihari
|
|
|
81
79
|
#
|
|
82
80
|
# @param [Hash] d
|
|
83
81
|
#
|
|
84
|
-
# @return [Datum]
|
|
85
|
-
#
|
|
86
82
|
def from_dynamic!(d)
|
|
87
83
|
d = Types::Hash[d]
|
|
88
84
|
new(
|
|
@@ -130,8 +126,6 @@ module Mihari
|
|
|
130
126
|
#
|
|
131
127
|
# @param [Hash] d
|
|
132
128
|
#
|
|
133
|
-
# @return [Response]
|
|
134
|
-
#
|
|
135
129
|
def from_dynamic!(d)
|
|
136
130
|
d = Types::Hash[d]
|
|
137
131
|
new(
|
|
@@ -27,8 +27,6 @@ module Mihari
|
|
|
27
27
|
#
|
|
28
28
|
# @param [Hash] d
|
|
29
29
|
#
|
|
30
|
-
# @return [ListItem]
|
|
31
|
-
#
|
|
32
30
|
def from_dynamic!(d)
|
|
33
31
|
d = Types::Hash[d]
|
|
34
32
|
new(
|
|
@@ -60,8 +58,6 @@ module Mihari
|
|
|
60
58
|
#
|
|
61
59
|
# @param [Hash] d
|
|
62
60
|
#
|
|
63
|
-
# @return [DataClass]
|
|
64
|
-
#
|
|
65
61
|
def from_dynamic!(d)
|
|
66
62
|
d = Types::Hash[d]
|
|
67
63
|
new(
|
|
@@ -89,8 +85,6 @@ module Mihari
|
|
|
89
85
|
#
|
|
90
86
|
# @param [Hash] d
|
|
91
87
|
#
|
|
92
|
-
# @return [Response]
|
|
93
|
-
#
|
|
94
88
|
def from_dynamic!(d)
|
|
95
89
|
d = Types::Hash[d]
|
|
96
90
|
new(
|
|
@@ -58,8 +58,6 @@ module Mihari
|
|
|
58
58
|
#
|
|
59
59
|
# @param [Hash] d
|
|
60
60
|
#
|
|
61
|
-
# @return [Result]
|
|
62
|
-
#
|
|
63
61
|
def from_dynamic!(d)
|
|
64
62
|
d = Types::Hash[d]
|
|
65
63
|
new(
|
|
@@ -113,8 +111,6 @@ module Mihari
|
|
|
113
111
|
#
|
|
114
112
|
# @param [Hash] d
|
|
115
113
|
#
|
|
116
|
-
# @return [Response]
|
|
117
|
-
#
|
|
118
114
|
def from_dynamic!(d)
|
|
119
115
|
d = Types::Hash[d]
|
|
120
116
|
new(
|
|
@@ -20,8 +20,6 @@ module Mihari
|
|
|
20
20
|
#
|
|
21
21
|
# @param [Hash] d
|
|
22
22
|
#
|
|
23
|
-
# @return [Page]
|
|
24
|
-
#
|
|
25
23
|
def from_dynamic!(d)
|
|
26
24
|
d = Types::Hash[d]
|
|
27
25
|
new(
|
|
@@ -62,8 +60,6 @@ module Mihari
|
|
|
62
60
|
#
|
|
63
61
|
# @param [Hash] d
|
|
64
62
|
#
|
|
65
|
-
# @return [Result]
|
|
66
|
-
#
|
|
67
63
|
def from_dynamic!(d)
|
|
68
64
|
d = Types::Hash[d]
|
|
69
65
|
new(
|
|
@@ -96,8 +92,6 @@ module Mihari
|
|
|
96
92
|
#
|
|
97
93
|
# @param [Hash] d
|
|
98
94
|
#
|
|
99
|
-
# @return [Response]
|
|
100
|
-
#
|
|
101
95
|
def from_dynamic!(d)
|
|
102
96
|
d = Types::Hash[d]
|
|
103
97
|
new(
|
|
@@ -12,8 +12,6 @@ module Mihari
|
|
|
12
12
|
#
|
|
13
13
|
# @param [Hash] d
|
|
14
14
|
#
|
|
15
|
-
# @return [ContextAttributes]
|
|
16
|
-
#
|
|
17
15
|
def from_dynamic!(d)
|
|
18
16
|
d = Types::Hash[d]
|
|
19
17
|
new(url: d["url"])
|
|
@@ -65,8 +63,6 @@ module Mihari
|
|
|
65
63
|
#
|
|
66
64
|
# @param [Hash] d
|
|
67
65
|
#
|
|
68
|
-
# @return [Datum]
|
|
69
|
-
#
|
|
70
66
|
def from_dynamic!(d)
|
|
71
67
|
d = Types::Hash[d]
|
|
72
68
|
|
|
@@ -94,8 +90,6 @@ module Mihari
|
|
|
94
90
|
#
|
|
95
91
|
# @param [Hash] d
|
|
96
92
|
#
|
|
97
|
-
# @return [Meta]
|
|
98
|
-
#
|
|
99
93
|
def from_dynamic!(d)
|
|
100
94
|
d = Types::Hash[d]
|
|
101
95
|
new(
|
|
@@ -125,8 +119,6 @@ module Mihari
|
|
|
125
119
|
#
|
|
126
120
|
# @param [Hash] d
|
|
127
121
|
#
|
|
128
|
-
# @return [Response]
|
|
129
|
-
#
|
|
130
122
|
def from_dynamic!(d)
|
|
131
123
|
d = Types::Hash[d]
|
|
132
124
|
new(
|
data/lib/mihari/version.rb
CHANGED