RubyGems - mihari - Versions diffs - 5.7.0 → 5.7.1 - Mend

mihari 5.7.0 → 5.7.1

Files changed (164) hide show

checksums.yaml +4 -4
data/.rubocop.yml +1 -1
data/lib/mihari/actor.rb +10 -4
data/lib/mihari/commands/alert.rb +6 -4
data/lib/mihari/commands/search.rb +10 -29
data/lib/mihari/enrichers/ipinfo.rb +1 -1
data/lib/mihari/entities/tag.rb +1 -0
data/lib/mihari/rule.rb +14 -0
data/lib/mihari/service.rb +12 -2
data/lib/mihari/services/alert_builder.rb +81 -8
data/lib/mihari/services/alert_runner.rb +3 -10
data/lib/mihari/services/rule_builder.rb +8 -10
data/lib/mihari/services/rule_runner.rb +2 -25
data/lib/mihari/structs/binaryedge.rb +9 -0
data/lib/mihari/structs/censys.rb +0 -14
data/lib/mihari/structs/fofa.rb +3 -0
data/lib/mihari/structs/google_public_dns.rb +0 -4
data/lib/mihari/structs/greynoise.rb +0 -6
data/lib/mihari/structs/hunterhow.rb +0 -6
data/lib/mihari/structs/ipinfo.rb +0 -2
data/lib/mihari/structs/onyphe.rb +0 -4
data/lib/mihari/structs/shodan.rb +0 -2
data/lib/mihari/structs/urlscan.rb +0 -6
data/lib/mihari/structs/virustotal_intelligence.rb +0 -8
data/lib/mihari/version.rb +1 -1
data/lib/mihari/web/app.rb +20 -17
data/lib/mihari/web/endpoints/alerts.rb +75 -38
data/lib/mihari/web/endpoints/artifacts.rb +60 -53
data/lib/mihari/web/endpoints/ip_addresses.rb +19 -4
data/lib/mihari/web/endpoints/rules.rb +132 -88
data/lib/mihari/web/endpoints/tags.rb +15 -13
data/lib/mihari/web/public/assets/{index-821134e2.js → index-07fafab5.js} +4 -3
data/lib/mihari/web/public/index.html +1 -1
data/lib/mihari.rb +0 -1
data/mihari.gemspec +1 -1
data/mkdocs.yml +1 -0
metadata +3 -130
data/docs/alternatives.md +0 -5
data/docs/analyzers/binaryedge.md +0 -26
data/docs/analyzers/censys.md +0 -31
data/docs/analyzers/circl.md +0 -37
data/docs/analyzers/crtsh.md +0 -26
data/docs/analyzers/dnstwister.md +0 -25
data/docs/analyzers/feed.md +0 -73
data/docs/analyzers/fofa.md +0 -31
data/docs/analyzers/greynoise.md +0 -26
data/docs/analyzers/hunterhow.md +0 -33
data/docs/analyzers/index.md +0 -104
data/docs/analyzers/onyphe.md +0 -26
data/docs/analyzers/otx.md +0 -28
data/docs/analyzers/passivetotal.md +0 -52
data/docs/analyzers/pulsedive.md +0 -28
data/docs/analyzers/securitytrails.md +0 -41
data/docs/analyzers/shodan.md +0 -26
data/docs/analyzers/urlscan.md +0 -28
data/docs/analyzers/virustotal.md +0 -43
data/docs/analyzers/virustotal_intelligence.md +0 -33
data/docs/analyzers/zoomeye.md +0 -38
data/docs/configuration.md +0 -35
data/docs/emitters/database.md +0 -22
data/docs/emitters/hive.md +0 -26
data/docs/emitters/index.md +0 -36
data/docs/emitters/misp.md +0 -21
data/docs/emitters/slack.md +0 -21
data/docs/emitters/webhook.md +0 -63
data/docs/enrichers/google_public_dns.md +0 -19
data/docs/enrichers/index.md +0 -35
data/docs/enrichers/ipinfo.md +0 -26
data/docs/enrichers/shodan.md +0 -22
data/docs/enrichers/whois.md +0 -17
data/docs/github_actions.md +0 -43
data/docs/index.md +0 -11
data/docs/installation.md +0 -31
data/docs/requirements.md +0 -13
data/docs/rule.md +0 -168
data/docs/tags.md +0 -3
data/docs/usage.md +0 -103
data/frontend/.eslintrc.cjs +0 -22
data/frontend/.gitignore +0 -31
data/frontend/.prettierrc.json +0 -8
data/frontend/README.md +0 -3
data/frontend/env.d.ts +0 -5
data/frontend/index.html +0 -21
data/frontend/package-lock.json +0 -7219
data/frontend/package.json +0 -67
data/frontend/public/favicon.ico +0 -0
data/frontend/scripts/swagger_doc_to_yaml.rb +0 -23
data/frontend/src/App.vue +0 -27
data/frontend/src/ace-config.ts +0 -6
data/frontend/src/api-helper.ts +0 -111
data/frontend/src/api.ts +0 -105
data/frontend/src/components/ErrorMessage.vue +0 -31
data/frontend/src/components/Loading.vue +0 -15
data/frontend/src/components/Navbar.vue +0 -42
data/frontend/src/components/Pagination.vue +0 -119
data/frontend/src/components/alert/Alert.vue +0 -87
data/frontend/src/components/alert/Alerts.vue +0 -63
data/frontend/src/components/alert/AlertsWithPagination.vue +0 -90
data/frontend/src/components/alert/AlertsWrapper.vue +0 -128
data/frontend/src/components/alert/Form.vue +0 -169
data/frontend/src/components/artifact/AS.vue +0 -23
data/frontend/src/components/artifact/Artifact.vue +0 -287
data/frontend/src/components/artifact/ArtifactTag.vue +0 -64
data/frontend/src/components/artifact/ArtifactTags.vue +0 -29
data/frontend/src/components/artifact/ArtifactWrapper.vue +0 -57
data/frontend/src/components/artifact/CPEs.vue +0 -23
data/frontend/src/components/artifact/DnsRecords.vue +0 -32
data/frontend/src/components/artifact/Ports.vue +0 -23
data/frontend/src/components/artifact/ReverseDnsNames.vue +0 -23
data/frontend/src/components/artifact/Tags.vue +0 -29
data/frontend/src/components/artifact/WhoisRecord.vue +0 -44
data/frontend/src/components/config/Configs.vue +0 -65
data/frontend/src/components/config/ConfigsWrapper.vue +0 -32
data/frontend/src/components/link/Link.vue +0 -32
data/frontend/src/components/link/Links.vue +0 -42
data/frontend/src/components/rule/EditRule.vue +0 -72
data/frontend/src/components/rule/EditRuleWrapper.vue +0 -48
data/frontend/src/components/rule/Form.vue +0 -158
data/frontend/src/components/rule/InputForm.vue +0 -45
data/frontend/src/components/rule/NewRule.vue +0 -57
data/frontend/src/components/rule/Rule.vue +0 -100
data/frontend/src/components/rule/RuleWrapper.vue +0 -53
data/frontend/src/components/rule/Rules.vue +0 -84
data/frontend/src/components/rule/RulesWrapper.vue +0 -121
data/frontend/src/components/rule/YAML.vue +0 -37
data/frontend/src/components/tag/Tag.vue +0 -65
data/frontend/src/components/tag/Tags.vue +0 -37
data/frontend/src/countries.ts +0 -350
data/frontend/src/index.ts +0 -20
data/frontend/src/links/anyrun.ts +0 -19
data/frontend/src/links/base.ts +0 -14
data/frontend/src/links/censys.ts +0 -20
data/frontend/src/links/crtsh.ts +0 -20
data/frontend/src/links/dnslytics.ts +0 -38
data/frontend/src/links/greynoise.ts +0 -20
data/frontend/src/links/index.ts +0 -40
data/frontend/src/links/intezer.ts +0 -20
data/frontend/src/links/otx.ts +0 -33
data/frontend/src/links/securitytrails.ts +0 -38
data/frontend/src/links/shodan.ts +0 -20
data/frontend/src/links/urlscan.ts +0 -50
data/frontend/src/links/virustotal.ts +0 -72
data/frontend/src/main.ts +0 -41
data/frontend/src/router/index.ts +0 -57
data/frontend/src/rule.ts +0 -14
data/frontend/src/shims-vue.d.ts +0 -6
data/frontend/src/swagger.yaml +0 -771
data/frontend/src/types.ts +0 -188
data/frontend/src/utils.ts +0 -54
data/frontend/src/views/Alerts.vue +0 -20
data/frontend/src/views/Artifact.vue +0 -39
data/frontend/src/views/Configs.vue +0 -20
data/frontend/src/views/EditRule.vue +0 -39
data/frontend/src/views/NewRule.vue +0 -26
data/frontend/src/views/Rule.vue +0 -39
data/frontend/src/views/Rules.vue +0 -20
data/frontend/tests/utils.spec.ts +0 -9
data/frontend/tsconfig.app.json +0 -21
data/frontend/tsconfig.json +0 -14
data/frontend/tsconfig.node.json +0 -13
data/frontend/tsconfig.vitest.json +0 -12
data/frontend/vite.config.ts +0 -24
data/frontend/vitest.config.ts +0 -21
data/lib/mihari/services/alert_proxy.rb +0 -97

data/frontend/src/components/rule/Rules.vue DELETED Viewed

@@ -1,84 +0,0 @@
-<template>
-  <div v-if="hasRules">
-    <table class="table is-fullwidth">
-      <tr>
-        <th>ID</th>
-        <th>Title</th>
-        <th>Description</th>
-        <th>Tags</th>
-      </tr>
-      <tr v-for="rule in rules.rules" :key="rule.id">
-        <td>
-          <router-link :to="{ name: 'Rule', params: { id: rule.id } }">{{ rule.id }}</router-link>
-        </td>
-        <td>
-          {{ rule.title }}
-        </td>
-        <td>
-          {{ rule.description }}
-        </td>
-        <td>
-          <Tags :tags="rule.tags" @update-tag="updateTag"></Tags>
-        </td>
-      </tr>
-    </table>
-  </div>
-  <Pagination
-    :currentPage="rules.currentPage"
-    :total="rules.total"
-    :pageSize="rules.pageSize"
-    @update-page="updatePage"
-  ></Pagination>
-  <p class="help">({{ rules.total }} results in total, {{ rules.rules.length }} shown)</p>
-</template>
-<script lang="ts">
-import { computed, defineComponent, type PropType } from "vue"
-import Pagination from "@/components/Pagination.vue"
-import Tags from "@/components/tag/Tags.vue"
-import type { Rules } from "@/types"
-export default defineComponent({
-  name: "RulesItem",
-  props: {
-    rules: {
-      type: Object as PropType<Rules>,
-      required: true
-    }
-  },
-  components: {
-    Pagination,
-    Tags
-  },
-  emits: ["update-page", "refresh-page", "update-tag"],
-  setup(props, context) {
-    const scrollToTop = () => {
-      window.scrollTo({
-        top: 0
-      })
-    }
-    const updatePage = (page: number) => {
-      scrollToTop()
-      context.emit("update-page", page)
-    }
-    const refreshPage = () => {
-      scrollToTop()
-      context.emit("refresh-page")
-    }
-    const updateTag = (tag: string) => {
-      scrollToTop()
-      context.emit("update-tag", tag)
-    }
-    const hasRules = computed(() => {
-      return props.rules.rules.length > 0
-    })
-    return { updatePage, refreshPage, updateTag, hasRules }
-  }
-})
-</script>

data/frontend/src/components/rule/RulesWrapper.vue DELETED Viewed

@@ -1,121 +0,0 @@
-<template>
-  <div class="box mb-6">
-    <FormComponent
-      ref="form"
-      :tags="getTagsTask.last?.value || []"
-      :page="page"
-      :tag="tag"
-    ></FormComponent>
-    <hr />
-    <div class="column">
-      <div class="field is-grouped is-grouped-centered">
-        <p class="control">
-          <a class="button is-primary" @click="search">
-            <span class="icon is-small">
-              <font-awesome-icon icon="search"></font-awesome-icon>
-            </span>
-            <span>Search</span>
-          </a>
-        </p>
-      </div>
-    </div>
-  </div>
-  <div v-if="getRulesTask.performCount > 0">
-    <hr />
-    <Loading v-if="getRulesTask.isRunning"></Loading>
-    <ErrorMessage v-if="getRulesTask.isError" :error="getRulesTask.last?.error"></ErrorMessage>
-    <Rules
-      :rules="getRulesTask.last.value"
-      v-if="getRulesTask.last?.value"
-      @refresh-page="refreshPage"
-      @update-page="updatePage"
-      @update-tag="updateTag"
-    ></Rules>
-  </div>
-</template>
-<script lang="ts">
-import { defineComponent, nextTick, onMounted, ref, watch } from "vue"
-import { generateGetRulesTask, generateGetTagsTask } from "@/api-helper"
-import ErrorMessage from "@/components/ErrorMessage.vue"
-import Loading from "@/components/Loading.vue"
-import FormComponent from "@/components/rule/Form.vue"
-import Rules from "@/components/rule/Rules.vue"
-import type { RuleSearchParams } from "@/types"
-export default defineComponent({
-  name: "RulesWrapper",
-  components: {
-    Rules,
-    Loading,
-    FormComponent,
-    ErrorMessage
-  },
-  setup() {
-    const page = ref(1)
-    const tag = ref<string | undefined>(undefined)
-    const form = ref<InstanceType<typeof FormComponent>>()
-    const getRulesTask = generateGetRulesTask()
-    const getTagsTask = generateGetTagsTask()
-    const getRules = async () => {
-      const params = form.value?.getSearchParams() as RuleSearchParams
-      return await getRulesTask.perform(params)
-    }
-    const updatePage = (newPage: number) => {
-      page.value = newPage
-    }
-    const resetPage = () => {
-      page.value = 1
-    }
-    const search = async () => {
-      // reset page
-      resetPage()
-      await getRules()
-    }
-    const updateTag = (newTag: string | undefined) => {
-      if (tag.value === newTag) {
-        tag.value = undefined
-      } else {
-        tag.value = newTag
-      }
-      nextTick(async () => await search())
-    }
-    const refreshPage = async () => {
-      // it is just an alias of search
-      // this function will be invoked when a rule is deleted
-      await search()
-    }
-    onMounted(async () => {
-      getTagsTask.perform()
-      await getRules()
-    })
-    watch([page, tag], async () => {
-      nextTick(async () => await getRules())
-    })
-    return {
-      form,
-      getRulesTask,
-      getTagsTask,
-      page,
-      tag,
-      refreshPage,
-      search,
-      updatePage,
-      updateTag
-    }
-  }
-})
-</script>

data/frontend/src/components/rule/YAML.vue DELETED Viewed

@@ -1,37 +0,0 @@
-<template>
-  <div class="block">
-    <VAceEditor
-      class="vue-ace-editor"
-      :value="yaml"
-      lang="yaml"
-      theme="monokai"
-      :options="{
-        readOnly: true,
-        fontSize: 16,
-        maxLines: 10000,
-        minLines: 6
-      }"
-    ></VAceEditor>
-  </div>
-</template>
-<script lang="ts">
-import "@/ace-config"
-import { defineComponent } from "vue"
-import { VAceEditor } from "vue3-ace-editor"
-export default defineComponent({
-  name: "YAML",
-  components: {
-    VAceEditor
-  },
-  props: {
-    yaml: {
-      type: String,
-      required: true
-    }
-  },
-  setup() {}
-})
-</script>

data/frontend/src/components/tag/Tag.vue DELETED Viewed

@@ -1,65 +0,0 @@
-<template>
-  <div class="control" v-if="!isDeleted">
-    <div
-      class="tags has-addons are-medium"
-      v-on:mouseover="showDeleteButton"
-      v-on:mouseleave="hideDeleteButton"
-    >
-      <span class="tag is-info is-light" @click="updateTag">{{ tag.name }}</span>
-      <a class="tag is-delete" v-if="isDeleteButtonEnabled" @click="deleteTag"></a>
-    </div>
-  </div>
-</template>
-<script lang="ts">
-import { defineComponent, type PropType, ref } from "vue"
-import { generateDeleteTagTask } from "@/api-helper"
-import type { Tag } from "@/types"
-export default defineComponent({
-  name: "TagItem",
-  props: {
-    tag: {
-      type: Object as PropType<Tag>,
-      required: true
-    }
-  },
-  setup(props, context) {
-    const isDeleted = ref(false)
-    const isDeleteButtonEnabled = ref(false)
-    const deleteTagTask = generateDeleteTagTask()
-    const deleteTag = async () => {
-      const result = window.confirm(`Are you sure you want to delete ${props.tag.name}?`)
-      if (result) {
-        await deleteTagTask.perform(props.tag.name)
-        isDeleted.value = true
-      }
-    }
-    const showDeleteButton = () => {
-      isDeleteButtonEnabled.value = true
-    }
-    const hideDeleteButton = () => {
-      isDeleteButtonEnabled.value = false
-    }
-    const updateTag = () => {
-      context.emit("update-tag", props.tag.name)
-    }
-    return {
-      updateTag,
-      isDeleted,
-      deleteTag,
-      showDeleteButton,
-      hideDeleteButton,
-      isDeleteButtonEnabled
-    }
-  }
-})
-</script>

data/frontend/src/components/tag/Tags.vue DELETED Viewed

@@ -1,37 +0,0 @@
-<template>
-  <div class="field is-grouped is-grouped-multiline">
-    <TagComponent
-      v-for="tag in tags"
-      :tag="tag"
-      :key="tag.name"
-      @update-tag="updateTag"
-    ></TagComponent>
-  </div>
-</template>
-<script lang="ts">
-import { defineComponent, type PropType } from "vue"
-import TagComponent from "@/components/tag/Tag.vue"
-import type { Tag } from "@/types"
-export default defineComponent({
-  name: "TagsItem",
-  components: {
-    TagComponent
-  },
-  props: {
-    tags: {
-      type: Array as PropType<Tag[]>,
-      required: true
-    }
-  },
-  setup(_, context) {
-    const updateTag = (tag: string) => {
-      context.emit("update-tag", tag)
-    }
-    return { updateTag }
-  }
-})
-</script>