mihari 5.7.0 → 5.7.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (192) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop.yml +1 -1
  3. data/lib/mihari/actor.rb +10 -4
  4. data/lib/mihari/cli/main.rb +2 -0
  5. data/lib/mihari/clients/base.rb +23 -1
  6. data/lib/mihari/clients/binaryedge.rb +1 -3
  7. data/lib/mihari/clients/censys.rb +1 -2
  8. data/lib/mihari/clients/crtsh.rb +2 -3
  9. data/lib/mihari/clients/dnstwister.rb +1 -2
  10. data/lib/mihari/clients/fofa.rb +1 -3
  11. data/lib/mihari/clients/greynoise.rb +1 -2
  12. data/lib/mihari/clients/hunterhow.rb +1 -2
  13. data/lib/mihari/clients/misp.rb +1 -2
  14. data/lib/mihari/clients/onyphe.rb +1 -2
  15. data/lib/mihari/clients/otx.rb +2 -14
  16. data/lib/mihari/clients/passivetotal.rb +3 -16
  17. data/lib/mihari/clients/publsedive.rb +2 -17
  18. data/lib/mihari/clients/securitytrails.rb +3 -25
  19. data/lib/mihari/clients/shodan.rb +1 -2
  20. data/lib/mihari/clients/the_hive.rb +1 -2
  21. data/lib/mihari/clients/urlscan.rb +1 -2
  22. data/lib/mihari/clients/virustotal.rb +3 -17
  23. data/lib/mihari/clients/zoomeye.rb +9 -19
  24. data/lib/mihari/commands/alert.rb +11 -9
  25. data/lib/mihari/commands/database.rb +4 -1
  26. data/lib/mihari/commands/mixins.rb +11 -0
  27. data/lib/mihari/commands/search.rb +13 -32
  28. data/lib/mihari/constants.rb +1 -1
  29. data/lib/mihari/database.rb +1 -1
  30. data/lib/mihari/enrichers/ipinfo.rb +1 -1
  31. data/lib/mihari/entities/tag.rb +1 -0
  32. data/lib/mihari/http.rb +13 -11
  33. data/lib/mihari/rule.rb +14 -0
  34. data/lib/mihari/service.rb +12 -2
  35. data/lib/mihari/services/alert_builder.rb +81 -8
  36. data/lib/mihari/services/alert_runner.rb +3 -10
  37. data/lib/mihari/services/rule_builder.rb +8 -10
  38. data/lib/mihari/services/rule_runner.rb +2 -25
  39. data/lib/mihari/structs/binaryedge.rb +9 -0
  40. data/lib/mihari/structs/censys.rb +0 -14
  41. data/lib/mihari/structs/fofa.rb +3 -0
  42. data/lib/mihari/structs/google_public_dns.rb +0 -4
  43. data/lib/mihari/structs/greynoise.rb +0 -6
  44. data/lib/mihari/structs/hunterhow.rb +0 -6
  45. data/lib/mihari/structs/ipinfo.rb +0 -2
  46. data/lib/mihari/structs/onyphe.rb +0 -4
  47. data/lib/mihari/structs/shodan.rb +0 -2
  48. data/lib/mihari/structs/urlscan.rb +0 -6
  49. data/lib/mihari/structs/virustotal_intelligence.rb +0 -8
  50. data/lib/mihari/version.rb +1 -1
  51. data/lib/mihari/web/app.rb +20 -17
  52. data/lib/mihari/web/endpoints/alerts.rb +75 -38
  53. data/lib/mihari/web/endpoints/artifacts.rb +60 -53
  54. data/lib/mihari/web/endpoints/ip_addresses.rb +19 -4
  55. data/lib/mihari/web/endpoints/rules.rb +132 -88
  56. data/lib/mihari/web/endpoints/tags.rb +15 -13
  57. data/lib/mihari/web/middleware/error_notification_adapter.rb +8 -3
  58. data/lib/mihari/web/public/assets/{index-821134e2.js → index-ec641cb0.js} +45 -44
  59. data/lib/mihari/web/public/index.html +1 -1
  60. data/lib/mihari/web/public/redoc-static.html +400 -400
  61. data/lib/mihari.rb +0 -2
  62. data/mihari.gemspec +5 -5
  63. data/mkdocs.yml +14 -7
  64. metadata +13 -140
  65. data/docs/alternatives.md +0 -5
  66. data/docs/analyzers/binaryedge.md +0 -26
  67. data/docs/analyzers/censys.md +0 -31
  68. data/docs/analyzers/circl.md +0 -37
  69. data/docs/analyzers/crtsh.md +0 -26
  70. data/docs/analyzers/dnstwister.md +0 -25
  71. data/docs/analyzers/feed.md +0 -73
  72. data/docs/analyzers/fofa.md +0 -31
  73. data/docs/analyzers/greynoise.md +0 -26
  74. data/docs/analyzers/hunterhow.md +0 -33
  75. data/docs/analyzers/index.md +0 -104
  76. data/docs/analyzers/onyphe.md +0 -26
  77. data/docs/analyzers/otx.md +0 -28
  78. data/docs/analyzers/passivetotal.md +0 -52
  79. data/docs/analyzers/pulsedive.md +0 -28
  80. data/docs/analyzers/securitytrails.md +0 -41
  81. data/docs/analyzers/shodan.md +0 -26
  82. data/docs/analyzers/urlscan.md +0 -28
  83. data/docs/analyzers/virustotal.md +0 -43
  84. data/docs/analyzers/virustotal_intelligence.md +0 -33
  85. data/docs/analyzers/zoomeye.md +0 -38
  86. data/docs/configuration.md +0 -35
  87. data/docs/emitters/database.md +0 -22
  88. data/docs/emitters/hive.md +0 -26
  89. data/docs/emitters/index.md +0 -36
  90. data/docs/emitters/misp.md +0 -21
  91. data/docs/emitters/slack.md +0 -21
  92. data/docs/emitters/webhook.md +0 -63
  93. data/docs/enrichers/google_public_dns.md +0 -19
  94. data/docs/enrichers/index.md +0 -35
  95. data/docs/enrichers/ipinfo.md +0 -26
  96. data/docs/enrichers/shodan.md +0 -22
  97. data/docs/enrichers/whois.md +0 -17
  98. data/docs/github_actions.md +0 -43
  99. data/docs/index.md +0 -11
  100. data/docs/installation.md +0 -31
  101. data/docs/requirements.md +0 -13
  102. data/docs/rule.md +0 -168
  103. data/docs/tags.md +0 -3
  104. data/docs/usage.md +0 -103
  105. data/frontend/.eslintrc.cjs +0 -22
  106. data/frontend/.gitignore +0 -31
  107. data/frontend/.prettierrc.json +0 -8
  108. data/frontend/README.md +0 -3
  109. data/frontend/env.d.ts +0 -5
  110. data/frontend/index.html +0 -21
  111. data/frontend/package-lock.json +0 -7219
  112. data/frontend/package.json +0 -67
  113. data/frontend/public/favicon.ico +0 -0
  114. data/frontend/scripts/swagger_doc_to_yaml.rb +0 -23
  115. data/frontend/src/App.vue +0 -27
  116. data/frontend/src/ace-config.ts +0 -6
  117. data/frontend/src/api-helper.ts +0 -111
  118. data/frontend/src/api.ts +0 -105
  119. data/frontend/src/components/ErrorMessage.vue +0 -31
  120. data/frontend/src/components/Loading.vue +0 -15
  121. data/frontend/src/components/Navbar.vue +0 -42
  122. data/frontend/src/components/Pagination.vue +0 -119
  123. data/frontend/src/components/alert/Alert.vue +0 -87
  124. data/frontend/src/components/alert/Alerts.vue +0 -63
  125. data/frontend/src/components/alert/AlertsWithPagination.vue +0 -90
  126. data/frontend/src/components/alert/AlertsWrapper.vue +0 -128
  127. data/frontend/src/components/alert/Form.vue +0 -169
  128. data/frontend/src/components/artifact/AS.vue +0 -23
  129. data/frontend/src/components/artifact/Artifact.vue +0 -287
  130. data/frontend/src/components/artifact/ArtifactTag.vue +0 -64
  131. data/frontend/src/components/artifact/ArtifactTags.vue +0 -29
  132. data/frontend/src/components/artifact/ArtifactWrapper.vue +0 -57
  133. data/frontend/src/components/artifact/CPEs.vue +0 -23
  134. data/frontend/src/components/artifact/DnsRecords.vue +0 -32
  135. data/frontend/src/components/artifact/Ports.vue +0 -23
  136. data/frontend/src/components/artifact/ReverseDnsNames.vue +0 -23
  137. data/frontend/src/components/artifact/Tags.vue +0 -29
  138. data/frontend/src/components/artifact/WhoisRecord.vue +0 -44
  139. data/frontend/src/components/config/Configs.vue +0 -65
  140. data/frontend/src/components/config/ConfigsWrapper.vue +0 -32
  141. data/frontend/src/components/link/Link.vue +0 -32
  142. data/frontend/src/components/link/Links.vue +0 -42
  143. data/frontend/src/components/rule/EditRule.vue +0 -72
  144. data/frontend/src/components/rule/EditRuleWrapper.vue +0 -48
  145. data/frontend/src/components/rule/Form.vue +0 -158
  146. data/frontend/src/components/rule/InputForm.vue +0 -45
  147. data/frontend/src/components/rule/NewRule.vue +0 -57
  148. data/frontend/src/components/rule/Rule.vue +0 -100
  149. data/frontend/src/components/rule/RuleWrapper.vue +0 -53
  150. data/frontend/src/components/rule/Rules.vue +0 -84
  151. data/frontend/src/components/rule/RulesWrapper.vue +0 -121
  152. data/frontend/src/components/rule/YAML.vue +0 -37
  153. data/frontend/src/components/tag/Tag.vue +0 -65
  154. data/frontend/src/components/tag/Tags.vue +0 -37
  155. data/frontend/src/countries.ts +0 -350
  156. data/frontend/src/index.ts +0 -20
  157. data/frontend/src/links/anyrun.ts +0 -19
  158. data/frontend/src/links/base.ts +0 -14
  159. data/frontend/src/links/censys.ts +0 -20
  160. data/frontend/src/links/crtsh.ts +0 -20
  161. data/frontend/src/links/dnslytics.ts +0 -38
  162. data/frontend/src/links/greynoise.ts +0 -20
  163. data/frontend/src/links/index.ts +0 -40
  164. data/frontend/src/links/intezer.ts +0 -20
  165. data/frontend/src/links/otx.ts +0 -33
  166. data/frontend/src/links/securitytrails.ts +0 -38
  167. data/frontend/src/links/shodan.ts +0 -20
  168. data/frontend/src/links/urlscan.ts +0 -50
  169. data/frontend/src/links/virustotal.ts +0 -72
  170. data/frontend/src/main.ts +0 -41
  171. data/frontend/src/router/index.ts +0 -57
  172. data/frontend/src/rule.ts +0 -14
  173. data/frontend/src/shims-vue.d.ts +0 -6
  174. data/frontend/src/swagger.yaml +0 -771
  175. data/frontend/src/types.ts +0 -188
  176. data/frontend/src/utils.ts +0 -54
  177. data/frontend/src/views/Alerts.vue +0 -20
  178. data/frontend/src/views/Artifact.vue +0 -39
  179. data/frontend/src/views/Configs.vue +0 -20
  180. data/frontend/src/views/EditRule.vue +0 -39
  181. data/frontend/src/views/NewRule.vue +0 -26
  182. data/frontend/src/views/Rule.vue +0 -39
  183. data/frontend/src/views/Rules.vue +0 -20
  184. data/frontend/tests/utils.spec.ts +0 -9
  185. data/frontend/tsconfig.app.json +0 -21
  186. data/frontend/tsconfig.json +0 -14
  187. data/frontend/tsconfig.node.json +0 -13
  188. data/frontend/tsconfig.vitest.json +0 -12
  189. data/frontend/vite.config.ts +0 -24
  190. data/frontend/vitest.config.ts +0 -21
  191. data/lib/mihari/mixins/error_notification.rb +0 -21
  192. data/lib/mihari/services/alert_proxy.rb +0 -97
@@ -1,50 +0,0 @@
1
- import { BaseLink } from "@/links/base"
2
- import type { Link, LinkType } from "@/types"
3
-
4
- class Urlscan extends BaseLink {
5
- public baseURL: string
6
- public name: string
7
- public type: LinkType
8
-
9
- public constructor() {
10
- super()
11
-
12
- this.baseURL = "https://urlscan.io"
13
- this.name = "urlscan.io"
14
- this.type = "domain"
15
- }
16
- }
17
-
18
- export class UrlscanForDomain extends Urlscan implements Link {
19
- public constructor() {
20
- super()
21
- this.type = "domain"
22
- }
23
-
24
- public href(data: string): string {
25
- return this.baseURL + `/domain/${data}`
26
- }
27
- }
28
-
29
- export class UrlscanForIP extends Urlscan implements Link {
30
- public constructor() {
31
- super()
32
- this.type = "ip"
33
- }
34
-
35
- public href(data: string): string {
36
- return this.baseURL + `/ip/${data}`
37
- }
38
- }
39
-
40
- export class UrlscanForURL extends Urlscan implements Link {
41
- public constructor() {
42
- super()
43
- this.type = "url"
44
- }
45
-
46
- public href(url: string): string {
47
- const query = encodeURIComponent(`page.url:"${url}" OR task.url:"${url}"`)
48
- return this.baseURL + `/search/#${query}`
49
- }
50
- }
@@ -1,72 +0,0 @@
1
- import { sha256 } from "js-sha256"
2
- import URL from "url-parse"
3
-
4
- import { BaseLink } from "@/links/base"
5
- import type { Link, LinkType } from "@/types"
6
-
7
- class VirusTotal extends BaseLink {
8
- public baseURL: string
9
- public name: string
10
- public type: LinkType
11
-
12
- public constructor() {
13
- super()
14
-
15
- this.name = "VirusTotal"
16
- this.baseURL = "https://www.virustotal.com"
17
- this.type = "domain"
18
- }
19
- }
20
-
21
- export class VirusTotalForDomain extends VirusTotal implements Link {
22
- public constructor() {
23
- super()
24
- this.type = "domain"
25
- }
26
-
27
- public href(data: string): string {
28
- return this.baseURL + `/gui/domain/${data}/detection`
29
- }
30
- }
31
-
32
- export class VirusTotalForIP extends VirusTotal implements Link {
33
- public constructor() {
34
- super()
35
- this.type = "ip"
36
- }
37
-
38
- public href(data: string): string {
39
- return this.baseURL + `/gui/ip-address/${data}/details`
40
- }
41
- }
42
-
43
- export class VirusTotalForURL extends VirusTotal implements Link {
44
- public constructor() {
45
- super()
46
- this.type = "url"
47
- }
48
-
49
- public href(data: string): string {
50
- const hash = sha256(this.normalizeURL(data))
51
- return this.baseURL + `/gui/url/${hash}/details`
52
- }
53
-
54
- private normalizeURL(uri: string): string {
55
- const parsedUrl = new URL(uri)
56
- if (parsedUrl.pathname === "/" && !uri.endsWith("/")) {
57
- return `${uri}/`
58
- }
59
- return uri
60
- }
61
- }
62
-
63
- export class VirusTotalForHash extends VirusTotal implements Link {
64
- public constructor() {
65
- super()
66
- this.type = "hash"
67
- }
68
-
69
- public href(data: string): string {
70
- return this.baseURL + `/gui/file/${data}/details`
71
- }
72
- }
data/frontend/src/main.ts DELETED
@@ -1,41 +0,0 @@
1
- import "bulma/css/bulma.css"
2
- import "bulma-helpers/css/bulma-helpers.min.css"
3
- import "font-awesome-animation/css/font-awesome-animation.min.css"
4
-
5
- import { library } from "@fortawesome/fontawesome-svg-core"
6
- import {
7
- faArrowRight,
8
- faCheck,
9
- faEdit,
10
- faExclamation,
11
- faInfoCircle,
12
- faLightbulb,
13
- faPlus,
14
- faSearch,
15
- faSpinner,
16
- faTimes
17
- } from "@fortawesome/free-solid-svg-icons"
18
- import { FontAwesomeIcon } from "@fortawesome/vue-fontawesome"
19
- import { createApp } from "vue"
20
-
21
- import App from "@/App.vue"
22
- import router from "@/router"
23
-
24
- library.add(
25
- faArrowRight,
26
- faCheck,
27
- faEdit,
28
- faExclamation,
29
- faInfoCircle,
30
- faLightbulb,
31
- faPlus,
32
- faSearch,
33
- faSpinner,
34
- faTimes
35
- )
36
-
37
- const app = createApp(App)
38
-
39
- app.component("font-awesome-icon", FontAwesomeIcon)
40
-
41
- app.use(router).mount("#app")
@@ -1,57 +0,0 @@
1
- import { createRouter, createWebHashHistory, type RouteRecordRaw } from "vue-router"
2
-
3
- import Alerts from "@/views/Alerts.vue"
4
- import Artifact from "@/views/Artifact.vue"
5
- import Configs from "@/views/Configs.vue"
6
- import EditRule from "@/views/EditRule.vue"
7
- import NewRule from "@/views/NewRule.vue"
8
- import Rule from "@/views/Rule.vue"
9
- import Rules from "@/views/Rules.vue"
10
-
11
- const routes: Array<RouteRecordRaw> = [
12
- {
13
- path: "/",
14
- name: "Alerts",
15
- component: Alerts
16
- },
17
- {
18
- path: "/configs",
19
- name: "Configs",
20
- component: Configs
21
- },
22
- {
23
- path: "/artifacts/:id",
24
- name: "Artifact",
25
- component: Artifact,
26
- props: true
27
- },
28
- {
29
- path: "/rules",
30
- name: "Rules",
31
- component: Rules
32
- },
33
- {
34
- path: "/rules/new",
35
- name: "NewRule",
36
- component: NewRule
37
- },
38
- {
39
- path: "/rules/:id",
40
- name: "Rule",
41
- component: Rule,
42
- props: true
43
- },
44
- {
45
- path: "/rules/:id/edit",
46
- name: "EditRule",
47
- component: EditRule,
48
- props: true
49
- }
50
- ]
51
-
52
- const router = createRouter({
53
- history: createWebHashHistory(),
54
- routes
55
- })
56
-
57
- export default router
data/frontend/src/rule.ts DELETED
@@ -1,14 +0,0 @@
1
- import dayjs from "dayjs"
2
- import dedent from "ts-dedent"
3
- import { v4 } from "uuid"
4
-
5
- export function getRuleTemplate(): string {
6
- const id = v4()
7
- const now = dayjs()
8
-
9
- return dedent`id: ${id}
10
- title: Title goes here
11
- description: Description goes here
12
- created_on: ${now.format("YYYY-MM-DD")}
13
- queries: []`
14
- }
@@ -1,6 +0,0 @@
1
- /* eslint-disable */
2
- declare module "*.vue" {
3
- import type { DefineComponent } from "vue"
4
- const component: DefineComponent<{}, {}, any>
5
- export default component
6
- }