mihari 5.7.2 → 6.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/config.ru +2 -0
- data/lib/mihari/analyzers/dnstwister.rb +2 -4
- data/lib/mihari/analyzers/urlscan.rb +1 -4
- data/lib/mihari/cli/main.rb +2 -12
- data/lib/mihari/commands/database.rb +0 -1
- data/lib/mihari/database.rb +2 -4
- data/lib/mihari/emitters/slack.rb +3 -6
- data/lib/mihari/emitters/the_hive.rb +3 -7
- data/lib/mihari/enrichers/google_public_dns.rb +2 -7
- data/lib/mihari/enrichers/ipinfo.rb +1 -3
- data/lib/mihari/enrichers/shodan.rb +1 -3
- data/lib/mihari/enrichers/whois.rb +0 -4
- data/lib/mihari/mixins/refang.rb +1 -4
- data/lib/mihari/mixins/unwrap_error.rb +27 -0
- data/lib/mihari/models/alert.rb +1 -3
- data/lib/mihari/models/artifact.rb +5 -7
- data/lib/mihari/models/rule.rb +1 -2
- data/lib/mihari/rule.rb +14 -10
- data/lib/mihari/service.rb +2 -0
- data/lib/mihari/services/rule_builder.rb +2 -4
- data/lib/mihari/structs/fofa.rb +2 -0
- data/lib/mihari/version.rb +1 -1
- data/lib/mihari/web/app.rb +3 -1
- data/lib/mihari/web/endpoints/alerts.rb +14 -18
- data/lib/mihari/web/endpoints/artifacts.rb +17 -22
- data/lib/mihari/web/endpoints/configs.rb +0 -1
- data/lib/mihari/web/endpoints/ip_addresses.rb +1 -1
- data/lib/mihari/web/endpoints/rules.rb +27 -32
- data/lib/mihari/web/endpoints/tags.rb +7 -9
- data/lib/mihari/web/middleware/connection_adapter.rb +3 -5
- data/lib/mihari/web/middleware/error_notification_adapter.rb +10 -6
- data/lib/mihari/web/public/assets/{index-ec641cb0.js → index-07cddfcd.js} +3 -3
- data/lib/mihari/web/public/index.html +1 -1
- data/lib/mihari/web/public/redoc-static.html +29 -49
- data/lib/mihari.rb +1 -1
- data/mihari.gemspec +10 -12
- data/requirements.txt +1 -1
- metadata +72 -30
- data/lib/mihari/services/rule_runner.rb +0 -19
data/lib/mihari.rb
CHANGED
@@ -55,6 +55,7 @@ require "mihari/mixins/configurable"
|
|
55
55
|
require "mihari/mixins/falsepositive"
|
56
56
|
require "mihari/mixins/refang"
|
57
57
|
require "mihari/mixins/retriable"
|
58
|
+
require "mihari/mixins/unwrap_error"
|
58
59
|
|
59
60
|
#
|
60
61
|
# Mihari module
|
@@ -260,7 +261,6 @@ require "mihari/schemas/rule"
|
|
260
261
|
|
261
262
|
# Services
|
262
263
|
require "mihari/services/rule_builder"
|
263
|
-
require "mihari/services/rule_runner"
|
264
264
|
|
265
265
|
require "mihari/services/alert_builder"
|
266
266
|
require "mihari/services/alert_runner"
|
data/mihari.gemspec
CHANGED
@@ -10,10 +10,6 @@ def ci_env?
|
|
10
10
|
ENV["CI"]
|
11
11
|
end
|
12
12
|
|
13
|
-
def is_ruby2?
|
14
|
-
RUBY_VERSION.to_s.start_with?("2.")
|
15
|
-
end
|
16
|
-
|
17
13
|
Gem::Specification.new do |spec|
|
18
14
|
spec.name = "mihari"
|
19
15
|
spec.version = Mihari::VERSION
|
@@ -24,7 +20,7 @@ Gem::Specification.new do |spec|
|
|
24
20
|
spec.homepage = "https://github.com/ninoseki/mihari"
|
25
21
|
spec.license = "MIT"
|
26
22
|
|
27
|
-
spec.required_ruby_version = ">=
|
23
|
+
spec.required_ruby_version = ">= 3.1"
|
28
24
|
|
29
25
|
spec.metadata["rubygems_mfa_required"] = "true"
|
30
26
|
|
@@ -40,6 +36,8 @@ Gem::Specification.new do |spec|
|
|
40
36
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
41
37
|
spec.require_paths = ["lib"]
|
42
38
|
|
39
|
+
spec.add_development_dependency "better_errors", "~> 2.10"
|
40
|
+
spec.add_development_dependency "binding_of_caller", "~> 1.0"
|
43
41
|
spec.add_development_dependency "bundler", "~> 2.4"
|
44
42
|
spec.add_development_dependency "coveralls_reborn", "~> 0.28"
|
45
43
|
spec.add_development_dependency "fakefs", "~> 2.5"
|
@@ -48,20 +46,20 @@ Gem::Specification.new do |spec|
|
|
48
46
|
spec.add_development_dependency "mysql2", "~> 0.5"
|
49
47
|
spec.add_development_dependency "pg", "~> 1.5"
|
50
48
|
spec.add_development_dependency "rack-test", "~> 2.1"
|
51
|
-
spec.add_development_dependency "rake", "~> 13.
|
49
|
+
spec.add_development_dependency "rake", "~> 13.1"
|
52
50
|
spec.add_development_dependency "rb-fsevent", "~> 0.11"
|
53
51
|
spec.add_development_dependency "rerun", "~> 0.14"
|
54
52
|
spec.add_development_dependency "rspec", "~> 3.12"
|
53
|
+
spec.add_development_dependency "rspec-parameterized", "~> 1.0"
|
55
54
|
spec.add_development_dependency "rubocop-rspec", "~> 2.25"
|
55
|
+
spec.add_development_dependency "rubocop-yard", "~> 0.8"
|
56
56
|
spec.add_development_dependency "simplecov-lcov", "~> 0.8"
|
57
|
-
spec.add_development_dependency "standard", "~> 1.
|
57
|
+
spec.add_development_dependency "standard", "~> 1.32"
|
58
58
|
spec.add_development_dependency "test-prof", "~> 1.2"
|
59
59
|
spec.add_development_dependency "timecop", "~> 0.9"
|
60
60
|
spec.add_development_dependency "vcr", "~> 6.2"
|
61
61
|
spec.add_development_dependency "webmock", "~> 3.19"
|
62
62
|
|
63
|
-
spec.add_development_dependency "rubocop-yard", "~> 0.7" unless is_ruby2?
|
64
|
-
|
65
63
|
unless ci_env?
|
66
64
|
spec.add_development_dependency "lefthook", "~> 1.5"
|
67
65
|
spec.add_development_dependency "solargraph", "~> 0.49"
|
@@ -79,9 +77,9 @@ Gem::Specification.new do |spec|
|
|
79
77
|
spec.add_dependency "dry-struct", "1.6.0"
|
80
78
|
spec.add_dependency "dry-validation", "1.10.0"
|
81
79
|
spec.add_dependency "email_address", "0.2.4"
|
82
|
-
spec.add_dependency "grape", "
|
80
|
+
spec.add_dependency "grape", "2.0.0"
|
83
81
|
spec.add_dependency "grape-entity", "1.0.0"
|
84
|
-
spec.add_dependency "grape-swagger", "
|
82
|
+
spec.add_dependency "grape-swagger", "2.0.0"
|
85
83
|
spec.add_dependency "grape-swagger-entity", "0.5.2"
|
86
84
|
spec.add_dependency "http", "5.1.1"
|
87
85
|
spec.add_dependency "jr-cli", "0.6.0"
|
@@ -90,7 +88,7 @@ Gem::Specification.new do |spec|
|
|
90
88
|
spec.add_dependency "normalize_country", "0.3.2"
|
91
89
|
spec.add_dependency "parallel", "1.23.0"
|
92
90
|
spec.add_dependency "plissken", "2.0.1"
|
93
|
-
spec.add_dependency "public_suffix", "5.0.
|
91
|
+
spec.add_dependency "public_suffix", "5.0.4"
|
94
92
|
spec.add_dependency "puma", "6.4.0"
|
95
93
|
spec.add_dependency "rack", "3.0.8"
|
96
94
|
spec.add_dependency "rack-cors", "2.0.1"
|
data/requirements.txt
CHANGED
@@ -1,2 +1,2 @@
|
|
1
1
|
mkdocs==1.5.3
|
2
|
-
mkdocs-material==9.4.
|
2
|
+
mkdocs-material==9.4.8
|
metadata
CHANGED
@@ -1,15 +1,43 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: mihari
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 6.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Manabu Niseki
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-11-
|
11
|
+
date: 2023-11-18 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: better_errors
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '2.10'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '2.10'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: binding_of_caller
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '1.0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '1.0'
|
13
41
|
- !ruby/object:Gem::Dependency
|
14
42
|
name: bundler
|
15
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -128,14 +156,14 @@ dependencies:
|
|
128
156
|
requirements:
|
129
157
|
- - "~>"
|
130
158
|
- !ruby/object:Gem::Version
|
131
|
-
version: '13.
|
159
|
+
version: '13.1'
|
132
160
|
type: :development
|
133
161
|
prerelease: false
|
134
162
|
version_requirements: !ruby/object:Gem::Requirement
|
135
163
|
requirements:
|
136
164
|
- - "~>"
|
137
165
|
- !ruby/object:Gem::Version
|
138
|
-
version: '13.
|
166
|
+
version: '13.1'
|
139
167
|
- !ruby/object:Gem::Dependency
|
140
168
|
name: rb-fsevent
|
141
169
|
requirement: !ruby/object:Gem::Requirement
|
@@ -178,6 +206,20 @@ dependencies:
|
|
178
206
|
- - "~>"
|
179
207
|
- !ruby/object:Gem::Version
|
180
208
|
version: '3.12'
|
209
|
+
- !ruby/object:Gem::Dependency
|
210
|
+
name: rspec-parameterized
|
211
|
+
requirement: !ruby/object:Gem::Requirement
|
212
|
+
requirements:
|
213
|
+
- - "~>"
|
214
|
+
- !ruby/object:Gem::Version
|
215
|
+
version: '1.0'
|
216
|
+
type: :development
|
217
|
+
prerelease: false
|
218
|
+
version_requirements: !ruby/object:Gem::Requirement
|
219
|
+
requirements:
|
220
|
+
- - "~>"
|
221
|
+
- !ruby/object:Gem::Version
|
222
|
+
version: '1.0'
|
181
223
|
- !ruby/object:Gem::Dependency
|
182
224
|
name: rubocop-rspec
|
183
225
|
requirement: !ruby/object:Gem::Requirement
|
@@ -192,6 +234,20 @@ dependencies:
|
|
192
234
|
- - "~>"
|
193
235
|
- !ruby/object:Gem::Version
|
194
236
|
version: '2.25'
|
237
|
+
- !ruby/object:Gem::Dependency
|
238
|
+
name: rubocop-yard
|
239
|
+
requirement: !ruby/object:Gem::Requirement
|
240
|
+
requirements:
|
241
|
+
- - "~>"
|
242
|
+
- !ruby/object:Gem::Version
|
243
|
+
version: '0.8'
|
244
|
+
type: :development
|
245
|
+
prerelease: false
|
246
|
+
version_requirements: !ruby/object:Gem::Requirement
|
247
|
+
requirements:
|
248
|
+
- - "~>"
|
249
|
+
- !ruby/object:Gem::Version
|
250
|
+
version: '0.8'
|
195
251
|
- !ruby/object:Gem::Dependency
|
196
252
|
name: simplecov-lcov
|
197
253
|
requirement: !ruby/object:Gem::Requirement
|
@@ -212,14 +268,14 @@ dependencies:
|
|
212
268
|
requirements:
|
213
269
|
- - "~>"
|
214
270
|
- !ruby/object:Gem::Version
|
215
|
-
version: '1.
|
271
|
+
version: '1.32'
|
216
272
|
type: :development
|
217
273
|
prerelease: false
|
218
274
|
version_requirements: !ruby/object:Gem::Requirement
|
219
275
|
requirements:
|
220
276
|
- - "~>"
|
221
277
|
- !ruby/object:Gem::Version
|
222
|
-
version: '1.
|
278
|
+
version: '1.32'
|
223
279
|
- !ruby/object:Gem::Dependency
|
224
280
|
name: test-prof
|
225
281
|
requirement: !ruby/object:Gem::Requirement
|
@@ -276,20 +332,6 @@ dependencies:
|
|
276
332
|
- - "~>"
|
277
333
|
- !ruby/object:Gem::Version
|
278
334
|
version: '3.19'
|
279
|
-
- !ruby/object:Gem::Dependency
|
280
|
-
name: rubocop-yard
|
281
|
-
requirement: !ruby/object:Gem::Requirement
|
282
|
-
requirements:
|
283
|
-
- - "~>"
|
284
|
-
- !ruby/object:Gem::Version
|
285
|
-
version: '0.7'
|
286
|
-
type: :development
|
287
|
-
prerelease: false
|
288
|
-
version_requirements: !ruby/object:Gem::Requirement
|
289
|
-
requirements:
|
290
|
-
- - "~>"
|
291
|
-
- !ruby/object:Gem::Version
|
292
|
-
version: '0.7'
|
293
335
|
- !ruby/object:Gem::Dependency
|
294
336
|
name: lefthook
|
295
337
|
requirement: !ruby/object:Gem::Requirement
|
@@ -492,14 +534,14 @@ dependencies:
|
|
492
534
|
requirements:
|
493
535
|
- - '='
|
494
536
|
- !ruby/object:Gem::Version
|
495
|
-
version:
|
537
|
+
version: 2.0.0
|
496
538
|
type: :runtime
|
497
539
|
prerelease: false
|
498
540
|
version_requirements: !ruby/object:Gem::Requirement
|
499
541
|
requirements:
|
500
542
|
- - '='
|
501
543
|
- !ruby/object:Gem::Version
|
502
|
-
version:
|
544
|
+
version: 2.0.0
|
503
545
|
- !ruby/object:Gem::Dependency
|
504
546
|
name: grape-entity
|
505
547
|
requirement: !ruby/object:Gem::Requirement
|
@@ -520,14 +562,14 @@ dependencies:
|
|
520
562
|
requirements:
|
521
563
|
- - '='
|
522
564
|
- !ruby/object:Gem::Version
|
523
|
-
version:
|
565
|
+
version: 2.0.0
|
524
566
|
type: :runtime
|
525
567
|
prerelease: false
|
526
568
|
version_requirements: !ruby/object:Gem::Requirement
|
527
569
|
requirements:
|
528
570
|
- - '='
|
529
571
|
- !ruby/object:Gem::Version
|
530
|
-
version:
|
572
|
+
version: 2.0.0
|
531
573
|
- !ruby/object:Gem::Dependency
|
532
574
|
name: grape-swagger-entity
|
533
575
|
requirement: !ruby/object:Gem::Requirement
|
@@ -646,14 +688,14 @@ dependencies:
|
|
646
688
|
requirements:
|
647
689
|
- - '='
|
648
690
|
- !ruby/object:Gem::Version
|
649
|
-
version: 5.0.
|
691
|
+
version: 5.0.4
|
650
692
|
type: :runtime
|
651
693
|
prerelease: false
|
652
694
|
version_requirements: !ruby/object:Gem::Requirement
|
653
695
|
requirements:
|
654
696
|
- - '='
|
655
697
|
- !ruby/object:Gem::Version
|
656
|
-
version: 5.0.
|
698
|
+
version: 5.0.4
|
657
699
|
- !ruby/object:Gem::Dependency
|
658
700
|
name: puma
|
659
701
|
requirement: !ruby/object:Gem::Requirement
|
@@ -949,6 +991,7 @@ files:
|
|
949
991
|
- lib/mihari/mixins/falsepositive.rb
|
950
992
|
- lib/mihari/mixins/refang.rb
|
951
993
|
- lib/mihari/mixins/retriable.rb
|
994
|
+
- lib/mihari/mixins/unwrap_error.rb
|
952
995
|
- lib/mihari/models/alert.rb
|
953
996
|
- lib/mihari/models/artifact.rb
|
954
997
|
- lib/mihari/models/autonomous_system.rb
|
@@ -974,7 +1017,6 @@ files:
|
|
974
1017
|
- lib/mihari/services/alert_builder.rb
|
975
1018
|
- lib/mihari/services/alert_runner.rb
|
976
1019
|
- lib/mihari/services/rule_builder.rb
|
977
|
-
- lib/mihari/services/rule_runner.rb
|
978
1020
|
- lib/mihari/structs/binaryedge.rb
|
979
1021
|
- lib/mihari/structs/censys.rb
|
980
1022
|
- lib/mihari/structs/config.rb
|
@@ -1001,8 +1043,8 @@ files:
|
|
1001
1043
|
- lib/mihari/web/endpoints/tags.rb
|
1002
1044
|
- lib/mihari/web/middleware/connection_adapter.rb
|
1003
1045
|
- lib/mihari/web/middleware/error_notification_adapter.rb
|
1046
|
+
- lib/mihari/web/public/assets/index-07cddfcd.js
|
1004
1047
|
- lib/mihari/web/public/assets/index-56fc2187.css
|
1005
|
-
- lib/mihari/web/public/assets/index-ec641cb0.js
|
1006
1048
|
- lib/mihari/web/public/assets/mode-yaml-24faa242.js
|
1007
1049
|
- lib/mihari/web/public/favicon.ico
|
1008
1050
|
- lib/mihari/web/public/index.html
|
@@ -1024,14 +1066,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
1024
1066
|
requirements:
|
1025
1067
|
- - ">="
|
1026
1068
|
- !ruby/object:Gem::Version
|
1027
|
-
version: '
|
1069
|
+
version: '3.1'
|
1028
1070
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
1029
1071
|
requirements:
|
1030
1072
|
- - ">="
|
1031
1073
|
- !ruby/object:Gem::Version
|
1032
1074
|
version: '0'
|
1033
1075
|
requirements: []
|
1034
|
-
rubygems_version: 3.4.
|
1076
|
+
rubygems_version: 3.4.10
|
1035
1077
|
signing_key:
|
1036
1078
|
specification_version: 4
|
1037
1079
|
summary: A query aggregator for OSINT based threat hunting
|
@@ -1,19 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module Mihari
|
4
|
-
module Services
|
5
|
-
#
|
6
|
-
# Rule runner
|
7
|
-
#
|
8
|
-
class RuleRunner < Service
|
9
|
-
#
|
10
|
-
# @params [Mihari::Rule]
|
11
|
-
#
|
12
|
-
# @return [Mihari::Models::Alert, nil]
|
13
|
-
#
|
14
|
-
def call(rule)
|
15
|
-
rule.call
|
16
|
-
end
|
17
|
-
end
|
18
|
-
end
|
19
|
-
end
|