mihari 0.13.1 → 0.13.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: df5ec8a92b6bf1622274b5b488aa544520d15f0360e5274ba466f324f49d0e0e
-  data.tar.gz: eb6149534d02b0ee551f37b7f01a65e3c936851fdb589bf21b1b938cb2f9d963
+  metadata.gz: c5a283261490c642311f94a2cb72a5a1596b2b5b2d3ba1b69d54b7ef785b4d39
+  data.tar.gz: '078f0fa96c14cd90a1c91ba1ca6235c453049b826719fc69db8e2c629e7fcc49'
 SHA512:
-  metadata.gz: 51bd37cf056ad05ba6c5abd499b045ef963de6bb30414168229826a390ff0ee66a751204d6210336e668092a397f4d879c3a0ad39fcd84b381f11c77b42d7c74
-  data.tar.gz: c1ad6709246b86ede8a204b2db51af678149fd5bccfec2701c6562cf52123b1215c18a644091e49f23f352e8d248bc40e1fc84523491c5893670b9bb8f3ee7d8
+  metadata.gz: d9189cbee2cce11c71342a06f741a8ff5d9351aedc0dd84e85378f8e2b4c88275812fa12cf0b8681965b09f27f7009bb7e7267cade8dd0c74655c11e28cd0d35
+  data.tar.gz: ead6cf8241cdba49266abdc455ba8d65287aa1defe9d8dd49a528b7061b26bcf7a23fb80c377d3c26a3a4554e3105aad57775affcf4ee5e720bf31885c1c9558

data/README.md

@@ -69,22 +69,22 @@ mihari supports the following services by default.
 $ mihari
 Commands:
   mihari alerts                               # Show the alerts on TheHive
-  mihari binaryedge [QUERY]                   # BinaryEdge lookup by a given query
-  mihari censys [QUERY]                       # Censys IPv4 lookup by a given query
-  mihari circl [DOMAIN|SHA1]                  # CIRCL passive DNS/SSL lookup by a given domain / SHA1 certificate fingerprint
-  mihari crtsh [QUERY]                        # crt.sh lookup by a given query
-  mihari dnpedia [QUERY]                      # DNPedia domain lookup by a given query
+  mihari binaryedge [QUERY]                   # BinaryEdge host search by a query
+  mihari censys [QUERY]                       # Censys IPv4 search by a query
+  mihari circl [DOMAIN|SHA1]                  # CIRCL passive DNS/SSL lookup by a domain / SHA1 certificate fingerprint
+  mihari crtsh [QUERY]                        # crt.sh search by a query
+  mihari dnpedia [QUERY]                      # DNPedia domain search by a query
   mihari help [COMMAND]                       # Describe available commands or one specific command
   mihari import_from_json                     # Give a JSON input via STDIN
-  mihari onyphe [QUERY]                       # Onyphe datascan lookup by a given query
-  mihari passivetotal [IP|DOMAIN|EMAIL|SHA1]  # PassiveTotal lookup by a given ip / domain / email / SHA1 certificate fingerprint
-  mihari securitytrails [IP|DOMAIN|EMAIL]     # SecurityTrails lookup by a given ip, domain or email
-  mihari securitytrails_domain_feed [REGEXP]  # SecurityTrails new domain feed lookup by a given regexp
-  mihari shodan [QUERY]                       # Shodan host lookup by a given query
+  mihari onyphe [QUERY]                       # Onyphe datascan search by a query
+  mihari passivetotal [IP|DOMAIN|EMAIL|SHA1]  # PassiveTotal lookup by an ip / domain / email / SHA1 certificate fingerprint
+  mihari securitytrails [IP|DOMAIN|EMAIL]     # SecurityTrails lookup by an ip, domain or email
+  mihari securitytrails_domain_feed [REGEXP]  # SecurityTrails new domain feed search by a regexp
+  mihari shodan [QUERY]                       # Shodan host search by a query
   mihari status                               # Show the current configuration status
-  mihari urlscan [QUERY]                      # urlscan lookup by a given query
-  mihari virustotal [IP|DOMAIN]               # VirusTotal resolutions lookup by a given ip or domain
-  mihari zoomeye [QUERY]                      # ZoomEye lookup by a given query
+  mihari urlscan [QUERY]                      # urlscan search by a given query
+  mihari virustotal [IP|DOMAIN]               # VirusTotal resolutions lookup by an ip or domain
+  mihari zoomeye [QUERY]                      # ZoomEye search by a query
 
 ```
 

data/lib/mihari/analyzers/base.rb

@@ -77,7 +77,7 @@ module Mihari
       end
 
       def set_unique_artifacts
-        retry_on_timeout { unique_artifacts }
+        retry_on_error { unique_artifacts }
       rescue ArgumentError => _e
         klass = self.class.to_s.split("::").last.to_s
         raise Error, "Please configure #{klass} API settings properly"

data/lib/mihari/analyzers/urlscan.rb

@@ -40,7 +40,7 @@ module Mihari
       end
 
       def search
-        api.search(query)
+        api.search(query, size: 10_000)
       rescue ::UrlScan::ResponseError => _e
         nil
       end

data/lib/mihari/cli.rb

@@ -5,7 +5,7 @@ require "json"
 
 module Mihari
   class CLI < Thor
-    desc "censys [QUERY]", "Censys IPv4 lookup by a given query"
+    desc "censys [QUERY]", "Censys IPv4 search by a query"
     method_option :title, type: :string, desc: "title"
     method_option :description, type: :string, desc: "description"
     method_option :tags, type: :array, desc: "tags"
@@ -16,7 +16,7 @@ module Mihari
       end
     end
 
-    desc "shodan [QUERY]", "Shodan host lookup by a given query"
+    desc "shodan [QUERY]", "Shodan host search by a query"
     method_option :title, type: :string, desc: "title"
     method_option :description, type: :string, desc: "description"
     method_option :tags, type: :array, desc: "tags"
@@ -26,7 +26,7 @@ module Mihari
       end
     end
 
-    desc "onyphe [QUERY]", "Onyphe datascan lookup by a given query"
+    desc "onyphe [QUERY]", "Onyphe datascan search by a query"
     method_option :title, type: :string, desc: "title"
     method_option :description, type: :string, desc: "description"
     method_option :tags, type: :array, desc: "tags"
@@ -36,7 +36,7 @@ module Mihari
       end
     end
 
-    desc "urlscan [QUERY]", "urlscan lookup by a given query"
+    desc "urlscan [QUERY]", "urlscan search by a given query"
     method_option :title, type: :string, desc: "title"
     method_option :description, type: :string, desc: "description"
     method_option :tags, type: :array, desc: "tags"
@@ -47,7 +47,7 @@ module Mihari
       end
     end
 
-    desc "virustotal [IP|DOMAIN]", "VirusTotal resolutions lookup by a given ip or domain"
+    desc "virustotal [IP|DOMAIN]", "VirusTotal resolutions lookup by an ip or domain"
     method_option :title, type: :string, desc: "title"
     method_option :description, type: :string, desc: "description"
     method_option :tags, type: :array, desc: "tags"
@@ -57,7 +57,7 @@ module Mihari
       end
     end
 
-    desc "securitytrails [IP|DOMAIN|EMAIL]", "SecurityTrails lookup by a given ip, domain or email"
+    desc "securitytrails [IP|DOMAIN|EMAIL]", "SecurityTrails lookup by an ip, domain or email"
     method_option :title, type: :string, desc: "title"
     method_option :description, type: :string, desc: "description"
     method_option :tags, type: :array, desc: "tags"
@@ -68,7 +68,7 @@ module Mihari
     end
     map "st" => :securitytrails
 
-    desc "securitytrails_domain_feed [REGEXP]", "SecurityTrails new domain feed lookup by a given regexp"
+    desc "securitytrails_domain_feed [REGEXP]", "SecurityTrails new domain feed search by a regexp"
     method_option :title, type: :string, desc: "title"
     method_option :description, type: :string, desc: "description"
     method_option :tags, type: :array, desc: "tags"
@@ -80,7 +80,7 @@ module Mihari
     end
     map "st_domain_feed" => :securitytrails_domain_feed
 
-    desc "crtsh [QUERY]", "crt.sh lookup by a given query"
+    desc "crtsh [QUERY]", "crt.sh search by a query"
     method_option :title, type: :string, desc: "title"
     method_option :description, type: :string, desc: "description"
     method_option :tags, type: :array, desc: "tags"
@@ -90,7 +90,7 @@ module Mihari
       end
     end
 
-    desc "dnpedia [QUERY]", "DNPedia domain lookup by a given query"
+    desc "dnpedia [QUERY]", "DNPedia domain search by a query"
     method_option :title, type: :string, desc: "title"
     method_option :description, type: :string, desc: "description"
     method_option :tags, type: :array, desc: "tags"
@@ -100,7 +100,7 @@ module Mihari
       end
     end
 
-    desc "circl [DOMAIN|SHA1]", "CIRCL passive DNS/SSL lookup by a given domain / SHA1 certificate fingerprint"
+    desc "circl [DOMAIN|SHA1]", "CIRCL passive DNS/SSL lookup by a domain / SHA1 certificate fingerprint"
     method_option :title, type: :string, desc: "title"
     method_option :description, type: :string, desc: "description"
     method_option :tags, type: :array, desc: "tags"
@@ -110,7 +110,7 @@ module Mihari
       end
     end
 
-    desc "passivetotal [IP|DOMAIN|EMAIL|SHA1]", "PassiveTotal lookup by a given ip / domain / email / SHA1 certificate fingerprint"
+    desc "passivetotal [IP|DOMAIN|EMAIL|SHA1]", "PassiveTotal lookup by an ip / domain / email / SHA1 certificate fingerprint"
     method_option :title, type: :string, desc: "title"
     method_option :description, type: :string, desc: "description"
     method_option :tags, type: :array, desc: "tags"
@@ -120,7 +120,7 @@ module Mihari
       end
     end
 
-    desc "zoomeye [QUERY]", "ZoomEye lookup by a given query"
+    desc "zoomeye [QUERY]", "ZoomEye search by a query"
     method_option :title, type: :string, desc: "title"
     method_option :description, type: :string, desc: "description"
     method_option :tags, type: :array, desc: "tags"
@@ -131,7 +131,7 @@ module Mihari
       end
     end
 
-    desc "binaryedge [QUERY]", "BinaryEdge lookup by a given query"
+    desc "binaryedge [QUERY]", "BinaryEdge host search by a query"
     method_option :title, type: :string, desc: "title"
     method_option :description, type: :string, desc: "description"
     method_option :tags, type: :array, desc: "tags"

data/lib/mihari/emitters/base.rb

@@ -16,7 +16,7 @@ module Mihari
       end
 
       def run(**params)
-        retry_on_timeout { emit(params) }
+        retry_on_error { emit(params) }
       end
 
       def emit(*)

data/lib/mihari/retriable.rb

@@ -2,12 +2,12 @@
 
 module Mihari
   module Retriable
-    def retry_on_timeout(times: 3, interval: 10)
+    def retry_on_error(times: 3, interval: 10)
       try = 0
       begin
         try += 1
         yield
-      rescue Timeout::Error => _e
+      rescue Errno::ECONNRESET, Errno::ECONNABORTED, Errno::EPIPE, OpenSSL::SSL::SSLError, Timeout::Error => _e
         sleep interval
         retry if try < times
         raise

data/lib/mihari/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Mihari
-  VERSION = "0.13.1"
+  VERSION = "0.13.2"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mihari
 version: !ruby/object:Gem::Version
-  version: 0.13.1
+  version: 0.13.2
 platform: ruby
 authors:
 - Manabu Niseki
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2019-10-28 00:00:00.000000000 Z
+date: 2019-11-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler