RubyGems - mihari - Versions diffs - 0.17.2 → 0.17.3 - Mend

mihari 0.17.2 → 0.17.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 367b7027b640dde4fc89756b705635f0660de7c951e0dd88f14d860ff5b127ef
-  data.tar.gz: 5562e36302f6c195c0e45123bc1bc1a26dd5938073f02e945ef1f4823d34cd73
+  metadata.gz: 4cb8eb51d1aeff148fce824719c4c6b7730a19cc4c69434318cef07c26cf6b81
+  data.tar.gz: 8442809cef20850e40f203ee1dd91a448846c372d3595fae0c35429b4209795a
 SHA512:
-  metadata.gz: b1b2a4e65ecdb8e5d3a3d9cc4168571ecf8d137422e0cfa1dc5db46e79d48568bbe25d31fbd258c3c04374dd831ea5b681b2faffa17e8ccecc85917afda62663
-  data.tar.gz: b2ace33abecfbe7bc0be627e04a95f930c30ea3413d80da32dcc7b4617de9b121ae2f617d469959c89a3d39daec28c7faec1af30df5c9f30d7f9f80861ebce5a
+  metadata.gz: 5b772bace499921b8ddd53f09a9a908e143cfff6ac21604c31656f8313d850c2a5b588048e913ef8d51cb0c8efacc1a5babcca8b649f73b729a324565d2543a4
+  data.tar.gz: db0c6ef09b91a6fe15be0412f0b980246bbe049c58f19e2bc79ce17f8ed7956e027e6d072983db7fe49581083821a2728a27e5df1c42c723c69618bdc4ac0792

data/README.md CHANGED

@@ -6,12 +6,12 @@
 [![Coverage Status](https://coveralls.io/repos/github/ninoseki/mihari/badge.svg?branch=master)](https://coveralls.io/github/ninoseki/mihari?branch=master)
 [![CodeFactor](https://www.codefactor.io/repository/github/ninoseki/mihari/badge)](https://www.codefactor.io/repository/github/ninoseki/mihari)
-Mihari is a sidekick tool for [TheHive](https://github.com/TheHive-Project/TheHive) for monitoring malicious hosts (C2 / landing page / phishing, etc.) continuously.
+Mihari is a helper to run queries & manage results continuously. Mihari can be used for C2, landing page and phishing hunting.
 ## How it works
 - Mihari makes a query against Shodan, Censys, VirusTotal, SecurityTrails, etc. and extracts artifacts from the results.
-- Mihari checks whether TheHive contains the artifacts or not.
+- Mihari checks whether [TheHive](https://thehive-project.org/) contains the artifacts or not.
   - If it doesn't contain the artifacts:
     - Mihari creates an alert on TheHive.
     - Mihari sends a notification to Slack. (Optional)
@@ -229,10 +229,10 @@ The input is a JSON data should have `title`, `description` and `artifacts` key.
 Configuration can be done via environment variables or a YAML file.
-| Key                    | Desc.                          | Required or optional           |
+| Key                    | Desc.                          | Recommended or optional        |
 |------------------------|--------------------------------|--------------------------------|
-| THEHIVE_API_ENDPOINT   | TheHive URL                    | Required                       |
-| THEHIVE_API_KEY        | TheHive API key                | Required                       |
+| THEHIVE_API_ENDPOINT   | TheHive URL                    | Recommended                    |
+| THEHIVE_API_KEY        | TheHive API key                | Recommended                    |
 | MISP_API_ENDPOINT      | MISP URL                       | Optional                       |
 | MISP_API_KEY           | MISP API key                   | Optional                       |
 | SLACK_WEBHOOK_URL      | Slack Webhook URL              | Optional                       |
@@ -258,7 +258,7 @@ Instead of using environment variables, you can use a YAML file for configuratio
 mihari virustotal 1.1.1.1 --config /path/to/yaml.yml
 ```
-The YAML file should be a hash like below:
+The YAML file should be a YAML hash like below:
 ```yaml
 thehive_api_endpoint: https://localhost

data/lib/mihari/cli.rb CHANGED

@@ -247,7 +247,7 @@ module Mihari
     end
     desc "alerts", "Show the alerts on TheHive"
-    method_option :limit, default: 5, desc: "Number of alerts to show (or 'all' to show all the alerts)"
+    method_option :limit, type: :string, default: "5", desc: "Number of alerts to show (or 'all' to show all the alerts)"
     def alerts
       with_error_handling do
         viewer = AlertViewer.new(limit: options["limit"])

data/lib/mihari/version.rb CHANGED

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Mihari
-  VERSION = "0.17.2"
+  VERSION = "0.17.3"
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mihari
 version: !ruby/object:Gem::Version
-  version: 0.17.2
+  version: 0.17.3
 platform: ruby
 authors:
 - Manabu Niseki
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-12-23 00:00:00.000000000 Z
+date: 2020-01-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler