mihari 3.10.1 → 3.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (28) hide show
  1. checksums.yaml +4 -4
  2. data/docker/Dockerfile +1 -1
  3. data/lib/mihari/analyzers/binaryedge.rb +5 -0
  4. data/lib/mihari/analyzers/censys.rb +5 -0
  5. data/lib/mihari/analyzers/onyphe.rb +5 -0
  6. data/lib/mihari/analyzers/rule.rb +6 -0
  7. data/lib/mihari/analyzers/shodan.rb +5 -0
  8. data/lib/mihari/analyzers/urlscan.rb +37 -13
  9. data/lib/mihari/analyzers/virustotal_intelligence.rb +5 -0
  10. data/lib/mihari/analyzers/zoomeye.rb +8 -0
  11. data/lib/mihari/cli/analyzer.rb +1 -0
  12. data/lib/mihari/commands/urlscan.rb +1 -2
  13. data/lib/mihari/schemas/rule.rb +9 -1
  14. data/lib/mihari/structs/urlscan.rb +51 -0
  15. data/lib/mihari/types.rb +3 -0
  16. data/lib/mihari/version.rb +1 -1
  17. data/lib/mihari.rb +1 -0
  18. data/mihari.gemspec +4 -4
  19. data/sig/lib/mihari/analyzers/binaryedge.rbs +2 -0
  20. data/sig/lib/mihari/analyzers/censys.rbs +2 -0
  21. data/sig/lib/mihari/analyzers/onyphe.rbs +2 -0
  22. data/sig/lib/mihari/analyzers/shodan.rbs +2 -0
  23. data/sig/lib/mihari/analyzers/urlscan.rbs +5 -2
  24. data/sig/lib/mihari/analyzers/virustotal_intelligence.rbs +2 -0
  25. data/sig/lib/mihari/analyzers/zoomeye.rbs +2 -0
  26. data/sig/lib/mihari/structs/greynoise.rbs +3 -3
  27. data/sig/lib/mihari/structs/urlscan.rbs +28 -0
  28. metadata +12 -10
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0fcea779559f641125a388f63f0aa2d39979842f9b66f116194c36fe6410c56c
4
- data.tar.gz: ceefe0fa86e5d3c8066bab202f7dc1dfb2b21017554a2b63c5a18f567e45aadb
3
+ metadata.gz: 2c8fda839e1bb1ec4733b7da17e20e3b47bd5795d5aca25371d09e5a0fa9a575
4
+ data.tar.gz: a4551c61c625bd08167608051750bf1785a31ad5215e95e857753fc5fed31d00
5
5
  SHA512:
6
- metadata.gz: 834c4c815ddf9c14b9047c9a8d9ed8ce56e3f115c16b797c4ebf40205529f7c94fe7ddda8f9c7f5cc0675c65123ac0957d28a0bfe51108d2492efc230f509dd8
7
- data.tar.gz: 03ed05a672e17bfce72706de94aa2a339053f9b6545907c1e71cf60987be047e1af6bc6d4e95a16f6b6bb371de2ff3b65602ae4c3c9eb2eab3f70c2ace0735cf
6
+ metadata.gz: 81a1ca91b65b03f98bb3504a85c8113b2cf189a4911109e113da1058fb9a1bd61c8807e6f3bec72484786b89e68d0027782d38013676bd6ae78aa57434315972
7
+ data.tar.gz: b42b1658310a7ee87940fbebb6507edca2187d6be92957a149f9234af8bf32ba06e702c401d321b553901dc56094964e78ff602549734f51abbf24b4b7a1fa4d
data/docker/Dockerfile CHANGED
@@ -1,4 +1,4 @@
1
- FROM ruby:3.0.2-alpine3.13
1
+ FROM ruby:3.0.3-alpine3.13
2
2
 
3
3
  RUN apk --no-cache add git build-base ruby-dev sqlite-dev postgresql-dev mysql-client mysql-dev \
4
4
  && gem install pg mysql2 \
data/lib/mihari/analyzers/binaryedge.rb CHANGED
@@ -10,6 +10,8 @@ module Mihari
10
10
  option :description, default: proc { "query = #{query}" }
11
11
  option :tags, default: proc { [] }
12
12
 
13
+ option :interval, default: proc { 0 }
14
+
13
15
  def artifacts
14
16
  results = search
15
17
  return [] unless results || results.empty?
@@ -55,6 +57,9 @@ module Mihari
55
57
 
56
58
  responses << res
57
59
  break if total <= page * PAGE_SIZE
60
+
61
+ # sleep #{interval} seconds to avoid the rate limitation (if it is set)
62
+ sleep interval
58
63
  end
59
64
  responses
60
65
  end
data/lib/mihari/analyzers/censys.rb CHANGED
@@ -10,6 +10,8 @@ module Mihari
10
10
  option :description, default: proc { "query = #{query}" }
11
11
  option :tags, default: proc { [] }
12
12
 
13
+ option :interval, default: proc { 0 }
14
+
13
15
  def artifacts
14
16
  search
15
17
  end
@@ -33,6 +35,9 @@ module Mihari
33
35
 
34
36
  cursor = response.result.links.next
35
37
  break if cursor == ""
38
+
39
+ # sleep #{interval} seconds to avoid the rate limitation (if it is set)
40
+ sleep interval
36
41
  end
37
42
 
38
43
  artifacts.flatten.uniq(&:data)
data/lib/mihari/analyzers/onyphe.rb CHANGED
@@ -11,6 +11,8 @@ module Mihari
11
11
  option :description, default: proc { "query = #{query}" }
12
12
  option :tags, default: proc { [] }
13
13
 
14
+ option :interval, default: proc { 0 }
15
+
14
16
  def artifacts
15
17
  responses = search
16
18
  return [] unless responses
@@ -59,6 +61,9 @@ module Mihari
59
61
 
60
62
  total = res.total
61
63
  break if total <= page * PAGE_SIZE
64
+
65
+ # sleep #{interval} seconds to avoid the rate limitation (if it is set)
66
+ sleep interval
62
67
  end
63
68
  responses
64
69
  end
data/lib/mihari/analyzers/rule.rb CHANGED
@@ -64,6 +64,12 @@ module Mihari
64
64
  klass = get_analyzer_class(analyzer_name)
65
65
 
66
66
  query = params[:query]
67
+
68
+ # set interval in the top level
69
+ options = params[:options] || {}
70
+ interval = options[:interval]
71
+ params[:interval] = interval
72
+
67
73
  analyzer = klass.new(query, **params)
68
74
 
69
75
  # Use #normalized_artifacts method to get atrifacts as Array<Mihari::Artifact>
data/lib/mihari/analyzers/shodan.rb CHANGED
@@ -10,6 +10,8 @@ module Mihari
10
10
  option :description, default: proc { "query = #{query}" }
11
11
  option :tags, default: proc { [] }
12
12
 
13
+ option :interval, default: proc { 0 }
14
+
13
15
  def artifacts
14
16
  results = search
15
17
  return [] unless results || results.empty?
@@ -63,6 +65,9 @@ module Mihari
63
65
 
64
66
  responses << res
65
67
  break if res["total"].to_i <= page * PAGE_SIZE
68
+
69
+ # sleep #{interval} seconds to avoid the rate limitation (if it is set)
70
+ sleep interval
66
71
  rescue JSON::ParserError
67
72
  # ignore JSON::ParserError
68
73
  # ref. https://github.com/ninoseki/mihari/issues/197
data/lib/mihari/analyzers/urlscan.rb CHANGED
@@ -2,8 +2,6 @@
2
2
 
3
3
  require "urlscan"
4
4
 
5
- SUPPORTED_DATA_TYPES = %w[url domain ip].freeze
6
-
7
5
  module Mihari
8
6
  module Analyzers
9
7
  class Urlscan < Base
@@ -12,7 +10,11 @@ module Mihari
12
10
  option :description, default: proc { "query = #{query}" }
13
11
  option :tags, default: proc { [] }
14
12
  option :allowed_data_types, default: proc { SUPPORTED_DATA_TYPES }
15
- option :use_similarity, default: proc { false }
13
+
14
+ option :interval, default: proc { 0 }
15
+
16
+ SUPPORTED_DATA_TYPES = %w[url domain ip].freeze
17
+ SIZE = 1000
16
18
 
17
19
  def initialize(*args, **kwargs)
18
20
  super
@@ -21,16 +23,15 @@ module Mihari
21
23
  end
22
24
 
23
25
  def artifacts
24
- result = search
25
- return [] unless result
26
-
27
- results = result["results"] || []
26
+ responses = search
27
+ results = responses.map(&:results).flatten
28
28
 
29
29
  allowed_data_types.map do |type|
30
- results.filter_map do |match|
31
- match.dig "page", type
30
+ results.filter_map do |result|
31
+ page = result.page
32
+ page.send(type.to_sym)
32
33
  end.uniq
33
- end.flatten
34
+ end.flatten.compact
34
35
  end
35
36
 
36
37
  private
@@ -43,15 +44,38 @@ module Mihari
43
44
  @api ||= ::UrlScan::API.new(Mihari.config.urlscan_api_key)
44
45
  end
45
46
 
47
+ #
48
+ # Search with search_after option
49
+ #
50
+ # @return [Structs::Urlscan::Response]
51
+ #
52
+ def search_with_search_after(search_after: nil)
53
+ res = api.search(query, size: SIZE, search_after: search_after)
54
+ Structs::Urlscan::Response.from_dynamic! res
55
+ end
56
+
46
57
  #
47
58
  # Search
48
59
  #
49
- # @return [Array<Hash>]
60
+ # @return [Array<Structs::Urlscan::Response>]
50
61
  #
51
62
  def search
52
- return api.pro.similar(query) if use_similarity
63
+ responses = []
64
+
65
+ search_after = nil
66
+ loop do
67
+ res = search_with_search_after(search_after: search_after)
68
+ responses << res
69
+
70
+ break if res.results.length < SIZE
71
+
72
+ search_after = res.results.last.sort.join(",")
73
+
74
+ # sleep #{interval} seconds to avoid the rate limitation (if it is set)
75
+ sleep interval
76
+ end
53
77
 
54
- api.search(query, size: 10_000)
78
+ responses
55
79
  end
56
80
 
57
81
  #
data/lib/mihari/analyzers/virustotal_intelligence.rb CHANGED
@@ -10,6 +10,8 @@ module Mihari
10
10
  option :description, default: proc { "query = #{query}" }
11
11
  option :tags, default: proc { [] }
12
12
 
13
+ option :interval, default: proc { 0 }
14
+
13
15
  def initialize(*args, **kwargs)
14
16
  super
15
17
 
@@ -54,6 +56,9 @@ module Mihari
54
56
  break if response.meta.cursor.nil?
55
57
 
56
58
  cursor = response.meta.cursor
59
+
60
+ # sleep #{interval} seconds to avoid the rate limitation (if it is set)
61
+ sleep interval
57
62
  end
58
63
 
59
64
  responses
data/lib/mihari/analyzers/zoomeye.rb CHANGED
@@ -11,6 +11,8 @@ module Mihari
11
11
  option :tags, default: proc { [] }
12
12
  option :type, default: proc { "host" }
13
13
 
14
+ option :interval, default: proc { 0 }
15
+
14
16
  def artifacts
15
17
  case type
16
18
  when "host"
@@ -87,6 +89,9 @@ module Mihari
87
89
  total = res["total"].to_i
88
90
  responses << res
89
91
  break if total <= page * PAGE_SIZE
92
+
93
+ # sleep #{interval} seconds to avoid the rate limitation (if it is set)
94
+ sleep interval
90
95
  end
91
96
  convert_responses responses.compact
92
97
  end
@@ -119,6 +124,9 @@ module Mihari
119
124
  total = res["total"].to_i
120
125
  responses << res
121
126
  break if total <= page * PAGE_SIZE
127
+
128
+ # sleep #{interval} seconds to avoid the rate limitation (if it is set)
129
+ sleep interval
122
130
  end
123
131
  convert_responses responses.compact
124
132
  end
data/lib/mihari/cli/analyzer.rb CHANGED
@@ -26,6 +26,7 @@ module Mihari
26
26
  class Analyzer < Base
27
27
  class_option :ignore_old_artifacts, type: :boolean, default: false, desc: "Whether to ignore old artifacts from checking or not."
28
28
  class_option :ignore_threshold, type: :numeric, default: 0, desc: "Number of days to define whether an artifact is old or not."
29
+ class_option :interval, type: :numeric, default: 0, desc: "Seconds of the interval while calling API in a row."
29
30
  class_option :config, type: :string, desc: "Path to the config file"
30
31
 
31
32
  include Mihari::Commands::BinaryEdge
data/lib/mihari/commands/urlscan.rb CHANGED
@@ -9,8 +9,7 @@ module Mihari
9
9
  method_option :title, type: :string, desc: "title"
10
10
  method_option :description, type: :string, desc: "description"
11
11
  method_option :tags, type: :array, desc: "tags"
12
- method_option :target_type, type: :string, default: "url", desc: "target type to fetch from search results (target type should be 'url', 'domain' or 'ip')"
13
- method_option :use_similarity, type: :boolean, default: false, desc: "use similarity API or not"
12
+ method_option :allowed_data_types, type: :array, default: ["url", "ip", "domain"], desc: "types to fetch from search results ('url', 'domain' or 'ip')"
14
13
  def urlscan(query)
15
14
  with_error_handling do
16
15
  run_analyzer Analyzers::Urlscan, query: query, options: options
data/lib/mihari/schemas/rule.rb CHANGED
@@ -7,33 +7,41 @@ require "mihari/schemas/macros"
7
7
 
8
8
  module Mihari
9
9
  module Schemas
10
+ AnalyzerOptions = Dry::Schema.Params do
11
+ optional(:interval).value(:integer)
12
+ end
13
+
10
14
  Analyzer = Dry::Schema.Params do
11
15
  required(:analyzer).value(Types::AnalyzerTypes)
12
16
  required(:query).value(:string)
17
+ optional(:options).hash(AnalyzerOptions)
13
18
  end
14
19
 
15
20
  Spyse = Dry::Schema.Params do
16
21
  required(:analyzer).value(Types::String.enum("spyse"))
17
22
  required(:query).value(:string)
18
23
  required(:type).value(Types::String.enum("ip", "domain"))
24
+ optional(:options).hash(AnalyzerOptions)
19
25
  end
20
26
 
21
27
  ZoomEye = Dry::Schema.Params do
22
28
  required(:analyzer).value(Types::String.enum("zoomeye"))
23
29
  required(:query).value(:string)
24
30
  required(:type).value(Types::String.enum("host", "web"))
31
+ optional(:options).hash(AnalyzerOptions)
25
32
  end
26
33
 
27
34
  Crtsh = Dry::Schema.Params do
28
35
  required(:analyzer).value(Types::String.enum("crtsh"))
29
36
  required(:query).value(:string)
30
37
  optional(:exclude_expired).value(:bool).default(true)
38
+ optional(:options).hash(AnalyzerOptions)
31
39
  end
32
40
 
33
41
  Urlscan = Dry::Schema.Params do
34
42
  required(:analyzer).value(Types::String.enum("urlscan"))
35
43
  required(:query).value(:string)
36
- optional(:use_similarity).value(:bool).default(true)
44
+ optional(:options).hash(AnalyzerOptions)
37
45
  end
38
46
 
39
47
  Rule = Dry::Schema.Params do
data/lib/mihari/structs/urlscan.rb ADDED
@@ -0,0 +1,51 @@
1
+ require "json"
2
+ require "dry/struct"
3
+
4
+ module Mihari
5
+ module Structs
6
+ module Urlscan
7
+ class Page < Dry::Struct
8
+ attribute :domain, Types::String.optional
9
+ attribute :ip, Types::String.optional
10
+ attribute :url, Types::String
11
+
12
+ def self.from_dynamic!(d)
13
+ d = Types::Hash[d]
14
+ new(
15
+ domain: d["domain"],
16
+ ip: d["ip"],
17
+ url: d.fetch("url")
18
+ )
19
+ end
20
+ end
21
+
22
+ class Result < Dry::Struct
23
+ attribute :page, Page
24
+ attribute :id, Types::String
25
+ attribute :sort, Types.Array(Types::String | Types::Integer)
26
+
27
+ def self.from_dynamic!(d)
28
+ d = Types::Hash[d]
29
+ new(
30
+ page: Page.from_dynamic!(d.fetch("page")),
31
+ id: d.fetch("_id"),
32
+ sort: d.fetch("sort")
33
+ )
34
+ end
35
+ end
36
+
37
+ class Response < Dry::Struct
38
+ attribute :results, Types.Array(Result)
39
+ attribute :has_more, Types::Bool
40
+
41
+ def self.from_dynamic!(d)
42
+ d = Types::Hash[d]
43
+ new(
44
+ results: d.fetch("results").map { |x| Result.from_dynamic!(x) },
45
+ has_more: d.fetch("has_more")
46
+ )
47
+ end
48
+ end
49
+ end
50
+ end
51
+ end
data/lib/mihari/types.rb CHANGED
@@ -8,11 +8,14 @@ module Mihari
8
8
  Nil = Strict::Nil
9
9
  Hash = Strict::Hash
10
10
  String = Strict::String
11
+ Bool = Strict::Bool
11
12
  Double = Strict::Float | Strict::Integer
12
13
  DateTime = Strict::DateTime
13
14
 
14
15
  DataTypes = Types::String.enum(*ALLOWED_DATA_TYPES)
15
16
 
17
+ UrlscanDataTypes = Types::String.enum("ip", "domain", "url")
18
+
16
19
  AnalyzerTypes = Types::String.enum(
17
20
  "binaryedge",
18
21
  "censys",
data/lib/mihari/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Mihari
4
- VERSION = "3.10.1"
4
+ VERSION = "3.11.0"
5
5
  end
data/lib/mihari.rb CHANGED
@@ -117,6 +117,7 @@ require "mihari/structs/greynoise"
117
117
  require "mihari/structs/ipinfo"
118
118
  require "mihari/structs/onyphe"
119
119
  require "mihari/structs/shodan"
120
+ require "mihari/structs/urlscan"
120
121
  require "mihari/structs/virustotal_intelligence"
121
122
 
122
123
  # Schemas
data/mihari.gemspec CHANGED
@@ -27,7 +27,7 @@ Gem::Specification.new do |spec|
27
27
 
28
28
  spec.add_development_dependency "bundler", "~> 2.2"
29
29
  spec.add_development_dependency "coveralls_reborn", "~> 0.23"
30
- spec.add_development_dependency "fakefs", "~> 1.3"
30
+ spec.add_development_dependency "fakefs", "~> 1.4"
31
31
  spec.add_development_dependency "mysql2", "~> 0.5"
32
32
  spec.add_development_dependency "overcommit", "~> 0.58"
33
33
  spec.add_development_dependency "pg", "~> 1.2"
@@ -36,8 +36,8 @@ Gem::Specification.new do |spec|
36
36
  spec.add_development_dependency "rb-fsevent", "~> 0.11"
37
37
  spec.add_development_dependency "rerun", "~> 0.13"
38
38
  spec.add_development_dependency "rspec", "~> 3.10"
39
- spec.add_development_dependency "standard", "~> 1.3"
40
- spec.add_development_dependency "steep", "~> 0.46"
39
+ spec.add_development_dependency "standard", "~> 1.5"
40
+ spec.add_development_dependency "steep", "~> 0.47"
41
41
  spec.add_development_dependency "timecop", "~> 0.9"
42
42
  spec.add_development_dependency "vcr", "~> 6.0"
43
43
  spec.add_development_dependency "webmock", "~> 3.14"
@@ -94,7 +94,7 @@ Gem::Specification.new do |spec|
94
94
  spec.add_dependency "sqlite3", "~> 1.4"
95
95
  spec.add_dependency "thor", "~> 1.1"
96
96
  spec.add_dependency "thread_safe", "~> 0.3"
97
- spec.add_dependency "urlscan", "~> 0.7"
97
+ spec.add_dependency "urlscan", "~> 0.8"
98
98
  spec.add_dependency "uuidtools", "~> 2.2"
99
99
  spec.add_dependency "virustotalx", "~> 1.2"
100
100
  spec.add_dependency "whois", "~> 5.0"
data/sig/lib/mihari/analyzers/binaryedge.rbs CHANGED
@@ -7,6 +7,8 @@ module Mihari
7
7
  attr_reader description: String
8
8
  attr_reader tags: Array[String]
9
9
 
10
+ attr_reader interval: ::Integer
11
+
10
12
  def artifacts: () -> (Array[String] | Array[Mihari::Artifact])
11
13
 
12
14
  private
data/sig/lib/mihari/analyzers/censys.rbs CHANGED
@@ -6,6 +6,8 @@ module Mihari
6
6
  attr_reader description: String
7
7
  attr_reader tags: Array[String]
8
8
 
9
+ attr_reader interval: ::Integer
10
+
9
11
  def artifacts: () -> (Array[String] | Array[Mihari::Artifact])
10
12
 
11
13
  private
data/sig/lib/mihari/analyzers/onyphe.rbs CHANGED
@@ -6,6 +6,8 @@ module Mihari
6
6
  attr_reader description: String
7
7
  attr_reader tags: Array[String]
8
8
 
9
+ attr_reader interval: ::Integer
10
+
9
11
  def artifacts: () -> (Array[String] | Array[Mihari::Artifact])
10
12
 
11
13
  private
data/sig/lib/mihari/analyzers/shodan.rbs CHANGED
@@ -6,6 +6,8 @@ module Mihari
6
6
  attr_reader description: String
7
7
  attr_reader tags: Array[String]
8
8
 
9
+ attr_reader interval: ::Integer
10
+
9
11
  def artifacts: () -> (Array[String] | Array[Mihari::Artifact])
10
12
 
11
13
  private
data/sig/lib/mihari/analyzers/urlscan.rbs CHANGED
@@ -8,7 +8,8 @@ module Mihari
8
8
  attr_reader description: String
9
9
  attr_reader tags: Array[String]
10
10
  attr_reader allowed_data_types: Array[String]
11
- attr_reader use_similarity: bool
11
+
12
+ attr_reader interval: ::Integer
12
13
 
13
14
  def initialize: (*untyped args, **untyped kwargs) -> void
14
15
 
@@ -20,7 +21,9 @@ module Mihari
20
21
 
21
22
  def api: () -> untyped
22
23
 
23
- def search: () -> Array[Hash[(String | Symbol), untyped]]
24
+ def search_with_search_after: (search_after: String?) -> Array[Hash[(String | Symbol), untyped]]
25
+
26
+ def search: () -> Array[Mihari::Structs::Urlscan::Response]
24
27
 
25
28
  def valid_alllowed_data_types?: () -> bool
26
29
  end
data/sig/lib/mihari/analyzers/virustotal_intelligence.rbs CHANGED
@@ -6,6 +6,8 @@ module Mihari
6
6
  attr_reader description: String
7
7
  attr_reader tags: Array[String]
8
8
 
9
+ attr_reader interval: ::Integer
10
+
9
11
  def initialize: (*untyped args, **untyped kwargs) -> void
10
12
 
11
13
  def artifacts: () -> (Array[String] | Array[Mihari::Artifact])
data/sig/lib/mihari/analyzers/zoomeye.rbs CHANGED
@@ -7,6 +7,8 @@ module Mihari
7
7
  attr_reader tags: Array[String]
8
8
  attr_reader type: String
9
9
 
10
+ attr_reader interval: ::Integer
11
+
10
12
  def artifacts: () -> (Array[String] | Array[Mihari::Artifact])
11
13
 
12
14
  private
data/sig/lib/mihari/structs/greynoise.rbs CHANGED
@@ -6,14 +6,14 @@ module Mihari
6
6
  attr_reader country_code: String
7
7
  attr_reader asn: String
8
8
 
9
- def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> untyped
9
+ def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::GreyNoise::Metadata
10
10
  end
11
11
 
12
12
  class Datum < Dry::Struct
13
13
  attr_reader ip: String
14
14
  attr_reader metadata: Mihari::Structs::GreyNoise::Metadata
15
15
 
16
- def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> untyped
16
+ def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::GreyNoise::Datum
17
17
  end
18
18
 
19
19
  class Response < Dry::Struct
@@ -23,7 +23,7 @@ module Mihari
23
23
  attr_reader message: String
24
24
  attr_reader query: String
25
25
 
26
- def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> untyped
26
+ def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::GreyNoise::Response
27
27
  end
28
28
  end
29
29
  end
data/sig/lib/mihari/structs/urlscan.rbs ADDED
@@ -0,0 +1,28 @@
1
+ module Mihari
2
+ module Structs
3
+ module Urlscan
4
+ class Page < Dry::Struct
5
+ attr_reader domain: String?
6
+ attr_reader ip: String?
7
+ attr_reader url: String
8
+
9
+ def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Urlscan::Page
10
+ end
11
+
12
+ class Result < Dry::Struct
13
+ attr_reader page: Mihari::Structs::Urlscan::Page
14
+ attr_reader id: String
15
+ attr_reader sort: Array[Integer | String]
16
+
17
+ def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Urlscan::Result
18
+ end
19
+
20
+ class Response < Dry::Struct
21
+ attr_reader results: Array[Mihari::Structs::Urlscan::Result]
22
+ attr_reader has_more: Boolean
23
+
24
+ def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Urlscan::Response
25
+ end
26
+ end
27
+ end
28
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mihari
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.10.1
4
+ version: 3.11.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Manabu Niseki
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-10-28 00:00:00.000000000 Z
11
+ date: 2021-12-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -44,14 +44,14 @@ dependencies:
44
44
  requirements:
45
45
  - - "~>"
46
46
  - !ruby/object:Gem::Version
47
- version: '1.3'
47
+ version: '1.4'
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
52
  - - "~>"
53
53
  - !ruby/object:Gem::Version
54
- version: '1.3'
54
+ version: '1.4'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: mysql2
57
57
  requirement: !ruby/object:Gem::Requirement
@@ -170,28 +170,28 @@ dependencies:
170
170
  requirements:
171
171
  - - "~>"
172
172
  - !ruby/object:Gem::Version
173
- version: '1.3'
173
+ version: '1.5'
174
174
  type: :development
175
175
  prerelease: false
176
176
  version_requirements: !ruby/object:Gem::Requirement
177
177
  requirements:
178
178
  - - "~>"
179
179
  - !ruby/object:Gem::Version
180
- version: '1.3'
180
+ version: '1.5'
181
181
  - !ruby/object:Gem::Dependency
182
182
  name: steep
183
183
  requirement: !ruby/object:Gem::Requirement
184
184
  requirements:
185
185
  - - "~>"
186
186
  - !ruby/object:Gem::Version
187
- version: '0.46'
187
+ version: '0.47'
188
188
  type: :development
189
189
  prerelease: false
190
190
  version_requirements: !ruby/object:Gem::Requirement
191
191
  requirements:
192
192
  - - "~>"
193
193
  - !ruby/object:Gem::Version
194
- version: '0.46'
194
+ version: '0.47'
195
195
  - !ruby/object:Gem::Dependency
196
196
  name: timecop
197
197
  requirement: !ruby/object:Gem::Requirement
@@ -968,14 +968,14 @@ dependencies:
968
968
  requirements:
969
969
  - - "~>"
970
970
  - !ruby/object:Gem::Version
971
- version: '0.7'
971
+ version: '0.8'
972
972
  type: :runtime
973
973
  prerelease: false
974
974
  version_requirements: !ruby/object:Gem::Requirement
975
975
  requirements:
976
976
  - - "~>"
977
977
  - !ruby/object:Gem::Version
978
- version: '0.7'
978
+ version: '0.8'
979
979
  - !ruby/object:Gem::Dependency
980
980
  name: uuidtools
981
981
  requirement: !ruby/object:Gem::Requirement
@@ -1177,6 +1177,7 @@ files:
1177
1177
  - lib/mihari/structs/ipinfo.rb
1178
1178
  - lib/mihari/structs/onyphe.rb
1179
1179
  - lib/mihari/structs/shodan.rb
1180
+ - lib/mihari/structs/urlscan.rb
1180
1181
  - lib/mihari/structs/virustotal_intelligence.rb
1181
1182
  - lib/mihari/templates/rule.yml.erb
1182
1183
  - lib/mihari/type_checker.rb
@@ -1351,6 +1352,7 @@ files:
1351
1352
  - sig/lib/mihari/structs/ipinfo.rbs
1352
1353
  - sig/lib/mihari/structs/onyphe.rbs
1353
1354
  - sig/lib/mihari/structs/shodan.rbs
1355
+ - sig/lib/mihari/structs/urlscan.rbs
1354
1356
  - sig/lib/mihari/structs/virustotal_intelligence.rbs
1355
1357
  - sig/lib/mihari/type_checker.rbs
1356
1358
  - sig/lib/mihari/types.rbs