RubyGems - mihari - Versions diffs - 5.4.0 → 5.4.1 - Mend

mihari 5.4.0 → 5.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

checksums.yaml +4 -4
data/lib/mihari/analyzers/binaryedge.rb +4 -4
data/lib/mihari/analyzers/censys.rb +2 -2
data/lib/mihari/analyzers/circl.rb +2 -2
data/lib/mihari/analyzers/greynoise.rb +2 -2
data/lib/mihari/analyzers/hunterhow.rb +5 -5
data/lib/mihari/analyzers/onyphe.rb +4 -4
data/lib/mihari/analyzers/otx.rb +2 -2
data/lib/mihari/analyzers/passivetotal.rb +2 -2
data/lib/mihari/analyzers/pulsedive.rb +2 -2
data/lib/mihari/analyzers/rule.rb +13 -12
data/lib/mihari/analyzers/securitytrails.rb +2 -2
data/lib/mihari/analyzers/shodan.rb +4 -4
data/lib/mihari/analyzers/urlscan.rb +2 -2
data/lib/mihari/analyzers/virustotal.rb +2 -2
data/lib/mihari/analyzers/virustotal_intelligence.rb +2 -2
data/lib/mihari/analyzers/zoomeye.rb +4 -4
data/lib/mihari/config.rb +1 -1
data/lib/mihari/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f5e0b2b39737a0a5490683673459f85a1f8c526cbf50c6faf9fddace549366a8
-  data.tar.gz: 3db32b6839d7dff83f9ff112f29917f823358f63d9985d6ba8ba3fc909462a83
+  metadata.gz: edebe866fc56948d66d144b5c84ea1dea09984e19418fdb205f0da7aac199268
+  data.tar.gz: 033fa5e060e2dae50f9e380ba9436ede1d6ec508b5a895c0fc6b987bb11f2a30
 SHA512:
-  metadata.gz: 01bae867250b825f00fd0e0350bd451b909d3b05314e5e6a89f294c8e690587ad55c685087ff7c05dd17a48277309258906e53b5ed1ee7ddbc71834e116c41d4
-  data.tar.gz: 6cb15c263b8db6f6de052272d40b8da4936a625c0f3c16408a2f3877693ecc84754452388cc5fe33471461fc403ff9a9f3515c95146303c354d71822f33511cc
+  metadata.gz: 92f545736664296853d771b3044448ee7be6f6f91a56a0b51d99f8d083ed625fd2bf66172fbda6a2a8ca193e6729a712142cd6e5b55d42b22f0f4ab3168b3a09
+  data.tar.gz: 51c68c809bb3abd8c7a61621bcc3cde2bc6488351a36c96ec8074f9d322f88fb74eddc3595ff4ec972b385354642037332015b5a004c894e4ab0ea7c988c47f6

data/lib/mihari/analyzers/binaryedge.rb CHANGED Viewed

@@ -30,6 +30,10 @@ module Mihari
         end.flatten
       end
+      def configuration_keys
+        %w[binaryedge_api_key]
+      end
       private
       PAGE_SIZE = 20
@@ -69,10 +73,6 @@ module Mihari
         responses
       end
-      def configuration_keys
-        %w[binaryedge_api_key]
-      end
       #
       #
       # @return [Mihari::Clients::BinaryEdge]

data/lib/mihari/analyzers/censys.rb CHANGED Viewed

@@ -55,8 +55,6 @@ module Mihari
         configuration_keys? || (id? && secret?)
       end
-      private
       #
       # @return [Array<String>]
       #
@@ -64,6 +62,8 @@ module Mihari
         %w[censys_id censys_secret]
       end
+      private
       #
       # @return [Mihari::Clients::Censys]
       #

data/lib/mihari/analyzers/circl.rb CHANGED Viewed

@@ -44,12 +44,12 @@ module Mihari
         configuration_keys? || (username? && password?)
       end
-      private
       def configuration_keys
         %w[circl_passive_password circl_passive_username]
       end
+      private
       def client
         @client ||= Clients::CIRCL.new(username: username, password: password)
       end

data/lib/mihari/analyzers/greynoise.rb CHANGED Viewed

@@ -23,12 +23,12 @@ module Mihari
         client.gnql_search(query, size: PAGE_SIZE).to_artifacts
       end
-      private
       def configuration_keys
         %w[greynoise_api_key]
       end
+      private
       def client
         @client ||= Clients::GreyNoise.new(api_key: api_key)
       end

data/lib/mihari/analyzers/hunterhow.rb CHANGED Viewed

@@ -3,9 +3,6 @@
 module Mihari
   module Analyzers
     class HunterHow < Base
-      # @return [Integer]
-      PAGE_SIZE = 100
       # @return [String, nil]
       attr_reader :api_key
@@ -54,12 +51,15 @@ module Mihari
         artifacts.flatten
       end
-      private
       def configuration_keys
         %w[hunterhow_api_key]
       end
+      private
+      # @return [Integer]
+      PAGE_SIZE = 100
       def client
         @client ||= Clients::HunterHow.new(api_key: api_key)
       end

data/lib/mihari/analyzers/onyphe.rb CHANGED Viewed

@@ -26,14 +26,14 @@ module Mihari
         responses.map(&:to_artifacts).flatten
       end
-      private
-      PAGE_SIZE = 10
       def configuration_keys
         %w[onyphe_api_key]
       end
+      private
+      PAGE_SIZE = 10
       def client
         @client ||= Clients::Onyphe.new(api_key: api_key)
       end

data/lib/mihari/analyzers/otx.rb CHANGED Viewed

@@ -35,12 +35,12 @@ module Mihari
         end
       end
-      private
       def configuration_keys
         %w[otx_api_key]
       end
+      private
       def client
         @client ||= Mihari::Clients::OTX.new(api_key: api_key)
       end

data/lib/mihari/analyzers/passivetotal.rb CHANGED Viewed

@@ -46,12 +46,12 @@ module Mihari
         configuration_keys? || (username? && api_key?)
       end
-      private
       def configuration_keys
         %w[passivetotal_username passivetotal_api_key]
       end
+      private
       def client
         @client ||= Clients::PassiveTotal.new(username: username, api_key: api_key)
       end

data/lib/mihari/analyzers/pulsedive.rb CHANGED Viewed

@@ -40,12 +40,12 @@ module Mihari
         end
       end
-      private
       def configuration_keys
         %w[pulsedive_api_key]
       end
+      private
       def client
         @client ||= Clients::PulseDive.new(api_key: api_key)
       end

data/lib/mihari/analyzers/rule.rb CHANGED Viewed

@@ -55,12 +55,15 @@ module Mihari
       end
       #
-      # Returns a list of artifacts matched with queries/analyzers
+      # Returns a list of artifacts matched with queries/analyzers (with the rule ID)
       #
       # @return [Array<Mihari::Artifact>]
       #
       def artifacts
-        analyzers.flat_map(&:normalized_artifacts)
+        analyzers.flat_map(&:normalized_artifacts).map do |artifact|
+          artifact.rule_id = rule.id
+          artifact
+        end
       end
       #
@@ -73,14 +76,9 @@ module Mihari
       # @return [Array<Mihari::Artifact>]
       #
       def normalized_artifacts
-        @normalized_artifacts ||= artifacts.uniq(&:data).select(&:valid?).select do |artifact|
-          rule.data_types.include? artifact.data_type
-        end.reject do |artifact|
-          falsepositive? artifact.data
-        end.map do |artifact|
-          artifact.rule_id = rule.id
-          artifact
-        end
+        valid_artifacts = artifacts.uniq(&:data).select(&:valid?)
+        date_type_allowed_artifacts = valid_artifacts.select { |artifact| rule.data_types.include? artifact.data_type }
+        date_type_allowed_artifacts.reject { |artifact| falsepositive? artifact.data }
       end
       #
@@ -89,7 +87,7 @@ module Mihari
       # @return [Array<Mihari::Artifact>]
       #
       def unique_artifacts
-        @unique_artifacts ||= normalized_artifacts.select do |artifact|
+        normalized_artifacts.select do |artifact|
           artifact.unique?(base_time: base_time, artifact_lifetime: rule.artifact_lifetime)
         end
       end
@@ -217,7 +215,10 @@ module Mihari
       #
       def validate_analyzer_configurations
         analyzers.map do |analyzer|
-          raise ConfigurationError, "#{analyzer.source} is not configured correctly" unless analyzer.configured?
+          next if analyzer.configured?
+          message = "#{analyzer.source} is not configured correctly. #{analyzer.configuration_keys.join(", ")} is/are missing."
+          raise ConfigurationError, message
         end
       end
     end

data/lib/mihari/analyzers/securitytrails.rb CHANGED Viewed

@@ -40,12 +40,12 @@ module Mihari
         end
       end
-      private
       def configuration_keys
         %w[securitytrails_api_key]
       end
+      private
       def client
         @client ||= Clients::SecurityTrails.new(api_key: api_key)
       end

data/lib/mihari/analyzers/shodan.rb CHANGED Viewed

@@ -24,14 +24,14 @@ module Mihari
         results.map(&:to_artifacts).flatten.uniq(&:data)
       end
-      private
-      PAGE_SIZE = 100
       def configuration_keys
         %w[shodan_api_key]
       end
+      private
+      PAGE_SIZE = 100
       def client
         @client ||= Clients::Shodan.new(api_key: api_key)
       end

data/lib/mihari/analyzers/urlscan.rb CHANGED Viewed

@@ -39,12 +39,12 @@ module Mihari
         end
       end
-      private
       def configuration_keys
         %w[urlscan_api_key]
       end
+      private
       def client
         @client ||= Clients::UrlScan.new(api_key: api_key)
       end

data/lib/mihari/analyzers/virustotal.rb CHANGED Viewed

@@ -35,12 +35,12 @@ module Mihari
         end
       end
-      private
       def configuration_keys
         %w[virustotal_api_key]
       end
+      private
       def client
         @client = Clients::VirusTotal.new(api_key: api_key)
       end

data/lib/mihari/analyzers/virustotal_intelligence.rb CHANGED Viewed

@@ -21,12 +21,12 @@ module Mihari
         search_with_cursor.map(&:to_artifacts).flatten
       end
-      private
       def configuration_keys
         %w[virustotal_api_key]
       end
+      private
       #
       # VT API
       #

data/lib/mihari/analyzers/zoomeye.rb CHANGED Viewed

@@ -33,6 +33,10 @@ module Mihari
         end
       end
+      def configuration_keys
+        %w[zoomeye_api_key]
+      end
       private
       PAGE_SIZE = 10
@@ -46,10 +50,6 @@ module Mihari
         %w[host web].include? type
       end
-      def configuration_keys
-        %w[zoomeye_api_key]
-      end
       def client
         @client ||= Clients::ZoomEye.new(api_key: api_key)
       end

data/lib/mihari/config.rb CHANGED Viewed

@@ -82,7 +82,7 @@ module Mihari
     attr_reader :sentry_dsn
     # @return [Boolean]
-    attr_reader :hide_config_values
+    attr_accessor :hide_config_values
     # @return [Integer]
     attr_reader :retry_interval

data/lib/mihari/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Mihari
-  VERSION = "5.4.0"
+  VERSION = "5.4.1"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mihari
 version: !ruby/object:Gem::Version
-  version: 5.4.0
+  version: 5.4.1
 platform: ruby
 authors:
 - Manabu Niseki
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-08-11 00:00:00.000000000 Z
+date: 2023-08-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler