miteru 0.12.6 → 0.12.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +18 -12
- data/lib/miteru/cli.rb +1 -0
- data/lib/miteru/crawler.rb +6 -3
- data/lib/miteru/feeds.rb +3 -5
- data/lib/miteru/version.rb +1 -1
- data/screenshots/slack.png +0 -0
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 53868ffcecd1ce512cd5935d8ff5160a7559bd290f5b08c99135da4c87118f3f
|
|
4
|
+
data.tar.gz: 5e7b8a039aed39da973246ef1a2c1052ea68055a7b8c40b6c65f6db9a23dcb18
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c214d850fdc52312771dbf47609675b4cbb406b9d6205ee2b978ebbe0c58b139672e12b1540137113cfd1365a129f6daf07ad76bf79f267f2212d78ba5c711d2
|
|
7
|
+
data.tar.gz: 27f307ed3a7aaed716ac8d69ec5ec01914664324777f2335b034f9504c886ad49f7ca6625d855cefd9c3ada5b576dbf638fbb89ef1141ea233b3f45211a8dd49
|
data/README.md
CHANGED
|
@@ -25,26 +25,27 @@ Miteru is an experimental phishing kit detection tool.
|
|
|
25
25
|
|
|
26
26
|
## Installation
|
|
27
27
|
|
|
28
|
-
```
|
|
29
|
-
|
|
28
|
+
```bash
|
|
29
|
+
gem install miteru
|
|
30
30
|
```
|
|
31
31
|
|
|
32
32
|
## Usage
|
|
33
33
|
|
|
34
|
-
```
|
|
34
|
+
```bash
|
|
35
35
|
$ miteru
|
|
36
36
|
Commands:
|
|
37
37
|
miteru execute # Execute the crawler
|
|
38
38
|
miteru help [COMMAND] # Describe available commands or one specific command
|
|
39
39
|
```
|
|
40
40
|
|
|
41
|
-
```
|
|
41
|
+
```bash
|
|
42
42
|
$ miteru help execute
|
|
43
43
|
Usage:
|
|
44
44
|
miteru execute
|
|
45
45
|
|
|
46
46
|
Options:
|
|
47
47
|
[--auto-download], [--no-auto-download] # Enable or disable auto-download of phishing kits
|
|
48
|
+
[--ayashige], [--no-ayashige] # Enable or disable ayashige(ninoseki/ayashige) feed
|
|
48
49
|
[--directory-traveling], [--no-directory-traveling] # Enable or disable directory traveling
|
|
49
50
|
[--download-to=DOWNLOAD_TO] # Directory to download file(s)
|
|
50
51
|
# Default: /tmp
|
|
@@ -52,14 +53,13 @@ Options:
|
|
|
52
53
|
[--size=N] # Number of urlscan.io's results. (Max: 10,000)
|
|
53
54
|
# Default: 100
|
|
54
55
|
[--threads=N] # Number of threads to use
|
|
55
|
-
# Default: 10
|
|
56
56
|
[--verbose], [--no-verbose]
|
|
57
57
|
# Default: true
|
|
58
58
|
|
|
59
59
|
Execute the crawler
|
|
60
60
|
```
|
|
61
61
|
|
|
62
|
-
```
|
|
62
|
+
```bash
|
|
63
63
|
$ miteru execute
|
|
64
64
|
...
|
|
65
65
|
https://dummy1.com: it doesn't contain a phishing kit.
|
|
@@ -70,7 +70,7 @@ https://dummy4.com: it might contain a phishing kit (dummy.zip).
|
|
|
70
70
|
|
|
71
71
|
## Using Docker (alternative if you don't install Ruby)
|
|
72
72
|
|
|
73
|
-
```
|
|
73
|
+
```bash
|
|
74
74
|
$ git clone https://github.com/ninoseki/miteru.git
|
|
75
75
|
$ cd miteru/docker
|
|
76
76
|
$ docker build -t miteru .
|
|
@@ -79,17 +79,23 @@ $ docker run miteru
|
|
|
79
79
|
$ docker run -v /tmp:/tmp miteru execute --auto-download
|
|
80
80
|
```
|
|
81
81
|
|
|
82
|
-
##
|
|
83
|
-
|
|
84
|
-
[](https://asciinema.org/a/hHpkHhMLiiv17gmdRhVMtZWwM)
|
|
85
|
-
|
|
86
|
-
## Note
|
|
82
|
+
## Configuration
|
|
87
83
|
|
|
88
84
|
For using `--post-to-slack` feature, you should set the following environment variables:
|
|
89
85
|
|
|
90
86
|
- `SLACK_WEBHOOK_URL`: Your Slack Webhook URL.
|
|
91
87
|
- `SLACK_CHANNEL`: Slack channel to post a message (default: "#general").
|
|
92
88
|
|
|
89
|
+
## Examples
|
|
90
|
+
|
|
91
|
+
### Aasciinema cast
|
|
92
|
+
|
|
93
|
+
[](https://asciinema.org/a/hHpkHhMLiiv17gmdRhVMtZWwM)
|
|
94
|
+
|
|
95
|
+
### Slack notification
|
|
96
|
+
|
|
97
|
+
|
|
98
|
+
|
|
93
99
|
## Alternatives
|
|
94
100
|
|
|
95
101
|
- [t4d/StalkPhish](https://github.com/t4d/StalkPhish): The Phishing kits stalker, harvesting phishing kits for investigations.
|
data/lib/miteru/cli.rb
CHANGED
|
@@ -5,6 +5,7 @@ require "thor"
|
|
|
5
5
|
module Miteru
|
|
6
6
|
class CLI < Thor
|
|
7
7
|
method_option :auto_download, type: :boolean, default: false, desc: "Enable or disable auto-download of phishing kits"
|
|
8
|
+
method_option :ayashige, type: :boolean, default: false, desc: "Enable or disable ayashige(ninoseki/ayashige) feed"
|
|
8
9
|
method_option :directory_traveling, type: :boolean, default: false, desc: "Enable or disable directory traveling"
|
|
9
10
|
method_option :download_to, type: :string, default: "/tmp", desc: "Directory to download file(s)"
|
|
10
11
|
method_option :post_to_slack, type: :boolean, default: false, desc: "Post a message to Slack if it detects a phishing kit"
|
data/lib/miteru/crawler.rb
CHANGED
|
@@ -6,6 +6,7 @@ require "uri"
|
|
|
6
6
|
|
|
7
7
|
module Miteru
|
|
8
8
|
class Crawler
|
|
9
|
+
attr_reader :ayashige
|
|
9
10
|
attr_reader :directory_traveling
|
|
10
11
|
attr_reader :downloader
|
|
11
12
|
attr_reader :feeds
|
|
@@ -13,15 +14,16 @@ module Miteru
|
|
|
13
14
|
attr_reader :threads
|
|
14
15
|
attr_reader :verbose
|
|
15
16
|
|
|
16
|
-
def initialize(auto_download: false, directory_traveling: false, download_to: "/tmp", post_to_slack: false, size: 100, threads: Parallel.processor_count, verbose: false)
|
|
17
|
+
def initialize(auto_download: false, ayashige: false, directory_traveling: false, download_to: "/tmp", post_to_slack: false, size: 100, threads: Parallel.processor_count, verbose: false)
|
|
17
18
|
@auto_download = auto_download
|
|
19
|
+
@ayashige = ayashige
|
|
18
20
|
@directory_traveling = directory_traveling
|
|
19
21
|
@downloader = Downloader.new(download_to)
|
|
20
22
|
@size = size
|
|
21
23
|
@threads = threads
|
|
22
24
|
@verbose = verbose
|
|
23
25
|
|
|
24
|
-
@feeds = Feeds.new(size: size, directory_traveling: directory_traveling)
|
|
26
|
+
@feeds = Feeds.new(size: size, ayashige: ayashige, directory_traveling: directory_traveling)
|
|
25
27
|
@notifier = Notifier.new(post_to_slack)
|
|
26
28
|
end
|
|
27
29
|
|
|
@@ -37,9 +39,10 @@ module Miteru
|
|
|
37
39
|
end
|
|
38
40
|
end
|
|
39
41
|
|
|
40
|
-
def self.execute(auto_download: false, directory_traveling: false, download_to: "/tmp", post_to_slack: false, size: 100, threads: Parallel.processor_count, verbose: false)
|
|
42
|
+
def self.execute(auto_download: false, ayashige: false, directory_traveling: false, download_to: "/tmp", post_to_slack: false, size: 100, threads: Parallel.processor_count, verbose: false)
|
|
41
43
|
new(
|
|
42
44
|
auto_download: auto_download,
|
|
45
|
+
ayashige: ayashige,
|
|
43
46
|
directory_traveling: directory_traveling,
|
|
44
47
|
download_to: download_to,
|
|
45
48
|
post_to_slack: post_to_slack,
|
data/lib/miteru/feeds.rb
CHANGED
|
@@ -6,11 +6,9 @@ require_relative "./feeds/urlscan"
|
|
|
6
6
|
|
|
7
7
|
module Miteru
|
|
8
8
|
class Feeds
|
|
9
|
-
def initialize(size: 100, directory_traveling: false)
|
|
10
|
-
@feeds = [
|
|
11
|
-
|
|
12
|
-
UrlScan.new(size)
|
|
13
|
-
]
|
|
9
|
+
def initialize(size: 100, ayashige: false, directory_traveling: false)
|
|
10
|
+
@feeds = [UrlScan.new(size)]
|
|
11
|
+
@feeds << Ayashige.new if ayashige
|
|
14
12
|
@directory_traveling = directory_traveling
|
|
15
13
|
end
|
|
16
14
|
|
data/lib/miteru/version.rb
CHANGED
|
Binary file
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: miteru
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.12.
|
|
4
|
+
version: 0.12.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Manabu Niseki
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-06-
|
|
11
|
+
date: 2019-06-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -241,6 +241,7 @@ files:
|
|
|
241
241
|
- lib/miteru/version.rb
|
|
242
242
|
- lib/miteru/website.rb
|
|
243
243
|
- miteru.gemspec
|
|
244
|
+
- screenshots/slack.png
|
|
244
245
|
homepage: https://github.com/ninoseki/miteru
|
|
245
246
|
licenses:
|
|
246
247
|
- MIT
|