onyphe 0.2.3 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -23
- data/lib/onyphe.rb +0 -1
- data/lib/onyphe/api.rb +81 -33
- data/lib/onyphe/cli.rb +13 -13
- data/lib/onyphe/client.rb +6 -3
- data/lib/onyphe/clients/ctl.rb +1 -1
- data/lib/onyphe/clients/datascan.rb +1 -1
- data/lib/onyphe/clients/forward.rb +1 -1
- data/lib/onyphe/clients/geoloc.rb +1 -1
- data/lib/onyphe/clients/inetnum.rb +1 -1
- data/lib/onyphe/clients/ip.rb +1 -1
- data/lib/onyphe/clients/md5.rb +1 -1
- data/lib/onyphe/clients/onionscan.rb +1 -1
- data/lib/onyphe/clients/pastries.rb +1 -1
- data/lib/onyphe/clients/reverse.rb +1 -1
- data/lib/onyphe/clients/search.rb +9 -9
- data/lib/onyphe/clients/sniffer.rb +1 -1
- data/lib/onyphe/clients/synscan.rb +1 -1
- data/lib/onyphe/clients/threatlist.rb +1 -1
- data/lib/onyphe/version.rb +1 -1
- data/onyphe.gemspec +2 -2
- metadata +7 -8
- data/lib/onyphe/response.rb +0 -24
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bb197595f583cae4f7474231b924a3ea0adb24ba1921acc2452ab8154868b575
|
|
4
|
+
data.tar.gz: 91af3240e44f93e3f14c7c9f2d6fedbd33a89d6c97f89ffaa8ac4ac31a917861
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 678cbca08957c71d3c6744b525491f08cb4efa3f8e6483a0fc55e3063bf2876c0207da3c3e40b86fefa88802ad7fdce135e2ad621c33dc6504d5f91d062cb44e
|
|
7
|
+
data.tar.gz: 8f96e012931f4551a0d3fbf29f60f10aeba8f7da071bbcdbd78ebcd4387bc5ec24058156da32e6baa522b322505c06db2dc1597e7d4be4dd2588f45192cc62c9
|
data/README.md
CHANGED
|
@@ -70,28 +70,6 @@ api.search.ctl(host: "vpn")
|
|
|
70
70
|
api.search.onionscan("app.http.keywords": "dump")
|
|
71
71
|
```
|
|
72
72
|
|
|
73
|
-
All the API response is wrapped by [OpenStruct](https://github.com/ruby/ostruct).
|
|
74
|
-
|
|
75
|
-
It means you can access to a response through a property-like syntax.
|
|
76
|
-
|
|
77
|
-
```rb
|
|
78
|
-
res = api.sniffer("217.138.28.194")
|
|
79
|
-
res.results.each do |result|
|
|
80
|
-
puts result.asn
|
|
81
|
-
puts result.ip
|
|
82
|
-
puts result.location
|
|
83
|
-
puts result.organization
|
|
84
|
-
end
|
|
85
|
-
```
|
|
86
|
-
|
|
87
|
-
Or you can get a hash representative data by using `#to_h` method.
|
|
88
|
-
|
|
89
|
-
```rb
|
|
90
|
-
res = api.sniffer("217.138.28.194")
|
|
91
|
-
p res.to_h
|
|
92
|
-
# => {:count=>10, :error=>0, :max_page=>3, :myip=>"<MY_IP>", :page=>1, :results=>[{:@category=>"sniffer", :@timestamp=>"2018-11-15T00:35:37.000Z", :@type=>"doc", :asn=>"AS20952", :city=>"London", :country=>"GB", ...
|
|
93
|
-
```
|
|
94
|
-
|
|
95
73
|
#### Pagination
|
|
96
74
|
|
|
97
75
|
Enumerable style pagination is not supported at the present time.
|
|
@@ -99,7 +77,7 @@ Enumerable style pagination is not supported at the present time.
|
|
|
99
77
|
You can specify page index by passing `page` argument to the method.
|
|
100
78
|
|
|
101
79
|
```rb
|
|
102
|
-
res = api.search.threatlist(country: "RU", page
|
|
80
|
+
res = api.search.threatlist(country: "RU", page: 1)
|
|
103
81
|
page = res.page
|
|
104
82
|
max_page = res.max_page
|
|
105
83
|
|
data/lib/onyphe.rb
CHANGED
data/lib/onyphe/api.rb
CHANGED
|
@@ -6,40 +6,88 @@ module Onyphe
|
|
|
6
6
|
class API
|
|
7
7
|
extend Forwardable
|
|
8
8
|
|
|
9
|
-
attr_reader :
|
|
9
|
+
attr_reader :api_key
|
|
10
10
|
|
|
11
|
+
#
|
|
12
|
+
# API client initialization
|
|
13
|
+
#
|
|
14
|
+
# @param [String] api_key ONYPHE API key
|
|
15
|
+
#
|
|
11
16
|
def initialize(api_key = ENV["ONYPHE_API_KEY"])
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
@
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
@
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
17
|
+
@api_key = api_key
|
|
18
|
+
raise ArgumentError, "'api_key' argument is required" unless api_key
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def search
|
|
22
|
+
@search ||= Clients::Search.new(api_key)
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
private
|
|
26
|
+
|
|
27
|
+
def _ctl
|
|
28
|
+
@_ctl ||= Clients::Ctl.new(api_key)
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
def _datascan
|
|
32
|
+
@_datascan ||= Clients::Datascan.new(api_key)
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def _forward
|
|
36
|
+
@_forward ||= Clients::Forward.new(api_key)
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def _geoloc
|
|
40
|
+
@_geoloc ||= Clients::Geoloc.new(api_key)
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def _inetnum
|
|
44
|
+
@_inetnum ||= Clients::Inetnum.new(api_key)
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def _ip
|
|
48
|
+
@_ip ||= Clients::IP.new(api_key)
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
def _md5
|
|
52
|
+
@_md5 ||= Clients::MD5.new(api_key)
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
def _onionscan
|
|
56
|
+
@_onionscan ||= Clients::Onionscan.new(api_key)
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
def _pastries
|
|
60
|
+
@_pastries ||= Clients::Pastries.new(api_key)
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
def _reverse
|
|
64
|
+
@_reverse ||= Clients::Reverse.new(api_key)
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
def _sniffer
|
|
68
|
+
@_sniffer ||= Clients::Sniffer.new(api_key)
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
def _synscan
|
|
72
|
+
@_synscan ||= Clients::Synscan.new(api_key)
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
def _threatlist
|
|
76
|
+
@_threatlist ||= Clients::Threatlist.new(api_key)
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
def_delegator :_ctl, :get_by_domain, :ctl
|
|
80
|
+
def_delegator :_datascan, :get_by_query, :datascan
|
|
81
|
+
def_delegator :_forward, :get_by_ip, :forward
|
|
82
|
+
def_delegator :_geoloc, :get_by_ip, :geoloc
|
|
83
|
+
def_delegator :_inetnum, :get_by_ip, :inetnum
|
|
84
|
+
def_delegator :_ip, :get_by_ip, :ip
|
|
85
|
+
def_delegator :_md5, :get_by_md5, :md5
|
|
86
|
+
def_delegator :_onionscan, :get_by_onion, :onionscan
|
|
87
|
+
def_delegator :_pastries, :get_by_ip, :pastries
|
|
88
|
+
def_delegator :_reverse, :get_by_ip, :reverse
|
|
89
|
+
def_delegator :_sniffer, :get_by_ip, :sniffer
|
|
90
|
+
def_delegator :_synscan, :get_by_ip, :synscan
|
|
91
|
+
def_delegator :_threatlist, :get_by_ip, :threatlist
|
|
44
92
|
end
|
|
45
93
|
end
|
data/lib/onyphe/cli.rb
CHANGED
|
@@ -7,67 +7,67 @@ module Onyphe
|
|
|
7
7
|
class CLI < Thor
|
|
8
8
|
desc "ctl DOMAIN", "It will return information for the given domain name X509 certificate information from CTLs with history of changes"
|
|
9
9
|
def ctl(domain)
|
|
10
|
-
with_error_handling { puts api.ctl(domain).
|
|
10
|
+
with_error_handling { puts api.ctl(domain).to_json }
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
desc "datascan IP/STRING", "It will return datascan information for the given IPv{4,6} address or string with history of changes"
|
|
14
14
|
def datascan(query)
|
|
15
|
-
with_error_handling { puts api.datascan(query).
|
|
15
|
+
with_error_handling { puts api.datascan(query).to_json }
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
desc "forward IP", "It will return forward DNS lookup information for the given IPv{4,6} address with history of changes"
|
|
19
19
|
def forward(ip)
|
|
20
|
-
with_error_handling { puts api.forward(ip).
|
|
20
|
+
with_error_handling { puts api.forward(ip).to_json }
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
desc "geoloc IP", "It will return geolocation information for the given IPv{4,6} address"
|
|
24
24
|
def geoloc(ip)
|
|
25
|
-
with_error_handling { puts api.geoloc(ip).
|
|
25
|
+
with_error_handling { puts api.geoloc(ip).to_json }
|
|
26
26
|
end
|
|
27
27
|
|
|
28
28
|
desc "inetnum IP", "It will return inetnum information for the given IPv{4,6} address with history of changes"
|
|
29
29
|
def inetnum(ip)
|
|
30
|
-
with_error_handling { puts api.inetnum(ip).
|
|
30
|
+
with_error_handling { puts api.inetnum(ip).to_json }
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
desc "ip IP", "It will return a summary of all information for the given IPv{4,6} address"
|
|
34
34
|
def ip(ip)
|
|
35
|
-
with_error_handling { puts api.ip(ip).
|
|
35
|
+
with_error_handling { puts api.ip(ip).to_json }
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
desc "md5 MD5", "It will return information for the given datamd5 filter from datascan information category with history of changes"
|
|
39
39
|
def md5(md5)
|
|
40
|
-
with_error_handling { puts api.md5(md5).
|
|
40
|
+
with_error_handling { puts api.md5(md5).to_json }
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
desc "onionscan ONION", "It will return information for the given onion domain with history of changes"
|
|
44
44
|
def onionscan(onion)
|
|
45
|
-
with_error_handling { puts api.onionscan(onion).
|
|
45
|
+
with_error_handling { puts api.onionscan(onion).to_json }
|
|
46
46
|
end
|
|
47
47
|
|
|
48
48
|
desc "pastries IP", "It will return pastries information for the given IPv{4,6} address with history of changes"
|
|
49
49
|
def pastries(ip)
|
|
50
|
-
with_error_handling { puts api.pastries(ip).
|
|
50
|
+
with_error_handling { puts api.pastries(ip).to_json }
|
|
51
51
|
end
|
|
52
52
|
|
|
53
53
|
desc "reverse IP", "It will return reverse DNS lookup information for the given IPv{4,6} address with history of changes"
|
|
54
54
|
def reverse(ip)
|
|
55
|
-
with_error_handling { puts api.reverse(ip).
|
|
55
|
+
with_error_handling { puts api.reverse(ip).to_json }
|
|
56
56
|
end
|
|
57
57
|
|
|
58
58
|
desc "sniffer IP", "It will return information for the given IP address with history of changes"
|
|
59
59
|
def sniffer(ip)
|
|
60
|
-
with_error_handling { puts api.sniffer(ip).
|
|
60
|
+
with_error_handling { puts api.sniffer(ip).to_json }
|
|
61
61
|
end
|
|
62
62
|
|
|
63
63
|
desc "synscan IP", "It will return synscan information for the given IPv{4,6} address with history of changes."
|
|
64
64
|
def synscan(ip)
|
|
65
|
-
with_error_handling { puts api.synscan(ip).
|
|
65
|
+
with_error_handling { puts api.synscan(ip).to_json }
|
|
66
66
|
end
|
|
67
67
|
|
|
68
68
|
desc "threattlist IP", "It will return threatlist information for the given IPv{4,6} address with history of change"
|
|
69
69
|
def threatlist(ip)
|
|
70
|
-
with_error_handling { puts api.threatlist(ip).
|
|
70
|
+
with_error_handling { puts api.threatlist(ip).to_json }
|
|
71
71
|
end
|
|
72
72
|
|
|
73
73
|
no_commands do
|
data/lib/onyphe/client.rb
CHANGED
|
@@ -36,10 +36,13 @@ module Onyphe
|
|
|
36
36
|
def request(req)
|
|
37
37
|
Net::HTTP.start(HOST, 443, https_options) do |http|
|
|
38
38
|
http_response = http.request(req)
|
|
39
|
-
|
|
39
|
+
code = http_response.code
|
|
40
|
+
raise Error, "Unsupported response code returned: #{http_response.code}" unless code.start_with?("20")
|
|
40
41
|
|
|
41
|
-
response = JSON.parse(http_response.body
|
|
42
|
-
|
|
42
|
+
response = JSON.parse(http_response.body)
|
|
43
|
+
error = response.dig("error")
|
|
44
|
+
message = response.dig("message")
|
|
45
|
+
raise Error, message if error&.to_i&.positive?
|
|
43
46
|
|
|
44
47
|
yield response
|
|
45
48
|
end
|
data/lib/onyphe/clients/ctl.rb
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
module Onyphe
|
|
4
4
|
module Clients
|
|
5
5
|
class Ctl < Client
|
|
6
|
-
def get_by_domain(domain, page
|
|
6
|
+
def get_by_domain(domain, page: 1)
|
|
7
7
|
raise ArgumentError, "Invalid domain: #{domain}" unless Validator.valid_domain?(domain)
|
|
8
8
|
|
|
9
9
|
get("/ctl/#{domain}", page: page) { |json| json }
|
data/lib/onyphe/clients/ip.rb
CHANGED
data/lib/onyphe/clients/md5.rb
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
module Onyphe
|
|
4
4
|
module Clients
|
|
5
5
|
class Onionscan < Client
|
|
6
|
-
def get_by_onion(onion, page
|
|
6
|
+
def get_by_onion(onion, page: 1)
|
|
7
7
|
raise ArgumentError, "Invalid oninon domain: #{onion}" unless Validator.valid_onion_domain?(onion)
|
|
8
8
|
|
|
9
9
|
get("/onionscan/#{onion}", page: page) { |json| json }
|
|
@@ -5,39 +5,39 @@ require "addressable/uri"
|
|
|
5
5
|
module Onyphe
|
|
6
6
|
module Clients
|
|
7
7
|
class Search < Client
|
|
8
|
-
def datascan(params, page
|
|
8
|
+
def datascan(params, page: 1)
|
|
9
9
|
search("datascan", params, page)
|
|
10
10
|
end
|
|
11
11
|
|
|
12
|
-
def synscan(params, page
|
|
12
|
+
def synscan(params, page: 1)
|
|
13
13
|
search("synscan", params, page)
|
|
14
14
|
end
|
|
15
15
|
|
|
16
|
-
def inetnum(params, page
|
|
16
|
+
def inetnum(params, page: 1)
|
|
17
17
|
search("inetnum", params, page)
|
|
18
18
|
end
|
|
19
19
|
|
|
20
|
-
def threatlist(params, page
|
|
20
|
+
def threatlist(params, page: 1)
|
|
21
21
|
search("threatlist", params, page)
|
|
22
22
|
end
|
|
23
23
|
|
|
24
|
-
def pastries(params, page
|
|
24
|
+
def pastries(params, page: 1)
|
|
25
25
|
search("pastries", params, page)
|
|
26
26
|
end
|
|
27
27
|
|
|
28
|
-
def resolver(params, page
|
|
28
|
+
def resolver(params, page: 1)
|
|
29
29
|
search("resolver", params, page)
|
|
30
30
|
end
|
|
31
31
|
|
|
32
|
-
def sniffer(params, page
|
|
32
|
+
def sniffer(params, page: 1)
|
|
33
33
|
search("sniffer", params, page)
|
|
34
34
|
end
|
|
35
35
|
|
|
36
|
-
def ctl(params, page
|
|
36
|
+
def ctl(params, page: 1)
|
|
37
37
|
search("ctl", params, page)
|
|
38
38
|
end
|
|
39
39
|
|
|
40
|
-
def onionscan(params, page
|
|
40
|
+
def onionscan(params, page: 1)
|
|
41
41
|
search("onionscan", params, page)
|
|
42
42
|
end
|
|
43
43
|
|
data/lib/onyphe/version.rb
CHANGED
data/onyphe.gemspec
CHANGED
|
@@ -29,8 +29,8 @@ Gem::Specification.new do |spec|
|
|
|
29
29
|
|
|
30
30
|
spec.add_development_dependency "bundler", "~> 2.0"
|
|
31
31
|
spec.add_development_dependency "coveralls", "~> 0.8"
|
|
32
|
-
spec.add_development_dependency "rake", "~>
|
|
33
|
-
spec.add_development_dependency "rspec", "~> 3.
|
|
32
|
+
spec.add_development_dependency "rake", "~> 13.0"
|
|
33
|
+
spec.add_development_dependency "rspec", "~> 3.9"
|
|
34
34
|
spec.add_development_dependency "vcr", "~> 5.0"
|
|
35
35
|
spec.add_development_dependency "webmock", "~> 3.7"
|
|
36
36
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: onyphe
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Manabu Niseki
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-
|
|
11
|
+
date: 2019-10-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: addressable
|
|
@@ -72,28 +72,28 @@ dependencies:
|
|
|
72
72
|
requirements:
|
|
73
73
|
- - "~>"
|
|
74
74
|
- !ruby/object:Gem::Version
|
|
75
|
-
version: '
|
|
75
|
+
version: '13.0'
|
|
76
76
|
type: :development
|
|
77
77
|
prerelease: false
|
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
|
79
79
|
requirements:
|
|
80
80
|
- - "~>"
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
|
-
version: '
|
|
82
|
+
version: '13.0'
|
|
83
83
|
- !ruby/object:Gem::Dependency
|
|
84
84
|
name: rspec
|
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|
|
86
86
|
requirements:
|
|
87
87
|
- - "~>"
|
|
88
88
|
- !ruby/object:Gem::Version
|
|
89
|
-
version: '3.
|
|
89
|
+
version: '3.9'
|
|
90
90
|
type: :development
|
|
91
91
|
prerelease: false
|
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
|
93
93
|
requirements:
|
|
94
94
|
- - "~>"
|
|
95
95
|
- !ruby/object:Gem::Version
|
|
96
|
-
version: '3.
|
|
96
|
+
version: '3.9'
|
|
97
97
|
- !ruby/object:Gem::Dependency
|
|
98
98
|
name: vcr
|
|
99
99
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -159,7 +159,6 @@ files:
|
|
|
159
159
|
- lib/onyphe/clients/sniffer.rb
|
|
160
160
|
- lib/onyphe/clients/synscan.rb
|
|
161
161
|
- lib/onyphe/clients/threatlist.rb
|
|
162
|
-
- lib/onyphe/response.rb
|
|
163
162
|
- lib/onyphe/validator.rb
|
|
164
163
|
- lib/onyphe/version.rb
|
|
165
164
|
- onyphe.gemspec
|
|
@@ -182,7 +181,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
182
181
|
- !ruby/object:Gem::Version
|
|
183
182
|
version: '0'
|
|
184
183
|
requirements: []
|
|
185
|
-
rubygems_version: 3.0.
|
|
184
|
+
rubygems_version: 3.0.6
|
|
186
185
|
signing_key:
|
|
187
186
|
specification_version: 4
|
|
188
187
|
summary: ONYPHE API wrapper for Ruby
|
data/lib/onyphe/response.rb
DELETED
|
@@ -1,24 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
require "ostruct"
|
|
4
|
-
|
|
5
|
-
module Onyphe
|
|
6
|
-
class Response < OpenStruct
|
|
7
|
-
def openstruct_to_hash(object, hash = {})
|
|
8
|
-
return object unless object.respond_to?(:each_pair)
|
|
9
|
-
|
|
10
|
-
object.each_pair do |key, value|
|
|
11
|
-
hash[key] = case value
|
|
12
|
-
when OpenStruct then openstruct_to_hash(value)
|
|
13
|
-
when Array then value.map { |v| openstruct_to_hash(v) }
|
|
14
|
-
else value
|
|
15
|
-
end
|
|
16
|
-
end
|
|
17
|
-
hash
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
def to_h
|
|
21
|
-
openstruct_to_hash(self)
|
|
22
|
-
end
|
|
23
|
-
end
|
|
24
|
-
end
|