otx_ruby 0.9.0 → 0.9.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.byebug_history +16 -0
- data/lib/otx_ruby.rb +1 -0
- data/lib/otx_ruby/base.rb +0 -1
- data/lib/otx_ruby/domain.rb +20 -0
- data/lib/otx_ruby/hostname.rb +20 -0
- data/lib/otx_ruby/ip.rb +17 -0
- data/lib/otx_ruby/types/ip/dns.rb +8 -0
- data/lib/otx_ruby/types/ip/nids_list.rb +9 -0
- data/lib/otx_ruby/version.rb +1 -1
- metadata +5 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e48854be702f228cf8ae62c774de7d18c381c9c2
|
4
|
+
data.tar.gz: a9aeca6b0829a98bfa74d67e5fde7cf0238544e8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c9153d17a563053f1f37fb85b7d51f88664db7ba99b28c35d717529c721d4acabaadb6140ec8aabde9ac371a1622e73cd36466b53a7934d73ab61223e7399619
|
7
|
+
data.tar.gz: 2161c20ea706992433648b2fe3801ccd2f5defb5cdf461dfc04397a35b2a8a04d4516eb55829bac33da18aba7a13b2279f5dd5cef5ff027a0cfe39e49b9b009d
|
data/.byebug_history
ADDED
data/lib/otx_ruby.rb
CHANGED
data/lib/otx_ruby/base.rb
CHANGED
data/lib/otx_ruby/domain.rb
CHANGED
@@ -86,5 +86,25 @@ module OTX
|
|
86
86
|
|
87
87
|
return whois
|
88
88
|
end
|
89
|
+
|
90
|
+
#
|
91
|
+
# Tallies total NIDS rules linked to a domain
|
92
|
+
#
|
93
|
+
# @param domain [String] Domain to check for NIDS rules
|
94
|
+
# @param pda [Array] Passive DNS objects to check for linked NIDS rules
|
95
|
+
# @return [Integer] Total number of NIDS rules
|
96
|
+
#
|
97
|
+
def count_nids_list(domain, pda)
|
98
|
+
grant_access = self.instance_variable_get('@key')
|
99
|
+
ip_object = OTX::IP.new(grant_access)
|
100
|
+
|
101
|
+
total = 0
|
102
|
+
pda.each do |pdr|
|
103
|
+
nids_list = ip_object.get_nids_list(pdr.address)
|
104
|
+
total += nids_list.count
|
105
|
+
end
|
106
|
+
|
107
|
+
return total
|
108
|
+
end
|
89
109
|
end
|
90
110
|
end
|
data/lib/otx_ruby/hostname.rb
CHANGED
@@ -91,5 +91,25 @@ module OTX
|
|
91
91
|
|
92
92
|
return results
|
93
93
|
end
|
94
|
+
|
95
|
+
#
|
96
|
+
# Tallies total NIDS rules linked to a hostname
|
97
|
+
#
|
98
|
+
# @param hostname [String] Hostname to check for NIDS rules
|
99
|
+
# @param pda [Array] Passive DNS objects to check for linked NIDS rules
|
100
|
+
# @return [Integer] Total number of NIDS rules
|
101
|
+
#
|
102
|
+
def count_nids_list(hostname, pda)
|
103
|
+
grant_access = self.instance_variable_get('@key')
|
104
|
+
ip_object = OTX::IP.new(grant_access)
|
105
|
+
|
106
|
+
total = 0
|
107
|
+
pda.each do |pdr|
|
108
|
+
nids_list = ip_object.get_nids_list(pdr.address)
|
109
|
+
total += nids_list.count
|
110
|
+
end
|
111
|
+
|
112
|
+
return total
|
113
|
+
end
|
94
114
|
end
|
95
115
|
end
|
data/lib/otx_ruby/ip.rb
CHANGED
@@ -101,5 +101,22 @@ module OTX
|
|
101
101
|
|
102
102
|
return results
|
103
103
|
end
|
104
|
+
|
105
|
+
#
|
106
|
+
# NIDS rules associated with an IP
|
107
|
+
#
|
108
|
+
# @param ip [String] IP Address for lookup
|
109
|
+
# @param type [String] Format of IP Address e.g 'IPv4', 'IPv6'
|
110
|
+
# @return [Object] Object created from NIDS list json data
|
111
|
+
#
|
112
|
+
def get_nids_list(ip, type = :ipv4)
|
113
|
+
uri = "/api/v1/indicators/#{type == :ipv6 ? 'IPv6' : 'IPv4'}/#{ip}/nids_list"
|
114
|
+
|
115
|
+
json_data = get(uri)
|
116
|
+
|
117
|
+
nids_list = OTX::Indicator::IP::NidsList.new(json_data)
|
118
|
+
|
119
|
+
return nids_list
|
120
|
+
end
|
104
121
|
end
|
105
122
|
end
|
data/lib/otx_ruby/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: otx_ruby
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.9.
|
4
|
+
version: 0.9.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Stephen Kapp
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2018-02-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: faraday
|
@@ -115,6 +115,7 @@ executables: []
|
|
115
115
|
extensions: []
|
116
116
|
extra_rdoc_files: []
|
117
117
|
files:
|
118
|
+
- ".byebug_history"
|
118
119
|
- ".gitignore"
|
119
120
|
- Gemfile
|
120
121
|
- LICENSE.md
|
@@ -154,6 +155,7 @@ files:
|
|
154
155
|
- lib/otx_ruby/types/ip/geo.rb
|
155
156
|
- lib/otx_ruby/types/ip/http_scan.rb
|
156
157
|
- lib/otx_ruby/types/ip/malware.rb
|
158
|
+
- lib/otx_ruby/types/ip/nids_list.rb
|
157
159
|
- lib/otx_ruby/types/ip/reputation.rb
|
158
160
|
- lib/otx_ruby/types/ip/url.rb
|
159
161
|
- lib/otx_ruby/types/ip/whois.rb
|
@@ -186,7 +188,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
186
188
|
version: '0'
|
187
189
|
requirements: []
|
188
190
|
rubyforge_project:
|
189
|
-
rubygems_version: 2.6.
|
191
|
+
rubygems_version: 2.6.12
|
190
192
|
signing_key:
|
191
193
|
specification_version: 4
|
192
194
|
summary: AlienVault OTX Ruby Gem
|