passivetotalx 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +52 -0
- data/.rspec +3 -0
- data/.travis.yml +7 -0
- data/Gemfile +4 -0
- data/LICENSE +21 -0
- data/README.md +46 -0
- data/Rakefile +6 -0
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/lib/passivetotal.rb +26 -0
- data/lib/passivetotal/api.rb +68 -0
- data/lib/passivetotal/clients/account.rb +121 -0
- data/lib/passivetotal/clients/action.rb +279 -0
- data/lib/passivetotal/clients/artifact.rb +141 -0
- data/lib/passivetotal/clients/base.rb +97 -0
- data/lib/passivetotal/clients/dns.rb +61 -0
- data/lib/passivetotal/clients/enrichment.rb +119 -0
- data/lib/passivetotal/clients/host.rb +69 -0
- data/lib/passivetotal/clients/monitor.rb +29 -0
- data/lib/passivetotal/clients/project.rb +153 -0
- data/lib/passivetotal/clients/ssl.rb +73 -0
- data/lib/passivetotal/clients/tag.rb +77 -0
- data/lib/passivetotal/clients/tracker.rb +25 -0
- data/lib/passivetotal/clients/whois.rb +61 -0
- data/lib/passivetotal/version.rb +5 -0
- data/lib/passivetotalx.rb +3 -0
- data/passivetotalx.gemspec +33 -0
- metadata +154 -0
@@ -0,0 +1,29 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module PassiveTotal
|
4
|
+
module Client
|
5
|
+
class Monitor < Base
|
6
|
+
#
|
7
|
+
# Retrieve all alerts associated with an artifact or project.
|
8
|
+
# http://api.passivetotal.org/api/docs/#api-Monitor-GetV2Monitor
|
9
|
+
#
|
10
|
+
# @param [String, nil] project the project to filter on
|
11
|
+
# @param [String, nil] artifact the artifact to filter on
|
12
|
+
# @param [String, nll] start filter results to after this datetime
|
13
|
+
# @param [String, nil] end filter results to before this datetime
|
14
|
+
#
|
15
|
+
# @return [Hash]
|
16
|
+
#
|
17
|
+
def alerts(project: nil, artifact: nil, start_at: nil, end_at: nil)
|
18
|
+
params = {
|
19
|
+
project: project,
|
20
|
+
artifact: artifact,
|
21
|
+
start: start_at,
|
22
|
+
end: end_at,
|
23
|
+
}.compact
|
24
|
+
|
25
|
+
_get("/monitor", params) { |json| json }
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
@@ -0,0 +1,153 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module PassiveTotal
|
4
|
+
module Client
|
5
|
+
class Project < Base
|
6
|
+
#
|
7
|
+
# Add project tags.
|
8
|
+
# http://api.passivetotal.org/api/docs/#api-Project-PostV2ProjectTag
|
9
|
+
#
|
10
|
+
# @param [String] project the project id to update
|
11
|
+
# @param [String] tags the tags or tag to add (list or str)
|
12
|
+
#
|
13
|
+
# @return [Hash]
|
14
|
+
#
|
15
|
+
def add_tags(project, tags)
|
16
|
+
params = {
|
17
|
+
project: project,
|
18
|
+
tags: tags,
|
19
|
+
}.compact
|
20
|
+
|
21
|
+
_get("/project/tag", params) { |json| json }
|
22
|
+
end
|
23
|
+
|
24
|
+
#
|
25
|
+
# Create a new project
|
26
|
+
# http://api.passivetotal.org/api/docs/#api-Project-PutV2Project
|
27
|
+
#
|
28
|
+
# @param [String] name name of the project
|
29
|
+
# @param [String] visibility the visibility
|
30
|
+
# @param [String, nil] description the description
|
31
|
+
# @param [String, nil] featured whether to feature the project
|
32
|
+
# @param [String, nil] tags sets the project's tags to this list
|
33
|
+
#
|
34
|
+
# @return [Hash]
|
35
|
+
#
|
36
|
+
def create(name, visibility:, description: nil, featured: nil, tags: nil)
|
37
|
+
params = {
|
38
|
+
name: name,
|
39
|
+
visibility: visibility,
|
40
|
+
description: description,
|
41
|
+
featured: featured,
|
42
|
+
tags: tags,
|
43
|
+
}.compact
|
44
|
+
|
45
|
+
_put("/project", params) { |json| json }
|
46
|
+
end
|
47
|
+
|
48
|
+
#
|
49
|
+
# Delete project
|
50
|
+
# http://api.passivetotal.org/api/docs/#api-Project-DeleteV2Project
|
51
|
+
#
|
52
|
+
# @param [String] project the project id to delete
|
53
|
+
#
|
54
|
+
# @return [Hash]
|
55
|
+
#
|
56
|
+
def delete(project)
|
57
|
+
params = {
|
58
|
+
project: project,
|
59
|
+
}.compact
|
60
|
+
|
61
|
+
_delete("/project", params) { |json| json }
|
62
|
+
end
|
63
|
+
|
64
|
+
#
|
65
|
+
# Retrieves a project or projects by search filter
|
66
|
+
# http://api.passivetotal.org/api/docs/#api-Project-GetV2Project
|
67
|
+
#
|
68
|
+
# @param [String, nil] project filter by project id
|
69
|
+
# @param [String, nil] owner filter by owner (an email or organization id)
|
70
|
+
# @param [String, nil] creator filter by creator email
|
71
|
+
# @param [String, nil] organization filter by organization
|
72
|
+
# @param [String, nil] visibility filter by visibility
|
73
|
+
# @param [String, nil] featured filter by featured status
|
74
|
+
#
|
75
|
+
# @return [Hash]
|
76
|
+
#
|
77
|
+
def get(project: nil, owner: nil, creator: nil, organization: nil, visibility: nil, featured: nil)
|
78
|
+
params = {
|
79
|
+
project: project,
|
80
|
+
owner: owner,
|
81
|
+
creator: creator,
|
82
|
+
organization: organization,
|
83
|
+
visibility: visibility,
|
84
|
+
featured: featured,
|
85
|
+
}.compact
|
86
|
+
|
87
|
+
_get("/project", params) { |json| json }
|
88
|
+
end
|
89
|
+
|
90
|
+
#
|
91
|
+
# Remove project tags.
|
92
|
+
# http://api.passivetotal.org/api/docs/#api-Project-DeleteV2ProjectTag
|
93
|
+
#
|
94
|
+
# @param [String] project the project id to update
|
95
|
+
# @param [Array<String>] tags the tags or tag to remove (list or str)
|
96
|
+
#
|
97
|
+
# @return [Hash]
|
98
|
+
#
|
99
|
+
def remove_tags(project, tags)
|
100
|
+
params = {
|
101
|
+
project: project,
|
102
|
+
tags: tags,
|
103
|
+
}.compact
|
104
|
+
|
105
|
+
_delete("/project/tag", params) { |json| json }
|
106
|
+
end
|
107
|
+
|
108
|
+
#
|
109
|
+
# Set project tags.
|
110
|
+
# http://api.passivetotal.org/api/docs/#api-Project-PutV2ProjectTag
|
111
|
+
#
|
112
|
+
# @param [String] project the project id to update
|
113
|
+
# @param [Array<String>] tags the tags or tag to set to (list or str)
|
114
|
+
#
|
115
|
+
# @return [Hash]
|
116
|
+
#
|
117
|
+
def set_tags(project, tags)
|
118
|
+
params = {
|
119
|
+
project: project,
|
120
|
+
tags: tags,
|
121
|
+
}.compact
|
122
|
+
|
123
|
+
_put("/project/tag", params) { |json| json }
|
124
|
+
end
|
125
|
+
|
126
|
+
#
|
127
|
+
# Updates a project denoted by project ID
|
128
|
+
# http://api.passivetotal.org/api/docs/#api-Project-PostV2Project
|
129
|
+
#
|
130
|
+
# @param [String] project the project id to update
|
131
|
+
# @param [String, nil] name the new name
|
132
|
+
# @param [String, nil] description the new description
|
133
|
+
# @param [String, nil] visibility ,"private","analyst"] the new visibility
|
134
|
+
# @param [String, nil] featured whether to feature the project
|
135
|
+
# @param [String, nil] tags sets the project's tags to this list
|
136
|
+
#
|
137
|
+
# @return [Hash]
|
138
|
+
#
|
139
|
+
def update(project, name: nil, description: nil, visibility: nil, featured: nil, tags: nil)
|
140
|
+
params = {
|
141
|
+
project: project,
|
142
|
+
name: name,
|
143
|
+
description: description,
|
144
|
+
visibility: visibility,
|
145
|
+
featured: featured,
|
146
|
+
tags: tags,
|
147
|
+
}.compact
|
148
|
+
|
149
|
+
_post("/project", params) { |json| json }
|
150
|
+
end
|
151
|
+
end
|
152
|
+
end
|
153
|
+
end
|
@@ -0,0 +1,73 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module PassiveTotal
|
4
|
+
module Client
|
5
|
+
class SSL < Base
|
6
|
+
#
|
7
|
+
# Retrieves the SSL certificate history for a given certificate SHA-1 hash or IP address.
|
8
|
+
# http://api.passivetotal.org/api/docs/#api-SSL_Certificates-GetV2SslCertificateHistory
|
9
|
+
#
|
10
|
+
# @param [String] query SHA-1 hash or associated IP address for which to retrieve certificate history
|
11
|
+
#
|
12
|
+
# @return [Hash]
|
13
|
+
#
|
14
|
+
def history(query)
|
15
|
+
params = {
|
16
|
+
query: query,
|
17
|
+
}.compact
|
18
|
+
|
19
|
+
_get("/ssl-certificate/history", params) { |json| json }
|
20
|
+
end
|
21
|
+
|
22
|
+
#
|
23
|
+
# Retrieves an SSL certificate by its SHA-1 hash.
|
24
|
+
# http://api.passivetotal.org/api/docs/#api-SSL_Certificates-GetV2SslCertificate
|
25
|
+
#
|
26
|
+
# @param [String] query SHA-1 hash of the certificate to retrieve
|
27
|
+
#
|
28
|
+
# @return [Hash]
|
29
|
+
#
|
30
|
+
def get(query)
|
31
|
+
params = {
|
32
|
+
query: query,
|
33
|
+
}.compact
|
34
|
+
|
35
|
+
_get("/ssl-certificate", params) { |json| json }
|
36
|
+
end
|
37
|
+
|
38
|
+
#
|
39
|
+
# Retrieves SSL certificates for a given keyword.
|
40
|
+
# http://api.passivetotal.org/api/docs/#api-SSL_Certificates-GetV2SslCertificateSearchKeyword
|
41
|
+
#
|
42
|
+
# @param [String] query keyword on which to search
|
43
|
+
#
|
44
|
+
# @return [Hash]
|
45
|
+
#
|
46
|
+
def keyword(query)
|
47
|
+
params = {
|
48
|
+
query: query,
|
49
|
+
}.compact
|
50
|
+
|
51
|
+
_get("/ssl-certificate/search/keyword", params) { |json| json }
|
52
|
+
end
|
53
|
+
|
54
|
+
#
|
55
|
+
# Retrieves SSL certificates for a given field value.
|
56
|
+
# http://api.passivetotal.org/api/docs/#api-SSL_Certificates-GetV2SslCertificateSearch
|
57
|
+
#
|
58
|
+
# @param [String] query field value for which to search
|
59
|
+
# @param [String] field field by which to search
|
60
|
+
#
|
61
|
+
# @return [Hash]
|
62
|
+
#
|
63
|
+
def search(query:, field:)
|
64
|
+
params = {
|
65
|
+
field: field,
|
66
|
+
query: query,
|
67
|
+
}.compact
|
68
|
+
|
69
|
+
_get("/ssl-certificate/search", params) { |json| json }
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
73
|
+
end
|
@@ -0,0 +1,77 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module PassiveTotal
|
4
|
+
module Client
|
5
|
+
class Tag < Base
|
6
|
+
#
|
7
|
+
# Retrieve the tags of an artifact or artifacts.
|
8
|
+
# http://api.passivetotal.org/api/docs/#api-Tag_Artifact-GetV2ArtifactTag
|
9
|
+
#
|
10
|
+
# @param [String] artifact the artifact id or ids to list
|
11
|
+
#
|
12
|
+
# @return [Hash]
|
13
|
+
#
|
14
|
+
def get(artifact)
|
15
|
+
params = {
|
16
|
+
artifact: artifact,
|
17
|
+
}.compact
|
18
|
+
|
19
|
+
_get("/artifact/tag", params) { |json| json }
|
20
|
+
end
|
21
|
+
|
22
|
+
#
|
23
|
+
# Remove a set of tags from an artifact or artifacts.
|
24
|
+
# http://api.passivetotal.org/api/docs/#api-Tag_Artifact-DeleteV2ArtifactTag
|
25
|
+
#
|
26
|
+
# @param [String] artifact the artifact id or ids to update
|
27
|
+
# @param [Array<String>] tags the tags or tag to delete (list or str)
|
28
|
+
#
|
29
|
+
# @return [Hash]
|
30
|
+
#
|
31
|
+
def delete(artifact, tags)
|
32
|
+
params = {
|
33
|
+
artifact: artifact,
|
34
|
+
tags: tags,
|
35
|
+
}.compact
|
36
|
+
|
37
|
+
_delete("/artifact/tag", params) { |json| json }
|
38
|
+
end
|
39
|
+
|
40
|
+
#
|
41
|
+
# Set the tags of an artifact or artifacts.
|
42
|
+
# http://api.passivetotal.org/api/docs/#api-Tag_Artifact-PutV2ArtifactTag
|
43
|
+
#
|
44
|
+
# @param [String] artifact the artifact id or ids to update
|
45
|
+
# @param [Array<String>] tags the tags or tag to set (list or str)
|
46
|
+
#
|
47
|
+
# @return [Hash]
|
48
|
+
#
|
49
|
+
def set(artifact, tags)
|
50
|
+
params = {
|
51
|
+
artifact: artifact,
|
52
|
+
tags: tags,
|
53
|
+
}.compact
|
54
|
+
|
55
|
+
_put("/artifact/tag", params) { |json| json }
|
56
|
+
end
|
57
|
+
|
58
|
+
#
|
59
|
+
# Add tags to an artifact or artifacts.
|
60
|
+
# http://api.passivetotal.org/api/docs/#api-Tag_Artifact-PostV2ArtifactTag
|
61
|
+
#
|
62
|
+
# @param [String] artifact the artifact id or ids to update
|
63
|
+
# @param [Array<String>] tags the tags or tag to add (list or str)
|
64
|
+
#
|
65
|
+
# @return [Hash]
|
66
|
+
#
|
67
|
+
def update(artifact, tags)
|
68
|
+
params = {
|
69
|
+
artifact: artifact,
|
70
|
+
tags: tags,
|
71
|
+
}.compact
|
72
|
+
|
73
|
+
_post("/artifact/tag", params) { |json| json }
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module PassiveTotal
|
4
|
+
module Client
|
5
|
+
class Tracker < Base
|
6
|
+
#
|
7
|
+
# Retrieves hosts that employ user tracking mechanisms served from another given host.
|
8
|
+
# http://api.passivetotal.org/api/docs/#api-Trackers-GetV2TrackersSearch
|
9
|
+
#
|
10
|
+
# @param [String] query host from which trackers originate
|
11
|
+
# @param [String] type type of trackers to retrieve; a type other than the offically supported ones may be supplied
|
12
|
+
#
|
13
|
+
# @return [Hash]
|
14
|
+
#
|
15
|
+
def search(query:, type:)
|
16
|
+
params = {
|
17
|
+
query: query,
|
18
|
+
type: type,
|
19
|
+
}.compact
|
20
|
+
|
21
|
+
_get("/trackers/search", params) { |json| json }
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,61 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module PassiveTotal
|
4
|
+
module Client
|
5
|
+
class WHOIS < Base
|
6
|
+
#
|
7
|
+
# Retrieves the WHOIS data for the specified query
|
8
|
+
# http://api.passivetotal.org/api/docs/#api-WHOIS-GetV2Whois
|
9
|
+
#
|
10
|
+
# @param [String] query the domain being queried
|
11
|
+
# @param [String, nil] compact_record whether to compress the results
|
12
|
+
# @param [String, nil] history whether to return historical results
|
13
|
+
#
|
14
|
+
# @return [Hash]
|
15
|
+
#
|
16
|
+
def get(query, compact_record: nil, history: nil)
|
17
|
+
params = {
|
18
|
+
query: query,
|
19
|
+
compact_record: compact_record,
|
20
|
+
history: history,
|
21
|
+
}.compact
|
22
|
+
|
23
|
+
_get("/whois", params) { |json| json }
|
24
|
+
end
|
25
|
+
|
26
|
+
#
|
27
|
+
# Search WHOIS data for a keyword.
|
28
|
+
# http://api.passivetotal.org/api/docs/#api-WHOIS-GetV2WhoisSearchKeyword
|
29
|
+
#
|
30
|
+
# @param [String] query being queried
|
31
|
+
#
|
32
|
+
# @return [Hash]
|
33
|
+
#
|
34
|
+
def keyword(query)
|
35
|
+
params = {
|
36
|
+
query: query,
|
37
|
+
}.compact
|
38
|
+
|
39
|
+
_get("/whois/search/keyword", params) { |json| json }
|
40
|
+
end
|
41
|
+
|
42
|
+
#
|
43
|
+
# Searches WHOIS data by field and query.
|
44
|
+
# http://api.passivetotal.org/api/docs/#api-WHOIS-GetV2WhoisSearch
|
45
|
+
#
|
46
|
+
# @param [String] query the value of the field being queried
|
47
|
+
# @param [String] field the field to query
|
48
|
+
#
|
49
|
+
# @return [Hash]
|
50
|
+
#
|
51
|
+
def search(query:, field:)
|
52
|
+
params = {
|
53
|
+
query: query,
|
54
|
+
field: field,
|
55
|
+
}.compact
|
56
|
+
|
57
|
+
_get("/whois/search", params) { |json| json }
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
lib = File.expand_path("lib", __dir__)
|
4
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
5
|
+
require "passivetotal/version"
|
6
|
+
|
7
|
+
Gem::Specification.new do |spec|
|
8
|
+
spec.name = "passivetotalx"
|
9
|
+
spec.version = PassiveTotal::VERSION
|
10
|
+
spec.authors = ["Manabu Niseki"]
|
11
|
+
spec.email = ["manabu.niseki@gmail.com"]
|
12
|
+
|
13
|
+
spec.summary = "PassiveTotal API wrapper for Ruby"
|
14
|
+
spec.description = "PassiveTotal API wrapper for Ruby"
|
15
|
+
spec.homepage = "https://github.com/ninoseki/passivetotalx"
|
16
|
+
spec.license = "MIT"
|
17
|
+
|
18
|
+
# Specify which files should be added to the gem when it is released.
|
19
|
+
# The `git ls-files -z` loads the files in the RubyGem that have been added into git.
|
20
|
+
spec.files = Dir.chdir(File.expand_path(__dir__)) do
|
21
|
+
`git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
22
|
+
end
|
23
|
+
spec.bindir = "exe"
|
24
|
+
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
25
|
+
spec.require_paths = ["lib"]
|
26
|
+
|
27
|
+
spec.add_development_dependency "bundler", "~> 2.0"
|
28
|
+
spec.add_development_dependency "coveralls", "~> 0.8"
|
29
|
+
spec.add_development_dependency "rake", "~> 13.0"
|
30
|
+
spec.add_development_dependency "rspec", "~> 3.8"
|
31
|
+
spec.add_development_dependency "vcr", "~> 5.0"
|
32
|
+
spec.add_development_dependency "webmock", "~> 3.7"
|
33
|
+
end
|