threatexpert 0.2.0 → 0.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/Gemfile +3 -14
- data/Gemfile.lock +22 -19
- data/LICENSE.txt +3 -1
- data/README.md +35 -0
- data/Rakefile +7 -47
- data/lib/threatexpert.rb +3 -2
- data/lib/threatexpert/submit.rb +1 -2
- data/lib/threatexpert/version.rb +3 -0
- data/test/helper.rb +5 -18
- data/test/test_threatexpert.rb +22 -14
- data/threatexpert.gemspec +23 -79
- metadata +100 -189
- data/.document +0 -5
- data/README.rdoc +0 -27
- data/VERSION +0 -1
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 7efdba7cab9cd82cd32b61e880cdab45725236a4
|
4
|
+
data.tar.gz: 13efcd001d9437d8baadd6d29474a3206ce5b1a7
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: c143b9f24266d3c071897aee4fd2b41cbdf518d42ee942d369f0bc9ac799d7757a1791e4ea39865a9279569b79052f9ecc761e2034b601f4e20aa9e4b3a03a9a
|
7
|
+
data.tar.gz: 1299a106553cbc54e393d5c9beedb60ff99353de098194e7798819ba633f475fae1e0228dbaae5b551cd89831309f0cee9f6aa5680f1f7df1f52bd968eb2a741
|
data/Gemfile
CHANGED
@@ -1,15 +1,4 @@
|
|
1
|
-
source
|
2
|
-
# Add dependencies required to use your gem here.
|
3
|
-
# Example:
|
4
|
-
gem "nokogiri", ">= 1.4.4"
|
5
|
-
gem "multipart-post", ">= 1.1.0"
|
6
|
-
gem "crack", ">= 0.1.8"
|
1
|
+
source 'https://rubygems.org'
|
7
2
|
|
8
|
-
#
|
9
|
-
|
10
|
-
group :development do
|
11
|
-
gem "shoulda", ">= 0"
|
12
|
-
gem "bundler", "~> 1.0.0"
|
13
|
-
gem "jeweler", "~> 1.5.2"
|
14
|
-
gem "rcov", ">= 0"
|
15
|
-
end
|
3
|
+
# Specify your gem's dependencies in threatexpert.gemspec
|
4
|
+
gemspec
|
data/Gemfile.lock
CHANGED
@@ -1,26 +1,29 @@
|
|
1
|
+
PATH
|
2
|
+
remote: .
|
3
|
+
specs:
|
4
|
+
threatexpert (0.2.1)
|
5
|
+
crack (~> 0.4)
|
6
|
+
multipart-post (~> 2.0)
|
7
|
+
nokogiri (~> 1.6)
|
8
|
+
|
1
9
|
GEM
|
2
|
-
remote:
|
10
|
+
remote: https://rubygems.org/
|
3
11
|
specs:
|
4
|
-
crack (0.
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
rcov (0.9.9)
|
14
|
-
shoulda (2.11.3)
|
12
|
+
crack (0.4.2)
|
13
|
+
safe_yaml (~> 1.0.0)
|
14
|
+
mini_portile (0.6.2)
|
15
|
+
minitest (5.5.1)
|
16
|
+
multipart-post (2.0.0)
|
17
|
+
nokogiri (1.6.6.2)
|
18
|
+
mini_portile (~> 0.6.0)
|
19
|
+
rake (10.4.2)
|
20
|
+
safe_yaml (1.0.4)
|
15
21
|
|
16
22
|
PLATFORMS
|
17
23
|
ruby
|
18
24
|
|
19
25
|
DEPENDENCIES
|
20
|
-
bundler (~> 1.
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
nokogiri (>= 1.4.4)
|
25
|
-
rcov
|
26
|
-
shoulda
|
26
|
+
bundler (~> 1.6)
|
27
|
+
minitest (~> 5.5)
|
28
|
+
rake
|
29
|
+
threatexpert!
|
data/LICENSE.txt
CHANGED
data/README.md
ADDED
@@ -0,0 +1,35 @@
|
|
1
|
+
# ThreatExpert
|
2
|
+
|
3
|
+
The threatexpert gem provides a simple API to query ThreatExpert by malware name (to receive a list of matching hashes) or hash (to receive a malware report). This also provides a simple upload feature.
|
4
|
+
|
5
|
+
## Installation
|
6
|
+
|
7
|
+
Add this line to your application's Gemfile:
|
8
|
+
|
9
|
+
gem 'threatexpert'
|
10
|
+
|
11
|
+
And then execute:
|
12
|
+
|
13
|
+
$ bundle
|
14
|
+
|
15
|
+
Or install it yourself as:
|
16
|
+
|
17
|
+
$ gem install threatexpert
|
18
|
+
|
19
|
+
## Usage
|
20
|
+
|
21
|
+
require 'threatexpert'
|
22
|
+
t = ThreatExpert::Search.new
|
23
|
+
hashes = t.name("Worm.Hamweg.Gen")
|
24
|
+
html = t.md5(hashes[0])
|
25
|
+
sb = ThreatExpert::Submit.new
|
26
|
+
filename = "/malware_share/downadup/62c6c217e7980e53aa3b234e19a5a25e.dll"
|
27
|
+
sb.submit(filename, youremailhere)
|
28
|
+
|
29
|
+
## Contributing
|
30
|
+
|
31
|
+
1. Fork it ( https://github.com/[my-github-username]/threatexpert/fork )
|
32
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
33
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
34
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
35
|
+
5. Create a new Pull Request
|
data/Rakefile
CHANGED
@@ -1,52 +1,12 @@
|
|
1
|
-
|
2
|
-
require
|
3
|
-
begin
|
4
|
-
Bundler.setup(:default, :development)
|
5
|
-
rescue Bundler::BundlerError => e
|
6
|
-
$stderr.puts e.message
|
7
|
-
$stderr.puts "Run `bundle install` to install missing gems"
|
8
|
-
exit e.status_code
|
9
|
-
end
|
10
|
-
require 'rake'
|
11
|
-
|
12
|
-
require 'jeweler'
|
13
|
-
Jeweler::Tasks.new do |gem|
|
14
|
-
# gem is a Gem::Specification... see http://docs.rubygems.org/read/chapter/20 for more options
|
15
|
-
gem.name = "threatexpert"
|
16
|
-
gem.homepage = "http://github.com/chrislee35/threatexpert"
|
17
|
-
gem.license = "MIT"
|
18
|
-
gem.summary = %Q{Allows for malware name and md5 hash searching of, and malware submission to ThreatExpert.com.}
|
19
|
-
gem.description = %Q{Provides a simple API to query ThreatExpert by malware name (to receive a list of matching hashes) or hash (to receive a malware report). This also provides a simple upload feature.}
|
20
|
-
gem.email = "rubygems@chrislee.dhs.org"
|
21
|
-
gem.authors = ["Chris Lee"]
|
22
|
-
gem.add_runtime_dependency "nokogiri", ">= 1.4.4"
|
23
|
-
gem.add_runtime_dependency "multipart-post", ">= 1.1.0"
|
24
|
-
gem.add_runtime_dependency "crack", ">= 0.1.8"
|
25
|
-
end
|
26
|
-
Jeweler::RubygemsDotOrgTasks.new
|
1
|
+
#!/usr/bin/env rake
|
2
|
+
require "bundler/gem_tasks"
|
27
3
|
|
28
4
|
require 'rake/testtask'
|
29
|
-
Rake::TestTask.new(:test) do |test|
|
30
|
-
test.libs << 'lib' << 'test'
|
31
|
-
test.pattern = 'test/**/test_*.rb'
|
32
|
-
test.verbose = true
|
33
|
-
end
|
34
5
|
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
test.verbose = true
|
6
|
+
Rake::TestTask.new do |t|
|
7
|
+
t.libs << 'lib'
|
8
|
+
t.test_files = FileList['test/test_*.rb']
|
9
|
+
t.verbose = true
|
40
10
|
end
|
41
11
|
|
42
|
-
task :default => :test
|
43
|
-
|
44
|
-
require 'rake/rdoctask'
|
45
|
-
Rake::RDocTask.new do |rdoc|
|
46
|
-
version = File.exist?('VERSION') ? File.read('VERSION') : ""
|
47
|
-
|
48
|
-
rdoc.rdoc_dir = 'rdoc'
|
49
|
-
rdoc.title = "threatexpert #{version}"
|
50
|
-
rdoc.rdoc_files.include('README*')
|
51
|
-
rdoc.rdoc_files.include('lib/**/*.rb')
|
52
|
-
end
|
12
|
+
task :default => :test
|
data/lib/threatexpert.rb
CHANGED
@@ -1,2 +1,3 @@
|
|
1
|
-
require
|
2
|
-
require
|
1
|
+
require "threatexpert/version"
|
2
|
+
require "threatexpert/search"
|
3
|
+
require "threatexpert/submit"
|
data/lib/threatexpert/submit.rb
CHANGED
@@ -2,7 +2,6 @@ require 'net/http'
|
|
2
2
|
require 'net/http/post/multipart'
|
3
3
|
require 'uri'
|
4
4
|
require 'nokogiri'
|
5
|
-
require 'pp'
|
6
5
|
|
7
6
|
module ThreatExpert
|
8
7
|
class Submit
|
@@ -11,7 +10,7 @@ module ThreatExpert
|
|
11
10
|
def submit(filename, email, headers={})
|
12
11
|
uri = URI.parse(@@submiturl)
|
13
12
|
http = Net::HTTP.new(uri.host, uri.port)
|
14
|
-
headers['User-Agent'] ||= "Ruby/#{RUBY_VERSION} threatexpert gem (https://github.com/chrislee35/threatexpert)"
|
13
|
+
headers['User-Agent'] ||= "Ruby/#{RUBY_VERSION} threatexpert gem version #{ThreatExpert::VERSION} (https://github.com/chrislee35/threatexpert)"
|
15
14
|
headers['Referer'] ||= @@submiturl
|
16
15
|
resp, data = http.get(uri.path, headers)
|
17
16
|
cookie = resp.header["set-cookie"] if resp.header["set-cookie"]
|
data/test/helper.rb
CHANGED
@@ -1,18 +1,5 @@
|
|
1
|
-
require '
|
2
|
-
require '
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
$stderr.puts e.message
|
7
|
-
$stderr.puts "Run `bundle install` to install missing gems"
|
8
|
-
exit e.status_code
|
9
|
-
end
|
10
|
-
require 'test/unit'
|
11
|
-
require 'shoulda'
|
12
|
-
|
13
|
-
$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
|
14
|
-
$LOAD_PATH.unshift(File.dirname(__FILE__))
|
15
|
-
require 'threatexpert'
|
16
|
-
|
17
|
-
class Test::Unit::TestCase
|
18
|
-
end
|
1
|
+
require 'minitest/autorun'
|
2
|
+
require 'minitest/test'
|
3
|
+
require 'minitest/unit'
|
4
|
+
include MiniTest::Assertions
|
5
|
+
require File.expand_path('../../lib/threatexpert.rb', __FILE__)
|
data/test/test_threatexpert.rb
CHANGED
@@ -1,33 +1,41 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
1
|
+
unless Kernel.respond_to?(:require_relative)
|
2
|
+
module Kernel
|
3
|
+
def require_relative(path)
|
4
|
+
require File.join(File.dirname(caller[0]), path.to_str)
|
5
|
+
end
|
6
|
+
end
|
7
|
+
end
|
8
|
+
|
9
|
+
require_relative 'helper'
|
10
|
+
|
11
|
+
class TestThreatexpert < Minitest::Test
|
12
|
+
def test_parse
|
5
13
|
t = ThreatExpert::Search.new
|
6
14
|
data = t.md5("70cf23409191820593022ca797fbcbd0")
|
7
|
-
|
15
|
+
refute_nil(data)
|
8
16
|
assert_equal("ThreatExpert Report", data['report']['title'])
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
17
|
+
refute_nil(data['report']['subreports'])
|
18
|
+
refute_nil(data['report']['subreports']['subreport'])
|
19
|
+
refute_nil(data['report']['subreports']['subreport']['technical_details'])
|
20
|
+
refute_nil(data['report']['subreports']['subreport']['technical_details']['known_threat_category_collection'])
|
21
|
+
refute_nil(data['report']['subreports']['subreport']['technical_details']['known_threat_category_collection']['known_threat_category'])
|
22
|
+
refute_nil(data['report']['subreports']['subreport']['technical_details']['known_threat_category_collection']['known_threat_category'][0])
|
15
23
|
assert_equal("Backdoor", data['report']['subreports']['subreport']['technical_details']['known_threat_category_collection']['known_threat_category'][0]['name'])
|
16
24
|
end
|
17
25
|
|
18
|
-
|
26
|
+
def test_nil
|
19
27
|
t = ThreatExpert::Search.new
|
20
28
|
html = t.md5("70cf23409191820593022ca797fbcbd1")
|
21
29
|
assert_nil(html)
|
22
30
|
end
|
23
31
|
|
24
|
-
|
32
|
+
def test_list
|
25
33
|
t = ThreatExpert::Search.new
|
26
34
|
hashes = t.name("Worm.Hamweg.Gen")
|
27
35
|
assert_equal(159, hashes.length)
|
28
36
|
end
|
29
37
|
|
30
|
-
|
38
|
+
def test_empty_list
|
31
39
|
t = ThreatExpert::Search.new
|
32
40
|
hashes = t.name("Worm.Hamwex.Gen")
|
33
41
|
assert_equal(0, hashes.length)
|
data/threatexpert.gemspec
CHANGED
@@ -1,83 +1,27 @@
|
|
1
|
-
#
|
2
|
-
|
3
|
-
|
4
|
-
|
1
|
+
# coding: utf-8
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require 'threatexpert/version'
|
5
5
|
|
6
|
-
Gem::Specification.new do |
|
7
|
-
|
8
|
-
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.name = "threatexpert"
|
8
|
+
spec.version = ThreatExpert::VERSION
|
9
|
+
spec.authors = ["chrislee35"]
|
10
|
+
spec.email = ["rubygems@chrislee.dhs.org"]
|
11
|
+
spec.summary = %q{llows for malware name and md5 hash searching of, and malware submission to ThreatExpert.com.}
|
12
|
+
spec.description = %q{rovides a simple API to query ThreatExpert by malware name (to receive a list of matching hashes) or hash (to receive a malware report). This also provides a simple upload feature.}
|
13
|
+
spec.homepage = "http://github.com/chrislee35/threatexpert"
|
14
|
+
spec.license = "MIT"
|
9
15
|
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
s.email = %q{rubygems@chrislee.dhs.org}
|
15
|
-
s.extra_rdoc_files = [
|
16
|
-
"LICENSE.txt",
|
17
|
-
"README.rdoc"
|
18
|
-
]
|
19
|
-
s.files = [
|
20
|
-
".document",
|
21
|
-
"Gemfile",
|
22
|
-
"Gemfile.lock",
|
23
|
-
"LICENSE.txt",
|
24
|
-
"README.rdoc",
|
25
|
-
"Rakefile",
|
26
|
-
"VERSION",
|
27
|
-
"lib/threatexpert.rb",
|
28
|
-
"lib/threatexpert/search.rb",
|
29
|
-
"lib/threatexpert/submit.rb",
|
30
|
-
"test/helper.rb",
|
31
|
-
"test/test_threatexpert.rb",
|
32
|
-
"threatexpert.gemspec"
|
33
|
-
]
|
34
|
-
s.homepage = %q{http://github.com/chrislee35/threatexpert}
|
35
|
-
s.licenses = ["MIT"]
|
36
|
-
s.require_paths = ["lib"]
|
37
|
-
s.rubygems_version = %q{1.7.2}
|
38
|
-
s.summary = %q{Allows for malware name and md5 hash searching of, and malware submission to ThreatExpert.com.}
|
39
|
-
s.test_files = [
|
40
|
-
"test/helper.rb",
|
41
|
-
"test/test_threatexpert.rb"
|
42
|
-
]
|
16
|
+
spec.files = `git ls-files -z`.split("\x0")
|
17
|
+
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
18
|
+
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
|
+
spec.require_paths = ["lib"]
|
43
20
|
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
s.add_runtime_dependency(%q<crack>, [">= 0.1.8"])
|
51
|
-
s.add_development_dependency(%q<shoulda>, [">= 0"])
|
52
|
-
s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
|
53
|
-
s.add_development_dependency(%q<jeweler>, ["~> 1.5.2"])
|
54
|
-
s.add_development_dependency(%q<rcov>, [">= 0"])
|
55
|
-
s.add_runtime_dependency(%q<nokogiri>, [">= 1.4.4"])
|
56
|
-
s.add_runtime_dependency(%q<multipart-post>, [">= 1.1.0"])
|
57
|
-
s.add_runtime_dependency(%q<crack>, [">= 0.1.8"])
|
58
|
-
else
|
59
|
-
s.add_dependency(%q<nokogiri>, [">= 1.4.4"])
|
60
|
-
s.add_dependency(%q<multipart-post>, [">= 1.1.0"])
|
61
|
-
s.add_dependency(%q<crack>, [">= 0.1.8"])
|
62
|
-
s.add_dependency(%q<shoulda>, [">= 0"])
|
63
|
-
s.add_dependency(%q<bundler>, ["~> 1.0.0"])
|
64
|
-
s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
|
65
|
-
s.add_dependency(%q<rcov>, [">= 0"])
|
66
|
-
s.add_dependency(%q<nokogiri>, [">= 1.4.4"])
|
67
|
-
s.add_dependency(%q<multipart-post>, [">= 1.1.0"])
|
68
|
-
s.add_dependency(%q<crack>, [">= 0.1.8"])
|
69
|
-
end
|
70
|
-
else
|
71
|
-
s.add_dependency(%q<nokogiri>, [">= 1.4.4"])
|
72
|
-
s.add_dependency(%q<multipart-post>, [">= 1.1.0"])
|
73
|
-
s.add_dependency(%q<crack>, [">= 0.1.8"])
|
74
|
-
s.add_dependency(%q<shoulda>, [">= 0"])
|
75
|
-
s.add_dependency(%q<bundler>, ["~> 1.0.0"])
|
76
|
-
s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
|
77
|
-
s.add_dependency(%q<rcov>, [">= 0"])
|
78
|
-
s.add_dependency(%q<nokogiri>, [">= 1.4.4"])
|
79
|
-
s.add_dependency(%q<multipart-post>, [">= 1.1.0"])
|
80
|
-
s.add_dependency(%q<crack>, [">= 0.1.8"])
|
81
|
-
end
|
21
|
+
spec.add_runtime_dependency "nokogiri", "~> 1.6"
|
22
|
+
spec.add_runtime_dependency "crack", "~> 0.4"
|
23
|
+
spec.add_runtime_dependency "multipart-post", "~> 2.0"
|
24
|
+
spec.add_development_dependency "minitest", "~> 5.5"
|
25
|
+
spec.add_development_dependency "bundler", "~> 1.6"
|
26
|
+
spec.add_development_dependency "rake"
|
82
27
|
end
|
83
|
-
|
metadata
CHANGED
@@ -1,234 +1,145 @@
|
|
1
|
-
--- !ruby/object:Gem::Specification
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
2
|
name: threatexpert
|
3
|
-
version: !ruby/object:Gem::Version
|
4
|
-
|
5
|
-
prerelease:
|
6
|
-
segments:
|
7
|
-
- 0
|
8
|
-
- 2
|
9
|
-
- 0
|
10
|
-
version: 0.2.0
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.2.1
|
11
5
|
platform: ruby
|
12
|
-
authors:
|
13
|
-
-
|
6
|
+
authors:
|
7
|
+
- chrislee35
|
14
8
|
autorequire:
|
15
9
|
bindir: bin
|
16
10
|
cert_chain: []
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
- !ruby/object:Gem::Dependency
|
21
|
-
version_requirements: &id001 !ruby/object:Gem::Requirement
|
22
|
-
none: false
|
23
|
-
requirements:
|
24
|
-
- - ">="
|
25
|
-
- !ruby/object:Gem::Version
|
26
|
-
hash: 15
|
27
|
-
segments:
|
28
|
-
- 1
|
29
|
-
- 4
|
30
|
-
- 4
|
31
|
-
version: 1.4.4
|
32
|
-
requirement: *id001
|
33
|
-
prerelease: false
|
11
|
+
date: 2015-03-28 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
34
14
|
name: nokogiri
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '1.6'
|
35
20
|
type: :runtime
|
36
|
-
- !ruby/object:Gem::Dependency
|
37
|
-
version_requirements: &id002 !ruby/object:Gem::Requirement
|
38
|
-
none: false
|
39
|
-
requirements:
|
40
|
-
- - ">="
|
41
|
-
- !ruby/object:Gem::Version
|
42
|
-
hash: 19
|
43
|
-
segments:
|
44
|
-
- 1
|
45
|
-
- 1
|
46
|
-
- 0
|
47
|
-
version: 1.1.0
|
48
|
-
requirement: *id002
|
49
21
|
prerelease: false
|
50
|
-
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1.6'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: crack
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0.4'
|
51
34
|
type: :runtime
|
52
|
-
- !ruby/object:Gem::Dependency
|
53
|
-
version_requirements: &id003 !ruby/object:Gem::Requirement
|
54
|
-
none: false
|
55
|
-
requirements:
|
56
|
-
- - ">="
|
57
|
-
- !ruby/object:Gem::Version
|
58
|
-
hash: 11
|
59
|
-
segments:
|
60
|
-
- 0
|
61
|
-
- 1
|
62
|
-
- 8
|
63
|
-
version: 0.1.8
|
64
|
-
requirement: *id003
|
65
35
|
prerelease: false
|
66
|
-
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0.4'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: multipart-post
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '2.0'
|
67
48
|
type: :runtime
|
68
|
-
- !ruby/object:Gem::Dependency
|
69
|
-
version_requirements: &id004 !ruby/object:Gem::Requirement
|
70
|
-
none: false
|
71
|
-
requirements:
|
72
|
-
- - ">="
|
73
|
-
- !ruby/object:Gem::Version
|
74
|
-
hash: 3
|
75
|
-
segments:
|
76
|
-
- 0
|
77
|
-
version: "0"
|
78
|
-
requirement: *id004
|
79
49
|
prerelease: false
|
80
|
-
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '2.0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: minitest
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - "~>"
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '5.5'
|
81
62
|
type: :development
|
82
|
-
- !ruby/object:Gem::Dependency
|
83
|
-
version_requirements: &id005 !ruby/object:Gem::Requirement
|
84
|
-
none: false
|
85
|
-
requirements:
|
86
|
-
- - ~>
|
87
|
-
- !ruby/object:Gem::Version
|
88
|
-
hash: 23
|
89
|
-
segments:
|
90
|
-
- 1
|
91
|
-
- 0
|
92
|
-
- 0
|
93
|
-
version: 1.0.0
|
94
|
-
requirement: *id005
|
95
63
|
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - "~>"
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '5.5'
|
69
|
+
- !ruby/object:Gem::Dependency
|
96
70
|
name: bundler
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - "~>"
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '1.6'
|
97
76
|
type: :development
|
98
|
-
- !ruby/object:Gem::Dependency
|
99
|
-
version_requirements: &id006 !ruby/object:Gem::Requirement
|
100
|
-
none: false
|
101
|
-
requirements:
|
102
|
-
- - ~>
|
103
|
-
- !ruby/object:Gem::Version
|
104
|
-
hash: 7
|
105
|
-
segments:
|
106
|
-
- 1
|
107
|
-
- 5
|
108
|
-
- 2
|
109
|
-
version: 1.5.2
|
110
|
-
requirement: *id006
|
111
77
|
prerelease: false
|
112
|
-
|
113
|
-
|
114
|
-
-
|
115
|
-
|
116
|
-
|
117
|
-
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - "~>"
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '1.6'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: rake
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
118
87
|
- - ">="
|
119
|
-
- !ruby/object:Gem::Version
|
120
|
-
|
121
|
-
segments:
|
122
|
-
- 0
|
123
|
-
version: "0"
|
124
|
-
requirement: *id007
|
125
|
-
prerelease: false
|
126
|
-
name: rcov
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0'
|
127
90
|
type: :development
|
128
|
-
- !ruby/object:Gem::Dependency
|
129
|
-
version_requirements: &id008 !ruby/object:Gem::Requirement
|
130
|
-
none: false
|
131
|
-
requirements:
|
132
|
-
- - ">="
|
133
|
-
- !ruby/object:Gem::Version
|
134
|
-
hash: 15
|
135
|
-
segments:
|
136
|
-
- 1
|
137
|
-
- 4
|
138
|
-
- 4
|
139
|
-
version: 1.4.4
|
140
|
-
requirement: *id008
|
141
91
|
prerelease: false
|
142
|
-
|
143
|
-
|
144
|
-
- !ruby/object:Gem::Dependency
|
145
|
-
version_requirements: &id009 !ruby/object:Gem::Requirement
|
146
|
-
none: false
|
147
|
-
requirements:
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
148
94
|
- - ">="
|
149
|
-
- !ruby/object:Gem::Version
|
150
|
-
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
requirement: *id009
|
157
|
-
prerelease: false
|
158
|
-
name: multipart-post
|
159
|
-
type: :runtime
|
160
|
-
- !ruby/object:Gem::Dependency
|
161
|
-
version_requirements: &id010 !ruby/object:Gem::Requirement
|
162
|
-
none: false
|
163
|
-
requirements:
|
164
|
-
- - ">="
|
165
|
-
- !ruby/object:Gem::Version
|
166
|
-
hash: 11
|
167
|
-
segments:
|
168
|
-
- 0
|
169
|
-
- 1
|
170
|
-
- 8
|
171
|
-
version: 0.1.8
|
172
|
-
requirement: *id010
|
173
|
-
prerelease: false
|
174
|
-
name: crack
|
175
|
-
type: :runtime
|
176
|
-
description: Provides a simple API to query ThreatExpert by malware name (to receive a list of matching hashes) or hash (to receive a malware report). This also provides a simple upload feature.
|
177
|
-
email: rubygems@chrislee.dhs.org
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
97
|
+
description: rovides a simple API to query ThreatExpert by malware name (to receive
|
98
|
+
a list of matching hashes) or hash (to receive a malware report). This also provides
|
99
|
+
a simple upload feature.
|
100
|
+
email:
|
101
|
+
- rubygems@chrislee.dhs.org
|
178
102
|
executables: []
|
179
|
-
|
180
103
|
extensions: []
|
181
|
-
|
182
|
-
|
183
|
-
- LICENSE.txt
|
184
|
-
- README.rdoc
|
185
|
-
files:
|
186
|
-
- .document
|
104
|
+
extra_rdoc_files: []
|
105
|
+
files:
|
187
106
|
- Gemfile
|
188
107
|
- Gemfile.lock
|
189
108
|
- LICENSE.txt
|
190
|
-
- README.
|
109
|
+
- README.md
|
191
110
|
- Rakefile
|
192
|
-
- VERSION
|
193
111
|
- lib/threatexpert.rb
|
194
112
|
- lib/threatexpert/search.rb
|
195
113
|
- lib/threatexpert/submit.rb
|
114
|
+
- lib/threatexpert/version.rb
|
196
115
|
- test/helper.rb
|
197
116
|
- test/test_threatexpert.rb
|
198
117
|
- threatexpert.gemspec
|
199
118
|
homepage: http://github.com/chrislee35/threatexpert
|
200
|
-
licenses:
|
119
|
+
licenses:
|
201
120
|
- MIT
|
121
|
+
metadata: {}
|
202
122
|
post_install_message:
|
203
123
|
rdoc_options: []
|
204
|
-
|
205
|
-
require_paths:
|
124
|
+
require_paths:
|
206
125
|
- lib
|
207
|
-
required_ruby_version: !ruby/object:Gem::Requirement
|
208
|
-
|
209
|
-
requirements:
|
126
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
127
|
+
requirements:
|
210
128
|
- - ">="
|
211
|
-
- !ruby/object:Gem::Version
|
212
|
-
|
213
|
-
|
214
|
-
|
215
|
-
version: "0"
|
216
|
-
required_rubygems_version: !ruby/object:Gem::Requirement
|
217
|
-
none: false
|
218
|
-
requirements:
|
129
|
+
- !ruby/object:Gem::Version
|
130
|
+
version: '0'
|
131
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
132
|
+
requirements:
|
219
133
|
- - ">="
|
220
|
-
- !ruby/object:Gem::Version
|
221
|
-
|
222
|
-
segments:
|
223
|
-
- 0
|
224
|
-
version: "0"
|
134
|
+
- !ruby/object:Gem::Version
|
135
|
+
version: '0'
|
225
136
|
requirements: []
|
226
|
-
|
227
137
|
rubyforge_project:
|
228
|
-
rubygems_version:
|
138
|
+
rubygems_version: 2.2.2
|
229
139
|
signing_key:
|
230
|
-
specification_version:
|
231
|
-
summary:
|
232
|
-
|
140
|
+
specification_version: 4
|
141
|
+
summary: llows for malware name and md5 hash searching of, and malware submission
|
142
|
+
to ThreatExpert.com.
|
143
|
+
test_files:
|
233
144
|
- test/helper.rb
|
234
145
|
- test/test_threatexpert.rb
|
data/.document
DELETED
data/README.rdoc
DELETED
@@ -1,27 +0,0 @@
|
|
1
|
-
= threatexpert
|
2
|
-
|
3
|
-
The threatexpert gem provides a simple API to query ThreatExpert by malware name (to receive a list of matching hashes) or hash (to receive a malware report). This also provides a simple upload feature.
|
4
|
-
|
5
|
-
require 'threatexpert'
|
6
|
-
t = ThreatExpert::Search.new
|
7
|
-
hashes = t.name("Worm.Hamweg.Gen")
|
8
|
-
html = t.md5(hashes[0])
|
9
|
-
sb = ThreatExpert::Submit.new
|
10
|
-
filename = "/malware_share/downadup/62c6c217e7980e53aa3b234e19a5a25e.dll"
|
11
|
-
sb.submit(filename, youremailhere)
|
12
|
-
|
13
|
-
== Contributing to threatexpert
|
14
|
-
|
15
|
-
* Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
|
16
|
-
* Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
|
17
|
-
* Fork the project
|
18
|
-
* Start a feature/bugfix branch
|
19
|
-
* Commit and push until you are happy with your contribution
|
20
|
-
* Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
|
21
|
-
* Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
|
22
|
-
|
23
|
-
== Copyright
|
24
|
-
|
25
|
-
Copyright (c) 2011 Chris Lee. See LICENSE.txt for
|
26
|
-
further details.
|
27
|
-
|
data/VERSION
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
0.2.0
|