RubyGems - ukemi - Versions diffs - 0.3.0 → 0.4.0 - Mend

ukemi 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 772366e3c49f7e5795e5725ca5535662c1626c9fa9522499aae4393b16c4d989
-  data.tar.gz: 13e976f1cc0e16c1e0e0b4cf96baeaefe848a963c827079616898564ad370732
+  metadata.gz: 4d580aab085fc77ec8b77f427510401de772ee7d7c1f43e382d357ad908b8d35
+  data.tar.gz: 38edc17fca078bcae250a7f234811febc1d2e2afe4e072c76a6a829db7073cd0
 SHA512:
-  metadata.gz: e15595740c568adc0b5c6feed7b881492afc1a3166f43b0f9a5aaff4e4a00dba9161e7d6a1decba2d71b900edd32fb969c341972ff82aa4a9dc21d9c6a771b57
-  data.tar.gz: a1ebc0af8b442e49f46204c40ee121317da97c4e4598adeb2724a4083c09c9e2b2647f80e152913ae6025ed8ae9fa4ba769e6defbeb2576c7493f712f6e7d3d2
+  metadata.gz: f848faef9dea0a78e6f975f5018baaf793544a42848ff4b22bcdbabbed5051b84b5e9403ee61999ebad0e352a51710f0b83dbf8d0763b33d45a8b2543a598a0c
+  data.tar.gz: 5218157189624ccc636a4b12566217f94900c5564c0541e2885233e577176822fd049d75f906dcff69cd2e0a6629c4c89ec1677e3c00d8151402de975e0bb2f7

data/README.md CHANGED

@@ -11,6 +11,7 @@ It supports the following services.
 - [CIRCL passive DNS](https://www.circl.lu/services/passive-dns/)
 - [DNSDB](https://api.dnsdb.info/)
+- [OTX](https://otx.alienvault.com)
 - [PassiveTotal](https://community.riskiq.com/)
 - [SecurityTrails](https://securitytrails.com/)
 - [VirusTotal](http://virustotal.com)
@@ -32,6 +33,7 @@ Configuration is done via environment variables.
 | CIRCL_PASSIVE_PASSWORD | CIRCL passive DNS password |
 | CIRCL_PASSIVE_USERNAME | CIRCL passive DNS username |
 | DNSDB_API_KEY          | DNSDB API key              |
+| OTX_API_KEY            | OTX API key                |
 | PASSIVETOTAL_API_KEY   | PassiveTotal API key       |
 | PASSIVETOTAL_USERNAME  | PassiveTotal username      |
 | SECURITYTRAILS_API_KEY | SecurityTrails API key     |

data/lib/ukemi.rb CHANGED

@@ -23,6 +23,7 @@ require "ukemi/services/service"
 require "ukemi/services/circl"
 require "ukemi/services/dnsdb"
+require "ukemi/services/otx"
 require "ukemi/services/passivetotal"
 require "ukemi/services/securitytrails"
 require "ukemi/services/virustotal"

data/lib/ukemi/moderator.rb CHANGED

@@ -13,7 +13,7 @@ module Ukemi
         begin
           service.lookup data
-        rescue ::PassiveTotal::Error, ::VirusTotal::Error, ::SecurityTrails::Error, PassiveCIRCL::Error, DNSDB::Error
+        rescue ::PassiveTotal::Error, ::VirusTotal::Error, ::SecurityTrails::Error, PassiveCIRCL::Error, DNSDB::Error, Faraday::Error
           nil
         end
       end.flatten.compact

data/lib/ukemi/services/otx.rb ADDED

@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+require "date"
+require "otx_ruby"
+module Ukemi
+  module Services
+    class OTX < Service
+      private
+      def config_keys
+        %w(OTX_API_KEY)
+      end
+      def api_key
+        @api_key ||= ENV["OTX_API_KEY"]
+      end
+      def domain_client
+        @domain_client ||= ::OTX::Domain.new(api_key)
+      end
+      def ip_client
+        @ip_client ||= ::OTX::IP.new(api_key)
+      end
+      def lookup_by_ip(data)
+        records = ip_client.get_passive_dns(data)
+        memo = Hash.new { |h, k| h[k] = [] }
+        records.each do |record|
+          next if record.record_type != "A"
+          domain = record.hostname
+          memo[domain] <<  Date.parse(record.last).to_s
+          memo[domain] <<  Date.parse(record.first).to_s
+        end
+        memo.keys.map do |domain|
+          Record.new(
+            data: domain,
+            first_seen: memo[domain].min,
+            last_seen: memo[domain].max,
+            source: name
+          )
+        end
+      end
+      def lookup_by_domain(data)
+        records = domain_client.get_passive_dns(data)
+        memo = Hash.new { |h, k| h[k] = [] }
+        records.each do |record|
+          next if record.record_type != "A"
+          next if record.hostname != data
+          ip = record.address
+          memo[ip] <<  Date.parse(record.last).to_s
+          memo[ip] <<  Date.parse(record.first).to_s
+        end
+        memo.keys.map do |ip|
+          Record.new(
+            data: ip,
+            first_seen: memo[ip].min,
+            last_seen: memo[ip].max,
+            source: name
+          )
+        end
+      end
+    end
+  end
+end

data/lib/ukemi/version.rb CHANGED

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Ukemi
-  VERSION = "0.3.0"
+  VERSION = "0.4.0"
 end

data/ukemi.gemspec CHANGED

@@ -29,12 +29,13 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "coveralls", "~> 0.8"
   spec.add_development_dependency "rake", "~> 13.0"
   spec.add_development_dependency "rspec", "~> 3.9"
-  spec.add_development_dependency "vcr", "~> 5.0"
+  spec.add_development_dependency "vcr", "~> 6.0"
   spec.add_development_dependency "webmock", "~> 3.8"
   spec.add_dependency "addressable", "~> 2.7"
   spec.add_dependency "dnsdb", "~> 0.1"
   spec.add_dependency "mem", "~> 0.1"
+  spec.add_dependency "otx_ruby", "~> 0.9"
   spec.add_dependency "parallel", "~> 1.19"
   spec.add_dependency "passive_circl", "~> 0.1"
   spec.add_dependency "passivetotalx", "~> 0.1"

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ukemi
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Manabu Niseki
-autorequire:
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-03-20 00:00:00.000000000 Z
+date: 2020-08-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -72,14 +72,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: webmock
   requirement: !ruby/object:Gem::Requirement
@@ -136,6 +136,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.1'
+- !ruby/object:Gem::Dependency
+  name: otx_ruby
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
 - !ruby/object:Gem::Dependency
   name: parallel
   requirement: !ruby/object:Gem::Requirement
@@ -260,6 +274,7 @@ files:
 - lib/ukemi/record.rb
 - lib/ukemi/services/circl.rb
 - lib/ukemi/services/dnsdb.rb
+- lib/ukemi/services/otx.rb
 - lib/ukemi/services/passivetotal.rb
 - lib/ukemi/services/securitytrails.rb
 - lib/ukemi/services/service.rb
@@ -271,7 +286,7 @@ licenses:
 - MIT
 metadata:
   homepage_uri: https://github.com/ninoseki/ukemi
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -287,7 +302,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.2
-signing_key:
+signing_key:
 specification_version: 4
 summary: A CLI tool for querying passive DNS services
 test_files: []