Sha256: 228e7884ea0e5e935925d4953a730fa6997fd082a188d55fc20e1aca7062e66c

Contents?: true

Size: 1007 Bytes

Versions: 1

Compression:

Stored size: 1007 Bytes

Contents

# frozen_string_literal: true

require "open-uri"
require "json"

module Mihari
  module Analyzers
    class Shodan < Base
      attr_reader :api_key
      attr_reader :title
      attr_reader :description
      attr_reader :query

      def initialize(query)
        super()

        api_key = ENV.fetch("SHODAN_API_KEY", nil)
        raise ArgumentError, "SHODAN_API_KEY is required" unless api_key

        @api_key = api_key
        @query = query
        @title = "Shodan lookup"
        @description = "Query: #{query}"
      end

      def artifacts
        result = search
        return [] unless result

        matches = result.dig("matches") || []
        matches.map do |match|
          match.dig "ip_str"
        end.compact
      end

      private

      def search
        uri = URI("https://api.shodan.io/shodan/host/search?key=#{api_key}&query=#{query}")
        begin
          JSON.parse uri.read
        rescue OpenURI::HTTPError
          nil
        end
      end
    end
  end
end

Version data entries

1 entries across 1 versions & 1 rubygems

Version Path
mihari-0.1.0 lib/mihari/analyzers/shodan.rb