Sha256: 35ad947b4627fcd4e01a82d6e345edb008a454ef71f16cdf00f2528bc6623e88
Contents?: true
Size: 1.39 KB
Versions: 2
Compression:
Stored size: 1.39 KB
Contents
# frozen_string_literal: true
require "parallel"
module Mihari
module Analyzers
class PassiveDNS < Base
attr_reader :query
attr_reader :type
attr_reader :title
attr_reader :description
attr_reader :tags
ANALYZERS = [
Mihari::Analyzers::CIRCL,
Mihari::Analyzers::PassiveTotal,
Mihari::Analyzers::SecurityTrails,
Mihari::Analyzers::VirusTotal,
].freeze
def initialize(query, title: nil, description: nil, tags: [])
super()
@query = query
@type = TypeChecker.type(query)
@title = title || "PassiveDNS cross search"
@description = description || "query = #{query}"
@tags = tags
end
def artifacts
Parallel.map(analyzers) do |analyzer|
run_analyzer analyzer
end.flatten
end
private
def valid_type?
%w(ip domain).include? type
end
def analyzers
raise InvalidInputError, "#{query}(type: #{type || 'unknown'}) is not supported." unless valid_type?
ANALYZERS.map do |klass|
klass.new(query)
end
end
def run_analyzer(analyzer)
analyzer.artifacts
rescue ArgumentError, InvalidInputError => _e
nil
rescue ::PassiveCIRCL::Error, ::PassiveTotal::Error, ::SecurityTrails::Error, ::VirusTotal::Error => _e
nil
end
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| mihari-0.15.0 | lib/mihari/analyzers/passive_dns.rb |
| mihari-0.14.0 | lib/mihari/analyzers/passive_dns.rb |