Sha256: 4f362f110aa1f29e36bec545c0e2a196541b9afa5a8dd6703affbef878ac8b27
Contents?: true
Size: 1.44 KB
Versions: 1
Compression:
Stored size: 1.44 KB
Contents
# frozen_string_literal: true
module Mihari
module Analyzers
class VirusTotalIntelligence < Base
param :query
option :interval, default: proc { 0 }
# @return [String, nil]
attr_reader :api_key
# @return [String]
attr_reader :query
# @return [Integer]
attr_reader :interval
def initialize(*args, **kwargs)
super
@query = query
@api_key = kwargs[:api_key] || Mihari.config.virustotal_api_key
end
def artifacts
responses = search_with_cursor
responses.map(&:to_artifacts).flatten
end
private
def configuration_keys
%w[virustotal_api_key]
end
#
# VT API
#
# @return [::VirusTotal::API]
#
def client
@client = Clients::VirusTotal.new(api_key: api_key)
end
#
# Search with cursor
#
# @return [Array<Structs::VirusTotalIntelligence::Response>]
#
def search_with_cursor
cursor = nil
responses = []
loop do
response = Structs::VirusTotalIntelligence::Response.from_dynamic!(client.intel_search(query, cursor: cursor))
responses << response
break if response.meta.cursor.nil?
cursor = response.meta.cursor
# sleep #{interval} seconds to avoid the rate limitation (if it is set)
sleep interval
end
responses
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| mihari-5.2.2 | lib/mihari/analyzers/virustotal_intelligence.rb |