module Falconz::APIs::Report

Constants

VALID_REPORT_FILE_TYPES

valid report file types for report_file @see report_file

Public Instance Methods

report_droppedfiles(id) click to toggle source

retrieve all extracted/dropped binaries files for a report, as zip www.hybrid-analysis.com/docs/api/v2#/Report/get_report__id__dropped_files

# File lib/falconz/apis/report.rb, line 41
def report_droppedfiles(id)
  raise_if_id_is_not_valid(id)
  get_request("/report/#{id}/dropped-files")
end
report_file(id, type) click to toggle source

downloading report data (e.g. JSON, XML, PCAP) www.hybrid-analysis.com/docs/api/v2#/Report/get_report__id__file_type

# File lib/falconz/apis/report.rb, line 26
def report_file(id, type)
  raise_if_id_is_not_valid(id)
  raise_if_report_file_type_is_not_valid(type)
  get_request("/report/#{id}/file/#{type}")
end
report_sreenshots(id) click to toggle source

retrieve an array of screenshots from a report in the Base64 format www.hybrid-analysis.com/docs/api/v2#/Report/get_report__id__screenshots

# File lib/falconz/apis/report.rb, line 34
def report_sreenshots(id)
  raise_if_id_is_not_valid(id)
  get_request("/report/#{id}/screenshots")
end
report_state(id) click to toggle source

return state of a submission www.hybrid-analysis.com/docs/api/v2#/Report/get_report__id__state

# File lib/falconz/apis/report.rb, line 6
def report_state(id)
  raise_if_id_is_not_valid(id)
  get_request("/report/#{id}/hash")
end
report_summary(id) click to toggle source

return summary of a submission www.hybrid-analysis.com/docs/api/v2#/Report/get_report__id__summary

# File lib/falconz/apis/report.rb, line 13
def report_summary(id)
  raise_if_id_is_not_valid(id)
  get_request("/report/#{id}/hash")
end

Private Instance Methods

id_is_in_probably_valid_format?(id) click to toggle source

check if a given ID is probably valid or not @see report_file

# File lib/falconz/apis/report.rb, line 57
def id_is_in_probably_valid_format?(id)
  return false if id.nil?
  return false unless id.is_a? String
  return true 
end
raise_if_id_is_not_valid(id) click to toggle source

raise an error if the given ID isn't (probably) valid

# File lib/falconz/apis/report.rb, line 49
def raise_if_id_is_not_valid(id)
  unless id_is_in_probably_valid_format?(id)
    raise "need if in format: ‘jobId’ or ‘sha256:environmentId’"
  end
end
raise_if_report_file_type_is_not_valid(type) click to toggle source

raise an error if the report file type argument isn't valid @see report_file

# File lib/falconz/apis/report.rb, line 90
def raise_if_report_file_type_is_not_valid(type)
  unless report_file_type_is_valid?(id)
    raise "Type requires https://www.reverse.it/docs/api/v2#/Report/get_report__id__file__type:\n#{VALID_REPORT_FILE_TYPES}"
  end
end
report_file_type_is_valid?(type) click to toggle source

check if a report file type argument is valid @see report_file

# File lib/falconz/apis/report.rb, line 83
def report_file_type_is_valid?(type)
  return true if VALID_REPORT_FILE_TYPES.keys.include? type.to_s.downcase
  false
end