class Mihari::Analyzers::Pulsedive
Attributes
type[R]
Public Class Methods
new(*args, **kwargs)
click to toggle source
Calls superclass method
Mihari::Analyzers::Base::new
# File lib/mihari/analyzers/pulsedive.rb, line 17 def initialize(*args, **kwargs) super @query = refang(query) @type = TypeChecker.type(query) end
Public Instance Methods
artifacts()
click to toggle source
# File lib/mihari/analyzers/pulsedive.rb, line 24 def artifacts search || [] end
Private Instance Methods
api()
click to toggle source
# File lib/mihari/analyzers/pulsedive.rb, line 34 def api @api ||= ::Pulsedive::API.new(Mihari.config.pulsedive_api_key) end
configuration_keys()
click to toggle source
# File lib/mihari/analyzers/pulsedive.rb, line 30 def configuration_keys %w[pulsedive_api_key] end
search()
click to toggle source
Search
@return [Array<String>]
# File lib/mihari/analyzers/pulsedive.rb, line 52 def search raise InvalidInputError, "#{query}(type: #{type || "unknown"}) is not supported." unless valid_type? indicator = api.indicator.get_by_value(query) iid = indicator["iid"] properties = api.indicator.get_properties_by_id(iid) (properties["dns"] || []).filter_map do |property| property["value"] if ["A", "PTR"].include?(property["name"]) end end
valid_type?()
click to toggle source
Check whether a type is valid or not
@return [Boolean]
# File lib/mihari/analyzers/pulsedive.rb, line 43 def valid_type? %w[ip domain].include? type end