class Mihari::Analyzers::Spyse
Public Instance Methods
artifacts()
click to toggle source
# File lib/mihari/analyzers/spyse.rb, line 15 def artifacts search || [] end
Private Instance Methods
api()
click to toggle source
# File lib/mihari/analyzers/spyse.rb, line 29 def api @api ||= ::Spyse::API.new(Mihari.config.spyse_api_key) end
configuration_keys()
click to toggle source
# File lib/mihari/analyzers/spyse.rb, line 25 def configuration_keys %w[spyse_api_key] end
domain_search()
click to toggle source
Domain search
@return [Array<String>]
# File lib/mihari/analyzers/spyse.rb, line 47 def domain_search res = api.domain.search(search_params, limit: 100) items = res.dig("data", "items") || [] items.map do |item| item["name"] end.uniq.compact end
ip_search()
click to toggle source
IP search
@return [Array<String>]
# File lib/mihari/analyzers/spyse.rb, line 60 def ip_search res = api.ip.search(search_params, limit: 100) items = res.dig("data", "items") || [] items.map do |item| item["ip"] end.uniq.compact end
search()
click to toggle source
IP/domain search
@return [Array<String>]
# File lib/mihari/analyzers/spyse.rb, line 73 def search case type when "domain" domain_search when "ip" ip_search else raise InvalidInputError, "#{query}(type: #{type || "unknown"}) is not supported." unless valid_type? end end
search_params()
click to toggle source
# File lib/mihari/analyzers/spyse.rb, line 21 def search_params @search_params ||= JSON.parse(query) end
valid_type?()
click to toggle source
Check whether a type is valid or not
@return [Boolean]
# File lib/mihari/analyzers/spyse.rb, line 38 def valid_type? %w[ip domain cert].include? type end