class Mihari::Analyzers::CIRCL
Attributes
type[R]
Public Class Methods
new(*args, **kwargs)
click to toggle source
Calls superclass method
Mihari::Analyzers::Base::new
# File lib/mihari/analyzers/circl.rb, line 17 def initialize(*args, **kwargs) super @query = refang(query) @type = TypeChecker.type(query) end
Public Instance Methods
artifacts()
click to toggle source
# File lib/mihari/analyzers/circl.rb, line 24 def artifacts search || [] end
Private Instance Methods
api()
click to toggle source
# File lib/mihari/analyzers/circl.rb, line 34 def api @api ||= ::PassiveCIRCL::API.new(username: Mihari.config.circl_passive_username, password: Mihari.config.circl_passive_password) end
configuration_keys()
click to toggle source
# File lib/mihari/analyzers/circl.rb, line 30 def configuration_keys %w[circl_passive_password circl_passive_username] end
passive_dns_search()
click to toggle source
Passive DNS search
@return [Array<String>]
# File lib/mihari/analyzers/circl.rb, line 59 def passive_dns_search results = api.dns.query(@query) results.filter_map do |result| type = result["rrtype"] type == "A" ? result["rdata"] : nil end.uniq end
passive_ssl_search()
click to toggle source
Passive SSL search
@return [Array<String>]
# File lib/mihari/analyzers/circl.rb, line 72 def passive_ssl_search result = api.ssl.cquery(@query) seen = result["seen"] || [] seen.uniq end
search()
click to toggle source
Passive DNS/SSL search
@return [Array<String>]
# File lib/mihari/analyzers/circl.rb, line 43 def search case @type when "domain" passive_dns_search when "hash" passive_ssl_search else raise InvalidInputError, "#{@query}(type: #{@type || "unknown"}) is not supported." end end