class OTX::Hostname

Public Instance Methods

count_nids_list(hostname, pda) click to toggle source

Tallies total NIDS rules linked to a hostname

@param hostname [String] Hostname to check for NIDS rules @param pda [Array] Passive DNS objects to check for linked NIDS rules @return [Integer] Total number of NIDS rules

# File lib/otx_ruby/hostname.rb, line 102
def count_nids_list(hostname, pda)
  grant_access = self.instance_variable_get('@key')
  ip_object = OTX::IP.new(grant_access)

  total = 0
  pda.each do |pdr|
    nids_list = ip_object.get_nids_list(pdr.address)
    total += nids_list.count
  end

  return total
end
get_general(hostname) click to toggle source
# File lib/otx_ruby/hostname.rb, line 3
def get_general(hostname)
  uri = "/api/v1/indicators/hostname/#{hostname}/general"

  json_data = get(uri)

  general = OTX::Indicator::IP::General.new(json_data)

  return general
end
get_geo(hostname) click to toggle source
# File lib/otx_ruby/hostname.rb, line 13
def get_geo(hostname)
  uri = "/api/v1/indicators/hostname/#{hostname}/geo"

  json_data = get(uri)

  geo = OTX::Indicator::IP::Geo.new(json_data)

  return geo
end
get_http_scans(hostname) click to toggle source
# File lib/otx_ruby/hostname.rb, line 80
def get_http_scans(hostname)
  uri = "/api/v1/indicators/hostname/#{hostname}/http_scans"

  json_data = get(uri)

  results = []
  unless json_data['data'].nil?
    json_data['data'].each do |http_scan|
      results << OTX::Indicator::IP::HTTPScan.new(http_scan)
    end
  end

  return results
end
get_malware(hostname) click to toggle source
# File lib/otx_ruby/hostname.rb, line 23
def get_malware(hostname)
  uri = "/api/v1/indicators/hostname/#{hostname}/malware"
  malwares = []
  params = {}

  begin
    json_data = get(uri, params)
    page = json_data['next']

    params = URI::decode_www_form(URI(page).query).to_h unless page.nil?

    malwares += json_data['data']
  end while page && !json_data['data'].empty?

  results = []
  malwares.each do |malware|
    results << OTX::Indicator::IP::Malware.new(malware)
  end

  return results
end
get_passive_dns(hostname) click to toggle source
# File lib/otx_ruby/hostname.rb, line 67
def get_passive_dns(hostname)
  uri = "/api/v1/indicators/hostname/#{hostname}/passive_dns"

  json_data = get(uri)

  results = []
  json_data['passive_dns'].each do |dns|
    results << OTX::Indicator::IP::DNS.new(dns)
  end

  return results
end
get_url_list(hostname) click to toggle source
# File lib/otx_ruby/hostname.rb, line 45
def get_url_list(hostname)
  uri = "/api/v1/indicators/hostname/#{hostname}/url_list"

  page = 0
  url_list = []
  begin
    page += 1
    params = {limit: 20, page: page}
    json_data = get(uri, params)
    has_next = json_data['has_next']

    url_list += json_data['url_list']
  end while has_next

  results = []
  url_list.each do |url|
    results << OTX::Indicator::IP::URL.new(url)
  end

  return results
end