Onyphe-rb
Onyphe API wrapper for Ruby.
Installation
Add this line to your application's Gemfile:
gem 'onyphe'
And then execute:
$ bundle
Or install it yourself as:
$ gem install onyphe
Usage
As a library
require "ohyphe"
# When given nothing, it tries to load your API key from ENV["ONYPHE_API_KEY"]
api = Onyphe::API.new
# or you can pass your API key as an argument
api = Onyphe::API.new(YOUR_API_KEY)
api.ctl("github.com")
api.datascan("1.1.1.1")
api.forward("1.1.1.1")
api.geoloc("1.1.1.1")
api.inetnum("1.1.1.1")
api.ip("1.1.1.1")
api.md5("44d88612fea8a8f36de82e1278abb02f")
api.onionscan("3fyb44wdhnd2ghhl.onion")
api.pastries("1.1.1.1")
api.reverse("1.1.1.1")
api.sniffer("1.1.1.1")
api.synscan("1.1.1.1")
api.threatlist("1.1.1.1")
api.search.datascan(
os: "Windows",
port: 443,
product: "HTTP Server",
tls: true
)
api.search.synscan(
country: "FR",
port: 23,
tag: "mirai"
)
api.search.inetnum(organization: "OVH SAS")
api.search.threatlist(country: "RU")
api.search.pastries(content: "hacked")
api.search.resolver(ip: "124.108.0.0/16")
api.search.sniffer(ip: "14.164.0.0/14")
api.search.ctl(host: "vpn")
api.search.onionscan("app.http.keywords": "dump")
Pagination
Enumerable style pagination is not supported at the present time.
You can specify page index by passing page
argument to the method.
res = api.search.threatlist(country: "RU", page: 1)
page = res.page
max_page = res.max_page
((page + 1)..max_page).each do |page_index|
res = api.search.threatlist({ country: "RU" }, page = page_index)
end
As a CLI tool
Note: make sure that your API key is set as an environment variable ONYPHE_API_KEY
before using the CLI tool.
$ onyphe
Commands:
onyphe ctl DOMAIN # It will return information for the given domain name X509 certificate information from CTLs with history of changes
onyphe datascan IP/STRING # It will return datascan information for the given IPv{4,6} address or string with history of changes
onyphe forward IP # It will return forward DNS lookup information for the given IPv{4,6} address with history of changes
onyphe geoloc IP # It will return geolocation information for the given IPv{4,6} address
onyphe help [COMMAND] # Describe available commands or one specific command
onyphe inetnum IP # It will return inetnum information for the given IPv{4,6} address with history of changes
onyphe ip IP # It will return a summary of all information for the given IPv{4,6} address
onyphe md5 MD5 # It will return information for the given datamd5 filter from datascan information category with history of changes
onyphe onionscan ONION # It will return information for the given onion domain with history of changes
onyphe pastries IP # It will return pastries information for the given IPv{4,6} address with history of changes
onyphe reverse IP # It will return reverse DNS lookup information for the given IPv{4,6} address with history of changes
onyphe sniffer IP # It will return information for the given IP address with history of changes
onyphe synscan IP # It will return synscan information for the given IPv{4,6} address with history of changes.
onyphe threattlist IP # It will return threatlist information for the given IPv{4,6} address with history of change
$ onyphe geoloc 1.1.1.1
{"count":1,"error":0,"myip":"x.x.x.x","results":[{"@category":"geoloc","@timestamp":"2018-11-18T00:15:50.000Z","@type":"doc","asn":"AS13335","city":"","country":"AU","ip":"1.1.1.1","ipv6":"false","latitude":"-33.4940","location":"-33.4940,143.2104","longitude":"143.2104","organization":"Cloudflare, Inc.","subnet":"1.1.1.0/24"}],"status":"ok","took":"0.000","total":1}
Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/nioseki/onyphe.
License
The gem is available as open source under the terms of the MIT License.