Class: Enricher::VirusTotal

Inherits:
Object
  • Object
show all
Defined in:
lib/enricher/virustotal.rb

Overview

Bogons ipv4 allow for both static simple checks and for dynamic full Bogon list checks provided by Team Cymru.

Constant Summary collapse

DISABLED = 
true

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(constructor = {}) ⇒ VirusTotal

Returns a new instance of VirusTotal.

Raises:



17
18
19
20
21
22
23
24
25
 
# File 'lib/enricher/virustotal.rb', line 17

def initialize(constructor = {})

  raise DisabledClassIncluded if DISABLED 
  #First you need to include the correct require files
  APT_KEY = "YOUR API KEY HERE"
  @@hash_cache ||= Vash.new
  @@url_cache ||= Vash.new  
  # Voliate Cache store for 43200 (12hr)
end

Class Method Details

.hash_cacheObject 



13
14
15
 
# File 'lib/enricher/virustotal.rb', line 13

def self.hash_cache
  @@hash_cache
end

.url_cacheObject 



9
10
11
 
# File 'lib/enricher/virustotal.rb', line 9

def self.url_cache
  @@url_cache
end

Instance Method Details

#hash(hash) ⇒ Object 



27
28
29
30
31
32
 
# File 'lib/enricher/virustotal.rb', line 27

def hash(hash)
  #To query a hash(sha1/sha256/md5)
  @@hash_cache["vt_#{hash}".to_sym] ||= Uirusu::VTFile.query_report(VT_APT_KEY, hash)
  result = Uirusu::VTResult.new(hash, results)
  result.to_json
end

#url(url) ⇒ Object 



34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/enricher/virustotal.rb', line 34

def url(url)

  # Use Base 36 for symbols
  #>> "[email protected]".hash.to_s(36)
  #=> "37zed965f04p"
  #>> "http://[email protected]".hash.to_s(36)
  #=> "vj36lppwievl"
      #=> Tack on.. vt_ to url converted .hash.to_s(36)

  @@url_cache["vt_#{url.hash.to_s(36)}".to_sym] ||= Uirusu::VTUrl.query_report(VT_APT_KEY, url)
   
  result = Uirusu::VTResult.new(url, results)
  result.to_json
end