Module: Falconz::APIs::Search

Included in:
Client
Defined in:
lib/falconz/apis/search.rb

Instance Method Summary collapse

Instance Method Details

#search_hash(string) ⇒ Array<Hash>

Get summaries for a given hash.

Example

search_results = client.search_hash("e2442c82f3af5c6c72694ad670d385571418f64b998e2c470c3a5fcd18181932")

search_results.first["total_signatures"]
 # => 15

www.hybrid-analysis.com/docs/api/v2#/Search/post_search_hash



16
17
18
19
20
21
 
# File 'lib/falconz/apis/search.rb', line 16

def search_hash(string)
  options = {}
  options[:hash] = string unless string.nil?
  raise "Requires a MD5, SHA1 or SHA256 hash" if options[:hash].nil?
  post_request("/search/hash", options)
end

#search_hashes(*strings) ⇒ Array<Hash>

Get a summaries for any amount of given hashes.

Example

search_results = client.search_hashes("e2442c82f3af5c6c72694ad670d385571418f64b998e2c470c3a5fcd18181932", "1cc406f6bf071bf5d96634cf9ab4ee94c2103e9b96207fdb37234536bb12bd50")

search_results.count 
# => 2

search_results.first["total_signatures"]
# => 15

# print all search results to screen, as json
puts search.to_json

www.hybrid-analysis.com/docs/api/v2#/Search/post_search_hashes



41
42
43
44
45
46
 
# File 'lib/falconz/apis/search.rb', line 41

def search_hashes(*strings)
  options = {}
  options[:hashes] = strings unless strings.nil? or strings.empty?
  raise "Requires MD5, SHA1 or SHA256 hashes" if options[:hashes].nil?
  post_request("/search/hashes", options)
end

#search_terms(**options) ⇒ Array<Hash>

Search the database using search terms.

Example

pdf_results = client.search_terms(filetype: "pdf")

# count malicious pdfs from results
pdf_results["result"].select { |r| r["verdict"] == "malicious" }.count

Example 

ransomware_results = client.search_terms(tag: "ransomware")

ransomware_results["count"]
# => 196

www.hybrid-analysis.com/docs/api/v2#/Search/post_search_terms



66
67
68
 
# File 'lib/falconz/apis/search.rb', line 66

def search_terms(**options)
  post_request("/search/terms", options)
end