Class: Mihari::Analyzers::Urlscan

Inherits:

Base

• Object
• Base
• Mihari::Analyzers::Urlscan

Defined in:

lib/mihari/analyzers/urlscan.rb

Instance Attribute Summary

• #api ⇒ Object readonly

  Returns the value of attribute api.

• #description ⇒ Object readonly

  Returns the value of attribute description.

• #query ⇒ Object readonly

  Returns the value of attribute query.

• #tags ⇒ Object readonly

  Returns the value of attribute tags.

• #target_type ⇒ Object readonly

  Returns the value of attribute target_type.

• #title ⇒ Object readonly

  Returns the value of attribute title.

Attributes inherited from Base

#the_hive

Instance Method Summary

• #artifacts ⇒ Object
• #initialize(query, title: nil, description: nil, tags: [], target_type: "url") ⇒ Urlscan constructor

  A new instance of Urlscan.

Methods inherited from Base

#run, #run_emitter

Constructor Details

#initialize(query, title: nil, description: nil, tags: [], target_type: "url") ⇒ Urlscan

Returns a new instance of Urlscan.

Raises:

• (ArgumentError)

# File 'lib/mihari/analyzers/urlscan.rb', line 15

def initialize(query, title: nil, description: nil, tags: [], target_type: "url")
  super()

  @api = ::UrlScan::API.new
  @query = query
  @title = title || "urlscan lookup"
  @description = description || "query = #{query}"
  @tags = tags
  @target_type = target_type

  raise ArgumentError, "type should be url, domain or ip." unless valid_target_type?
end

Instance Attribute Details

#api ⇒ Object (readonly)

Returns the value of attribute api.

# File 'lib/mihari/analyzers/urlscan.rb', line 8

def api
  @api
end

#description ⇒ Object (readonly)

Returns the value of attribute description.

# File 'lib/mihari/analyzers/urlscan.rb', line 10

def description
  @description
end

#query ⇒ Object (readonly)

Returns the value of attribute query.

# File 'lib/mihari/analyzers/urlscan.rb', line 11

def query
  @query
end

#tags ⇒ Object (readonly)

Returns the value of attribute tags.

# File 'lib/mihari/analyzers/urlscan.rb', line 12

def tags
  @tags
end

#target_type ⇒ Object (readonly)

Returns the value of attribute target_type.

# File 'lib/mihari/analyzers/urlscan.rb', line 13

def target_type
  @target_type
end

#title ⇒ Object (readonly)

Returns the value of attribute title.

# File 'lib/mihari/analyzers/urlscan.rb', line 9

def title
  @title
end

Instance Method Details

#artifacts ⇒ Object

# File 'lib/mihari/analyzers/urlscan.rb', line 28

def artifacts
  result = search
  return [] unless result

  results = result.dig("results") || []
  results.map do |match|
    match.dig "page", target_type
  end.compact.uniq
end