Class: Mihari::Analyzers::CIRCL

Inherits:

Base

• Object
• Mihari::Actor
• Base
• Mihari::Analyzers::CIRCL

Includes:

Concerns::Refangable

Defined in:

lib/mihari/analyzers/circl.rb

Overview

CIRCL passive DNS/SSL analyzer

Constant Summary

Constants included from Concerns::Retriable

Concerns::Retriable::DEFAULT_CONDITION, Concerns::Retriable::RETRIABLE_ERRORS

Instance Attribute Summary

• #password ⇒ String^? readonly
• #type ⇒ String^? readonly
• #username ⇒ String^? readonly

Attributes inherited from Base

#query

Attributes inherited from Mihari::Actor

#options

Instance Method Summary

• #artifacts ⇒ Object
• #configured? ⇒ Boolean
• #initialize(query, options: nil, username: nil, password: nil) ⇒ CIRCL constructor

  A new instance of CIRCL.

Methods included from Concerns::Refangable

#refang

Methods inherited from Base

#call, from_params, #ignore_error?, inherited, #normalized_artifacts, #pagination_interval, #pagination_limit, #parallel?, #result, #truncated_query

Methods inherited from Mihari::Actor

#call, configuration_keys, key, key_aliases, keys, #result, #retry_exponential_backoff, #retry_interval, #retry_times, #timeout, type, #validate_configuration!

Methods included from Concerns::Retriable

#retry_on_error

Methods included from Concerns::Configurable

#configuration_keys?

Constructor Details

#initialize(query, options: nil, username: nil, password: nil) ⇒ CIRCL

Returns a new instance of CIRCL.

Parameters:

• query (String)
• options (Hash, nil) (defaults to: nil)
• username (String, nil) (defaults to: nil)
• password (String, nil) (defaults to: nil)

# File 'lib/mihari/analyzers/circl.rb', line 26

def initialize(query, options: nil, username: nil, password: nil)
  super(refang(query), options:)

  @type = DataType.type(query)

  @username = username || Mihari.config.circl_passive_username
  @password = password || Mihari.config.circl_passive_password
end

Instance Attribute Details

#password ⇒ String^? (readonly)

Returns:

• (String, nil)

# File 'lib/mihari/analyzers/circl.rb', line 18

def password
  @password
end

#type ⇒ String^? (readonly)

Returns:

• (String, nil)

# File 'lib/mihari/analyzers/circl.rb', line 12

def type
  @type
end

#username ⇒ String^? (readonly)

Returns:

• (String, nil)

# File 'lib/mihari/analyzers/circl.rb', line 15

def username
  @username
end

Instance Method Details

#artifacts ⇒ Object

# File 'lib/mihari/analyzers/circl.rb', line 35

def artifacts
  case type
  when "domain"
    client.passive_dns_search query
  when "hash"
    client.passive_ssl_search query
  else
    raise ValueError, "#{@query}(type: #{@type || "unknown"}) is not supported."
  end
end

#configured? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/mihari/analyzers/circl.rb', line 46

def configured?
  configuration_keys? || (username? && password?)
end