Module: Sonar::Search

Included in:

Client

Defined in:

lib/sonar/search.rb

Defined Under Namespace

Classes: SearchError

Constant Summary

IS_IP =

Allow IP queries to be in the form of “1.”, “1.2.”, “1.2.3.”, and “1.2.3.4”

/^(\d{1,3}\.|\d{1,3}\.\d{1,3}\.|\d{1,3}\.\d{1,3}\.\d{1,3}\.|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$/

QUERY_TYPES =

Implemented search query types

[
  { name: 'certificate', description: 'Certificate lookup', input: 'sha' },
  { name: 'certips', description: 'Certificate to IPs', input: 'sha' },
  { name: 'rdns', description: 'IP to Reverse DNS Lookup or DNS Lookup to IP', input: 'ip' },
  { name: 'fdns', description: 'Domains to IP or IPs to Domain', input: 'domain' },
  { name: 'ipcerts', description: 'IP to Certificates', input: 'ip' },
  { name: 'namecerts', description: 'Domain to Certificates', input: 'domain' },
  { name: 'links_to', description: 'HTTP References to Domain', input: 'domain' },
  { name: 'ports', description: 'Open Ports', input: 'ip' },
  { name: 'processed', description: 'Open Ports (Processed)', input: 'ip' },
  { name: 'raw', description: 'Open Ports (Raw)', input: 'ip' },
  { name: 'sslcert', description: 'Certificate Details', input: 'sha' },
  { name: 'all', description: 'Search all appropriate search types for an IP or domain', input: 'all' }
]

Instance Method Summary

• #domain_search_type_names ⇒ Object
• #domain_search_types ⇒ Object
• #ip_search_type_names ⇒ Object
• #ip_search_types ⇒ Object
• #query_type_names ⇒ Object
• #search(params = {}) ⇒ Hashie::Mash

  Get search.

Instance Method Details

#domain_search_type_names ⇒ Object

# File 'lib/sonar/search.rb', line 35

def domain_search_type_names
  domain_search_types.map { |type| type[:name] }
end

#domain_search_types ⇒ Object

# File 'lib/sonar/search.rb', line 43

def domain_search_types
  QUERY_TYPES.select { |type| type[:input] == 'domain' }
end

#ip_search_type_names ⇒ Object

# File 'lib/sonar/search.rb', line 31

def ip_search_type_names
  ip_search_types.map { |type| type[:name] }
end

#ip_search_types ⇒ Object

# File 'lib/sonar/search.rb', line 39

def ip_search_types
  QUERY_TYPES.select { |type| type[:input] == 'ip' }
end

#query_type_names ⇒ Object

# File 'lib/sonar/search.rb', line 47

def query_type_names
  QUERY_TYPES.map { |type| type[:name] }
end

#search(params = {}) ⇒ Hashie::Mash

Get search

params take in search type as key and query as value ‘rapid7.com’

Returns:

• (Hashie::Mash) —

  with response of search

# File 'lib/sonar/search.rb', line 58

def search(params = {})
  type_query = params.select { |k, _v| query_type_names.include?(k.to_s) }.first
  fail ArgumentError, "The query type provided is invalid or not yet implemented." unless type_query
  type = type_query[0].to_sym
  params[:q] = type_query[1]
  params = extract_params(params)
  get_search_endpoint(type, params)
end