Skip to content
Ayashige provides a list of suspicious newly registered domains as a JSON feed
Ruby HTML
Branch: master
Clone or download
ninoseki Merge pull request #57 from ninoseki/refactoring-specs
refactoring: refactoring specs
Latest commit 53f2fb7 Jun 23, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
bin feat: make obsolete some feeds Jun 23, 2019
config chore: add a final new line Dec 1, 2018
lib refactoring: refactoring specs Jun 23, 2019
public chore: renew web ui Nov 24, 2018
spec refactoring: refactoring specs Jun 23, 2019
.gitignore v0.1.0 Nov 24, 2018
.rspec v0.1.0 Nov 24, 2018
.travis.yml chore: update dependencies May 25, 2019
Gemfile feat: add SecurityTrails plugins Jun 22, 2019
Gemfile.lock feat: add SecurityTrails plugins Jun 22, 2019
LICENSE Initial commit Nov 20, 2018
Procfile v0.1.0 Nov 24, 2018
README.md feat: make obsolete some feeds Jun 23, 2019
Rakefile chore: remove unused class & task Nov 27, 2018
config.ru chore: add a final new line Dec 1, 2018

README.md

Ayashige

Build Status Coverage Status Codacy Badge

Ayashige provides a list of suspicious newly registered domains as a JSON feed.

How it works

  • It collects newly registered domains via Certififate Transparency log servers and SecurityTrails.
  • It computes a suspicious score of a given domain.
  • It stores suspicious domains into a Redis instance.
  • It provides suspicious domains as a JSON via /feed endpoint.

Installation

git clone https://github.com/ninoseki/ayashige
bundle install --path vendor/bundle

Usage

Please set following environment variables before using.

REDIS_HOST = YOUR_REDIS_HOST
REDIS_PORT = YOUR_REDIS_PORT
REDIS_PASSWORD = YOUR_REDIS_PASSWORD
SECURITYTRAILS_API_KEY = YOUR_SECURITYTRAILS_API_KEY

Run Cron jobs

# Grab domains from CT log servers
bundle exec ruby bin/ct_job.rb

# Grab domains from SecurityTrails
bundle exec ruby bin/securitytrails_jo.rb
  • It checks a suspicious score of a given each domain and stores a suspicious one into a Redis instance with TTL 24 hours.
    • You can specify your own default TTL via DEFAULT_TTL environment variable.

Run a Web app

bundle exec puma config.ru

Demo

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/ninoseki/ayashige.

License

The gem is available as open source under the terms of the MIT License.

You can’t perform that action at this time.