From 43d4c44865fdad6afaa39e49e8cdd4349bdc3ccd Mon Sep 17 00:00:00 2001 From: Jasper Mayone Date: Mon, 19 Aug 2024 12:25:58 -0400 Subject: [PATCH] refractors to services --- src/functions/domain.ts | 21 ++-- src/routes/email.ts | 2 +- src/services/GoogleSafebrowsing.ts | 82 ++++++------ src/services/IpQualityScore.ts | 120 ++++++++++-------- src/services/PhishObserver.ts | 121 +++++++++--------- src/services/PhishReport.ts | 96 ++++++++------- src/services/Phisherman.ts | 66 +++++----- src/services/SecurityTrails.ts | 62 +++++----- src/services/SinkingYahts.ts | 64 +++++----- src/services/UrlScan.ts | 124 +++++++++---------- src/services/VirusTotal.ts | 192 +++++++++++++++-------------- src/services/Walshy.ts | 115 ++++++++--------- src/services/_TEMPLATE.ts | 45 ++++--- 13 files changed, 571 insertions(+), 539 deletions(-) diff --git a/src/functions/domain.ts b/src/functions/domain.ts index 8ea59f0..19222e4 100644 --- a/src/functions/domain.ts +++ b/src/functions/domain.ts @@ -25,16 +25,17 @@ export async function domainCheck(domain: string) { const tsStart = Date.now(); metrics.increment("functions.domainCheck"); - let walshyData = await walshyService.check(domain); - let ipQualityScoreData = await ipQualityScoreService.domainCheck(domain); - let googleSafebrowsingData = await googleSafebrowsingService.check(domain); - let sinkingYahtsData = await sinkingYahtsService.check(domain); - let virusTotalData = await virusTotalService.check(domain); - let phishermanData = await phishermanService.check(domain); - let phishObserverData = await phishObserverService.check(domain); - let urlScanData = await urlScanService.check(domain); - let securitytrailsData = await securityTrailsService.check(domain); - let phishreportData = await phishReportService.check(domain); + let walshyData = await walshyService.domain.check(domain); + let ipQualityScoreData = await ipQualityScoreService.domain.check(domain); + let googleSafebrowsingData = + await googleSafebrowsingService.domain.check(domain); + let sinkingYahtsData = await sinkingYahtsService.domain.check(domain); + let virusTotalData = await virusTotalService.domain.check(domain); + let phishermanData = await phishermanService.domain.check(domain); + let phishObserverData = await phishObserverService.domain.check(domain); + let urlScanData = await urlScanService.domain.check(domain); + let securitytrailsData = await securityTrailsService.domain.check(domain); + let phishreportData = await phishReportService.domain.check(domain); let dbDomain = await prisma.domain.findFirst({ where: { diff --git a/src/routes/email.ts b/src/routes/email.ts index 567dc3c..1eb5665 100644 --- a/src/routes/email.ts +++ b/src/routes/email.ts @@ -22,7 +22,7 @@ router.get("/check/:email", async (req, res) => { return res.status(400).json({ message: "Invalid email provided." }); } - const result = await ipQualityScoreService.emailCheck(email); + const result = await ipQualityScoreService.email.check(email); res.status(200).json(result); }); diff --git a/src/services/GoogleSafebrowsing.ts b/src/services/GoogleSafebrowsing.ts index 059e0a0..43e0884 100644 --- a/src/services/GoogleSafebrowsing.ts +++ b/src/services/GoogleSafebrowsing.ts @@ -9,51 +9,53 @@ import { APIs } from "../types/enums"; * A service that provides access to the Google Safebrowsing for checking and reporting domains. */ export class GoogleSafebrowsingService { - /** - * Asynchronously checks a given domain against the google safebrowsing service for any known bad domains. - * - * @param {string} domain - The domain name to be checked. - * @returns - */ - async check(domain: string) { - metrics.increment("domain.check.api.google_safebrowsing"); + domain = { + /** + * Asynchronously checks a given domain against the Google Safebrowsing service for any known bad domains. + * + * @param {string} domain - The domain name to be checked. + * @returns + */ + check: async (domain: string) => { + metrics.increment("services.googleSafebrowsing.domain.check"); - const response = await axios.post( - `https://safebrowsing.googleapis.com/v4/threatMatches:find?key=${process - .env.GOOGLE_API_KEY!}`, - { - client: { - clientId: `phish.directory`, - clientVersion: `${process.env.npm_package_version!}`, - }, - threatInfo: { - threatTypes: ["MALWARE", "SOCIAL_ENGINEERING", "UNWANTED_SOFTWARE"], - platformTypes: ["ANY_PLATFORM"], - threatEntryTypes: ["URL"], - threatEntries: [ - { - url: domain, - }, - ], + const response = await axios.post( + `https://safebrowsing.googleapis.com/v4/threatMatches:find?key=${process + .env.GOOGLE_API_KEY!}`, + { + client: { + clientId: `phish.directory`, + clientVersion: `${process.env.npm_package_version!}`, + }, + threatInfo: { + threatTypes: ["MALWARE", "SOCIAL_ENGINEERING", "UNWANTED_SOFTWARE"], + platformTypes: ["ANY_PLATFORM"], + threatEntryTypes: ["URL"], + threatEntries: [ + { + url: domain, + }, + ], + }, }, - }, - ); + ); - const data = response.data; - const dbDomain = await getDbDomain(domain); + const data = response.data; + const dbDomain = await getDbDomain(domain); - await prisma.rawAPIData.create({ - data: { - sourceAPI: "SafeBrowsing", - domain: { - connect: { - id: dbDomain.id, + await prisma.rawAPIData.create({ + data: { + sourceAPI: "SafeBrowsing", + domain: { + connect: { + id: dbDomain.id, + }, }, + data: data, }, - data: data, - }, - }); + }); - return data; - } + return data; + }, + }; } diff --git a/src/services/IpQualityScore.ts b/src/services/IpQualityScore.ts index 9878e8f..386a1c9 100644 --- a/src/services/IpQualityScore.ts +++ b/src/services/IpQualityScore.ts @@ -8,70 +8,82 @@ import { getDbDomain } from "../functions/db/getDbDomain"; * A service that provides access to the IpQualityScore service for checking and reporting domains. */ export class IpQualityScoreService { - /** - * Asynchronously checks a given domain against the IpQualityScore service for any known bad domains. - * - * @param {string} domain - The domain name to be checked. - * @returns - */ - async domainCheck(domain: string) { - metrics.increment("domain.check.api.ipqualityscore"); + domain = { + /** + * Asynchronously checks a given domain against the IpQualityScore service for any known bad domains. + * + * @param {string} domain - The domain name to be checked. + * @returns + */ + check: async (domain: string) => { + metrics.increment("services.ipqualityscore.domain.check"); - const response = await axios.get( - `https://ipqualityscore.com/api/json/url/${process.env - .IPQS_API_KEY!}/${domain}`, - { - // todo: extract headers to a seperate place to avoid duplication - headers: { - Referer: "https://phish.directory", - "User-Agent": "internal-server@phish.directory", - "X-Identity": "internal-server@phish.directory", + const response = await axios.get( + `https://ipqualityscore.com/api/json/url/${process.env + .IPQS_API_KEY!}/${domain}`, + { + // todo: extract headers to a seperate place to avoid duplication + headers: { + Referer: "https://phish.directory", + "User-Agent": "internal-server@phish.directory", + "X-Identity": "internal-server@phish.directory", + }, }, - }, - ); + ); - const data = response.data; - const dbDomain = await getDbDomain(domain); + const data = response.data; + const dbDomain = await getDbDomain(domain); - await prisma.rawAPIData.create({ - data: { - sourceAPI: "IpQualityScore", - domain: { - connect: { - id: dbDomain.id, + await prisma.rawAPIData.create({ + data: { + sourceAPI: "IpQualityScore", + domain: { + connect: { + id: dbDomain.id, + }, }, + data: data, }, - data: data, - }, - }); + }); + + return data; + }, + }; - return data; - } + email = { + /** + * Asynchronously checks a given email against the IpQualityScore service for any known bad emails. + * + * @param {string} email - The email address to be checked. + * @returns + */ + check: async (email: string) => { + metrics.increment("services.ipqualityscore.email.check"); - async emailCheck(email: string) { - let response = await axios.get( - `https://ipqualityscore.com/api/json/email/${process.env - .IPQS_API_KEY!}/${email}`, - { - headers: { - Referer: "https://phish.directory", - "User-Agent": "internal-server@phish.directory", - "X-Identity": "internal-server@phish.directory", + let response = await axios.get( + `https://ipqualityscore.com/api/json/email/${process.env + .IPQS_API_KEY!}/${email}`, + { + headers: { + Referer: "https://phish.directory", + "User-Agent": "internal-server@phish.directory", + "X-Identity": "internal-server@phish.directory", + }, }, - }, - ); + ); - let data = response.data; + let data = response.data; - let keyData = { - valid: data.valid, - disposable: data.disposable, - dns_valid: data.dns_valid, - honeypot: data.honeypot, - deliverability: data.deliverability, - fraud_score: data.fraud_score, - }; + let keyData = { + valid: data.valid, + disposable: data.disposable, + dns_valid: data.dns_valid, + honeypot: data.honeypot, + deliverability: data.deliverability, + fraud_score: data.fraud_score, + }; - return keyData; - } + return keyData; + }, + }; } diff --git a/src/services/PhishObserver.ts b/src/services/PhishObserver.ts index db6bdf9..933a583 100644 --- a/src/services/PhishObserver.ts +++ b/src/services/PhishObserver.ts @@ -8,76 +8,75 @@ import { prisma } from "../prisma"; * A service that provides access to the PhishObserver service for checking and reporting domains. */ export class PhishObserverService { - /** - * Asynchronously checks a given domain against the PhishObserver service for any known bad domains. - * - * @param {string} domain - The domain name to be checked. - * @returns - */ - async check(domain: string) { - metrics.increment("domain.check.api.phishobserver"); + domain = { + /** + * Asynchronously checks a given domain against the PhishObserver service for any known bad domains. + * + * @param {string} domain - The domain name to be checked. + * @returns + */ + check: async (domain: string) => { + metrics.increment("services.phishobserver.domain.check"); - try { - let submissionResponse = await axios.post( - `https://phish.observer/api/submit`, - { - url: `https://${domain}`, // required - tags: [ - // optional - "phish.directory", - ], - }, - { - headers: { - Authorization: "Bearer " + process.env.PHISH_OBSERVER_API_KEY!, - Referer: "https://phish.directory", - "User-Agent": "internal-server@phish.directory", - "X-Identity": "internal-server@phish.directory", + try { + let submissionResponse = await axios.post( + `https://phish.observer/api/submit`, + { + url: `https://${domain}`, + tags: ["phish.directory"], }, - }, - ); + { + headers: { + Authorization: "Bearer " + process.env.PHISH_OBSERVER_API_KEY!, + Referer: "https://phish.directory", + "User-Agent": "internal-server@phish.directory", + "X-Identity": "internal-server@phish.directory", + }, + }, + ); - let subdata = await submissionResponse.data; + let subdata = await submissionResponse.data; - let searchResponse: any = await axios.get( - `https://phish.observer/api/submission/${subdata.id}`, - { - headers: { - Authorization: "Bearer " + process.env.PHISH_OBSERVER_API_KEY!, - Referer: "https://phish.directory", - "User-Agent": "internal-server@phish.directory", - "X-Identity": "internal-server@phish.directory", + let searchResponse: any = await axios.get( + `https://phish.observer/api/submission/${subdata.id}`, + { + headers: { + Authorization: "Bearer " + process.env.PHISH_OBSERVER_API_KEY!, + Referer: "https://phish.directory", + "User-Agent": "internal-server@phish.directory", + "X-Identity": "internal-server@phish.directory", + }, }, - }, - ); + ); - const dbDomain = await getDbDomain(domain); + const dbDomain = await getDbDomain(domain); - await prisma.rawAPIData.create({ - data: { - sourceAPI: "PhishObserver", - domain: { - connect: { - id: dbDomain.id, + await prisma.rawAPIData.create({ + data: { + sourceAPI: "PhishObserver", + domain: { + connect: { + id: dbDomain.id, + }, }, + data: searchResponse.data, }, - data: searchResponse.data, - }, - }); + }); - return searchResponse.data; - } catch (error: any) { - if ( - error.response && - error.response.status === 400 && - error.response.data.error === "Blocked domain" - ) { - return { - error: "Blocked domain", - }; - } else { - throw error; + return searchResponse.data; + } catch (error: any) { + if ( + error.response && + error.response.status === 400 && + error.response.data.error === "Blocked domain" + ) { + return { + error: "Blocked domain", + }; + } else { + throw error; + } } - } - } + }, + }; } diff --git a/src/services/PhishReport.ts b/src/services/PhishReport.ts index f0283b1..2b0c13d 100644 --- a/src/services/PhishReport.ts +++ b/src/services/PhishReport.ts @@ -8,54 +8,56 @@ import { getDbDomain } from "../functions/db/getDbDomain"; * A service that provides access to the PhishReport service for checking and reporting domains. */ export class PhishReportService { - /** - * Asynchronously checks a given domain against the PhishReport service for any known bad domains. - * - * @param {string} domain - The domain name to be checked. - * @returns - */ - async check(domain: string) { - metrics.increment("domain.check.api.phishreport"); - - let response = await axios.get( - `https://phish.report/api/v0/hosting?url=${domain}`, - { - headers: { - Referer: "https://phish.directory", - "User-Agent": "internal-server@phish.directory", - "X-Identity": "internal-server@phish.directory", + domain = { + /** + * Asynchronously checks a given domain against the PhishReport service for any known bad domains. + * + * @param {string} domain - The domain name to be checked. + * @returns + */ + check: async (domain: string) => { + metrics.increment("services.phishreport.domain.check"); + + let response = await axios.get( + `https://phish.report/api/v0/hosting?url=${domain}`, + { + headers: { + Referer: "https://phish.directory", + "User-Agent": "internal-server@phish.directory", + "X-Identity": "internal-server@phish.directory", + }, }, - }, - ); - - let data = response.data; - let dbDomain = await getDbDomain(domain); - - await prisma.rawAPIData.create({ - data: { - sourceAPI: "PhishReport", - domain: { - connect: { - id: dbDomain.id, + ); + + let data = response.data; + let dbDomain = await getDbDomain(domain); + + await prisma.rawAPIData.create({ + data: { + sourceAPI: "PhishReport", + domain: { + connect: { + id: dbDomain.id, + }, }, + data: data, }, - data: data, - }, - }); - - return data; - } - - /** - * Asynchronously reports a given domain to the PhishReport service for further processing or analysis. - * - * @param {string} domain - The domain name to be reported. - * @returns - */ - async report(domain: string) { - metrics.increment("domain.report.api.phishreport"); - - // todo: implement this - // https://phish.report/api/v0#tag/Takedown/paths/~1api~1v0~1cases/post - } + }); + + return data; + }, + + // /** + // * Asynchronously reports a given domain to the PhishReport service for further processing or analysis. + // * + // * @param {string} domain - The domain name to be reported. + // * @returns + // */ + // report: async (domain: string) => { + // metrics.increment("services.phishreport.domain.report"); + + // // todo: implement this + // // https://phish.report/api/v0#tag/Takedown/paths/~1api~1v0~1cases/post + // }, + }; } diff --git a/src/services/Phisherman.ts b/src/services/Phisherman.ts index 482cfac..b2582b1 100644 --- a/src/services/Phisherman.ts +++ b/src/services/Phisherman.ts @@ -8,43 +8,45 @@ import { getDbDomain } from "../functions/db/getDbDomain"; * A service that provides access to the Phisherman service for checking and reporting domains. */ export class PhishermanService { - /** - * Asynchronously checks a given domain against the Phisherman service for any known bad domains. - * - * @param {string} domain - The domain name to be checked. - * @returns - */ - async check(domain: string) { - metrics.increment("domain.check.api.phisherman"); + domain = { + /** + * Asynchronously checks a given domain against the Phisherman service for any known bad domains. + * + * @param {string} domain - The domain name to be checked. + * @returns + */ + check: async (domain: string) => { + metrics.increment("services.phisherman.domain.check"); - const response = await axios.get( - `https://api.phisherman.gg/v2/domains/info/${domain}`, - { - // todo: extract headers to a seperate place to avoid duplication (will need to handle adding the Authorization header) - headers: { - Authorization: "Bearer " + process.env.PHISHERMAN_API_KEY!, - Referer: "https://phish.directory", - "User-Agent": "internal-server@phish.directory", - "X-Identity": "internal-server@phish.directory", + const response = await axios.get( + `https://api.phisherman.gg/v2/domains/info/${domain}`, + { + // todo: extract headers to a seperate place to avoid duplication (will need to handle adding the Authorization header) + headers: { + Authorization: "Bearer " + process.env.PHISHERMAN_API_KEY!, + Referer: "https://phish.directory", + "User-Agent": "internal-server@phish.directory", + "X-Identity": "internal-server@phish.directory", + }, }, - }, - ); + ); - const data = response.data; - const dbDomain = await getDbDomain(domain); + const data = response.data; + const dbDomain = await getDbDomain(domain); - await prisma.rawAPIData.create({ - data: { - sourceAPI: "Phisherman", - domain: { - connect: { - id: dbDomain.id, + await prisma.rawAPIData.create({ + data: { + sourceAPI: "Phisherman", + domain: { + connect: { + id: dbDomain.id, + }, }, + data: data, }, - data: data, - }, - }); + }); - return data; - } + return data; + }, + }; } diff --git a/src/services/SecurityTrails.ts b/src/services/SecurityTrails.ts index a6001dd..8298268 100644 --- a/src/services/SecurityTrails.ts +++ b/src/services/SecurityTrails.ts @@ -8,40 +8,42 @@ import { getDbDomain } from "../functions/db/getDbDomain"; * A service that provides access to the SecurityTrails service for checking and reporting domains. */ export class SecurityTrailsService { - /** - * Asynchronously checks a given domain against the SecurityTrails service for any known bad domains. - * - * @param {string} domain - The domain name to be checked. - * @returns - */ - async check(domain: string) { - metrics.increment("domain.check.api.securitytrails"); + domain = { + /** + * Asynchronously checks a given domain against the SecurityTrails service for any known bad domains. + * + * @param {string} domain - The domain name to be checked. + * @returns + */ + check: async (domain: string) => { + metrics.increment("services.securitytrails.domain.check"); - const options = { - method: "GET", - url: `https://api.securitytrails.com/v1/domain/${domain}`, - headers: { - accept: "application/json", - APIKEY: process.env.SECURITYTRAILS_API_KEY!, - }, - }; + const options = { + method: "GET", + url: `https://api.securitytrails.com/v1/domain/${domain}`, + headers: { + accept: "application/json", + APIKEY: process.env.SECURITYTRAILS_API_KEY!, + }, + }; - const response = await axios.request(options); - const data = response.data; - const dbDomain = await getDbDomain(domain); + const response = await axios.request(options); + const data = response.data; + const dbDomain = await getDbDomain(domain); - await prisma.rawAPIData.create({ - data: { - sourceAPI: "SecurityTrails", - domain: { - connect: { - id: dbDomain.id, + await prisma.rawAPIData.create({ + data: { + sourceAPI: "SecurityTrails", + domain: { + connect: { + id: dbDomain.id, + }, }, + data: data, }, - data: data, - }, - }); + }); - return data; - } + return data; + }, + }; } diff --git a/src/services/SinkingYahts.ts b/src/services/SinkingYahts.ts index 6cb1c7e..107b9b7 100644 --- a/src/services/SinkingYahts.ts +++ b/src/services/SinkingYahts.ts @@ -8,42 +8,44 @@ import { prisma } from "../prisma"; * A service that provides access to the SinkingYahts service for checking and reporting domains. */ export class SinkingYahtsService { - /** - * Asynchronously checks a given domain against the SinkingYahts service for any known bad domains. - * - * @param {string} domain - The domain name to be checked. - * @returns - */ - async check(domain: string) { - metrics.increment("domain.check.api.sinkingyahts"); + domain = { + /** + * Asynchronously checks a given domain against the SinkingYahts service for any known bad domains. + * + * @param {string} domain - The domain name to be checked. + * @returns + */ + check: async (domain: string) => { + metrics.increment("services.sinkingyahts.domain.check"); - const response = await axios.get( - `https://phish.sinking.yachts/v2/check/${domain}`, - { - headers: { - accept: "application/json", - Referer: "https://phish.directory", - "User-Agent": "internal-server@phish.directory", - "X-Identity": "internal-server@phish.directory", + const response = await axios.get( + `https://phish.sinking.yachts/v2/check/${domain}`, + { + headers: { + accept: "application/json", + Referer: "https://phish.directory", + "User-Agent": "internal-server@phish.directory", + "X-Identity": "internal-server@phish.directory", + }, }, - }, - ); + ); - const data = response.data; - const dbDomain = await getDbDomain(domain); + const data = response.data; + const dbDomain = await getDbDomain(domain); - await prisma.rawAPIData.create({ - data: { - sourceAPI: "SinkingYachts", - domain: { - connect: { - id: dbDomain.id, + await prisma.rawAPIData.create({ + data: { + sourceAPI: "SinkingYachts", + domain: { + connect: { + id: dbDomain.id, + }, }, + data: data, }, - data: data, - }, - }); + }); - return data; - } + return data; + }, + }; } diff --git a/src/services/UrlScan.ts b/src/services/UrlScan.ts index 5361aa7..732f5c4 100644 --- a/src/services/UrlScan.ts +++ b/src/services/UrlScan.ts @@ -8,38 +8,18 @@ import metrics from "../metrics"; * A service that provides access to the UrlScan service for checking and reporting domains. */ export class UrlScanService { - // todo: add verdicts as part of report + domain = { + /** + * Asynchronously checks a given domain against the UrlScan service for any known bad domains. + * + * @param {string} domain - The domain name to be checked. + * @returns + */ + check: async (domain: string) => { + metrics.increment("services.urlscan.domain.check"); - /** - * Asynchronously checks a given domain against the UrlScan service for any known bad domains. - * - * @param {string} domain - The domain name to be checked. - * @returns - */ - async check(domain: string) { - metrics.increment("domain.check.api.urlscan"); - - const checkSearch = await axios.get( - `https://urlscan.io/api/v1/search/?q=domain:${domain}`, - { - headers: { - "API-Key": process.env.URLSCAN_API_KEY!, - Referer: "https://phish.directory", - "User-Agent": "internal-server@phish.directory", - "X-Identity": "internal-server@phish.directory", - }, - }, - ); - - // check if the link is not already scanned - if (checkSearch.data.results.length === 0) { - // if not scan the link, providing the api key - const scan = await axios.post( - "https://urlscan.io/api/v1/scan/", - { - url: domain, - tags: ["https://phish.directory", "api.phish.directory"], - }, + const checkSearch = await axios.get( + `https://urlscan.io/api/v1/search/?q=domain:${domain}`, { headers: { "API-Key": process.env.URLSCAN_API_KEY!, @@ -50,10 +30,15 @@ export class UrlScanService { }, ); - // wait 15 seconds for the scan to finish - setTimeout(async () => { - const scanResult = await axios.get( - `https://urlscan.io/api/v1/result/${scan.data.uuid}/`, + // check if the link is not already scanned + if (checkSearch.data.results.length === 0) { + // if not scan the link, providing the api key + const scan = await axios.post( + "https://urlscan.io/api/v1/scan/", + { + url: domain, + tags: ["https://phish.directory", "api.phish.directory"], + }, { headers: { "API-Key": process.env.URLSCAN_API_KEY!, @@ -64,36 +49,51 @@ export class UrlScanService { }, ); - if (!scanResult.data) throw new Error("UrlScan API returned no data"); - return scanResult.data; - }, 15000); - } else { - const scanResult = await axios.get( - `https://urlscan.io/api/v1/result/${checkSearch.data.results[0].task.uuid}/`, - { - headers: { - "API-Key": process.env.URLSCAN_API_KEY!, - Referer: "https://phish.directory", - "User-Agent": "internal-server@phish.directory", - "X-Identity": "internal-server@phish.directory", + // wait 15 seconds for the scan to finish + setTimeout(async () => { + const scanResult = await axios.get( + `https://urlscan.io/api/v1/result/${scan.data.uuid}/`, + { + headers: { + "API-Key": process.env.URLSCAN_API_KEY!, + Referer: "https://phish.directory", + "User-Agent": "internal-server@phish.directory", + "X-Identity": "internal-server@phish.directory", + }, + }, + ); + + if (!scanResult.data) throw new Error("UrlScan API returned no data"); + return scanResult.data; + }, 15000); + } else { + const scanResult = await axios.get( + `https://urlscan.io/api/v1/result/${checkSearch.data.results[0].task.uuid}/`, + { + headers: { + "API-Key": process.env.URLSCAN_API_KEY!, + Referer: "https://phish.directory", + "User-Agent": "internal-server@phish.directory", + "X-Identity": "internal-server@phish.directory", + }, }, - }, - ); + ); - const dbDomain = await getDbDomain(domain); - await prisma.rawAPIData.create({ - data: { - sourceAPI: "UrlScan", - domain: { - connect: { - id: dbDomain.id, + const dbDomain = await getDbDomain(domain); + await prisma.rawAPIData.create({ + data: { + sourceAPI: "UrlScan", + domain: { + connect: { + id: dbDomain.id, + }, }, + data: scanResult.data, }, - data: scanResult.data, - }, - }); + }); - return scanResult.data; - } - } + return scanResult.data; + } + }, + }; } diff --git a/src/services/VirusTotal.ts b/src/services/VirusTotal.ts index 5c0e108..7ef2142 100644 --- a/src/services/VirusTotal.ts +++ b/src/services/VirusTotal.ts @@ -8,116 +8,118 @@ import { prisma } from "../prisma"; * A service that provides access to the VirusTotal service for checking and reporting domains. */ export class VirusTotalService { - /** - * Asynchronously checks a given domain against the VirusTotal service for any known bad domains. - * - * @param {string} domain - The domain name to be checked. - * @returns - */ - async check(domain: string) { - metrics.increment("domain.check.api.virustotal"); + domain = { + /** + * Asynchronously checks a given domain against the VirusTotal service for any known bad domains. + * + * @param {string} domain - The domain name to be checked. + * @returns + */ + check: async (domain: string) => { + metrics.increment("services.virustotal.domain.check"); - const response = await axios.get( - `https://www.virustotal.com/api/v3/domains/${domain}`, - { - headers: { - "x-apikey": process.env.VIRUS_TOTAL_API_KEY!, - Referer: "https://phish.directory", - "User-Agent": "internal-server@phish.directory", - "X-Identity": "internal-server@phish.directory", + const response = await axios.get( + `https://www.virustotal.com/api/v3/domains/${domain}`, + { + headers: { + "x-apikey": process.env.VIRUS_TOTAL_API_KEY!, + Referer: "https://phish.directory", + "User-Agent": "internal-server@phish.directory", + "X-Identity": "internal-server@phish.directory", + }, }, - }, - ); + ); - const data = response.data; - const dbDomain = await getDbDomain(domain); + const data = response.data; + const dbDomain = await getDbDomain(domain); - await prisma.rawAPIData.create({ - data: { - sourceAPI: "VirusTotal", - domain: { - connect: { - id: dbDomain.id, + await prisma.rawAPIData.create({ + data: { + sourceAPI: "VirusTotal", + domain: { + connect: { + id: dbDomain.id, + }, }, + data: data, }, - data: data, - }, - }); + }); - return data; - } + return data; + }, - /** - * Asynchronously reports a given domain to the VirusTotal service for further processing or analysis. - * - * @param {string} domain - The domain name to be reported. - * @returns - */ - async report(domain: string) { - metrics.increment("domain.report.api.virustotal"); + /** + * Asynchronously reports a given domain to the VirusTotal service for further processing or analysis. + * + * @param {string} domain - The domain name to be reported. + * @returns + */ + report: async (domain: string) => { + metrics.increment("services.virustotal.domain.report"); - const commentData = { - data: { - type: "comment", - attributes: { - text: "This website is present on the phish.directory anti phishing list. More info at https://phish.directory or via email at team@phish.directory", + const commentData = { + data: { + type: "comment", + attributes: { + text: "This website is present on the phish.directory anti phishing list. More info at https://phish.directory or via email at team@phish.directory", + }, }, - }, - }; + }; - axios - .post( - `https://www.virustotal.com/api/v3/domains/${domain}/comments`, - commentData, - { - headers: { - accept: "application/json", - "x-apikey": process.env.VIRUS_TOTAL_API_KEY!, - "content-type": "application/json", - Referer: "https://phish.directory", - "User-Agent": "internal-server@phish.directory", - "X-Identity": "internal-server@phish.directory", + axios + .post( + `https://www.virustotal.com/api/v3/domains/${domain}/comments`, + commentData, + { + headers: { + accept: "application/json", + "x-apikey": process.env.VIRUS_TOTAL_API_KEY!, + "content-type": "application/json", + Referer: "https://phish.directory", + "User-Agent": "internal-server@phish.directory", + "X-Identity": "internal-server@phish.directory", + }, }, - }, - ) - .then((response) => { - // console.log(response.data); - }) - .catch((error) => { - console.error(error); - }); + ) + .then((response) => { + // console.log(response.data); + }) + .catch((error) => { + console.error(error); + }); - const voteData = { - data: { - type: "vote", - attributes: { - verdict: "malicious", + const voteData = { + data: { + type: "vote", + attributes: { + verdict: "malicious", + }, }, - }, - }; + }; - axios - .post( - `https://www.virustotal.com/api/v3/domains/${domain}/comments`, - voteData, - { - headers: { - accept: "application/json", - "x-apikey": process.env.VIRUS_TOTAL_API_KEY!, - "content-type": "application/json", - Referer: "https://phish.directory", - "User-Agent": "internal-server@phish.directory", - "X-Identity": "internal-server@phish.directory", + axios + .post( + `https://www.virustotal.com/api/v3/domains/${domain}/comments`, + voteData, + { + headers: { + accept: "application/json", + "x-apikey": process.env.VIRUS_TOTAL_API_KEY!, + "content-type": "application/json", + Referer: "https://phish.directory", + "User-Agent": "internal-server@phish.directory", + "X-Identity": "internal-server@phish.directory", + }, }, - }, - ) - .then((response) => { - // console.log(response.data); - }) - .catch((error) => { - console.error(error); - }); + ) + .then((response) => { + // console.log(response.data); + }) + .catch((error) => { + console.error(error); + }); - // todo: implement this - } + // todo: implement this + }, + }; } diff --git a/src/services/Walshy.ts b/src/services/Walshy.ts index cee7ad2..4736392 100644 --- a/src/services/Walshy.ts +++ b/src/services/Walshy.ts @@ -5,72 +5,75 @@ import metrics from "../metrics"; import { prisma } from "../prisma"; /** - * A service that provides access to the walshy service for checking and reporting domains. + * A service that provides access to the Walshy service for checking and reporting domains. */ export class WalshyService { - /** - * Asynchronously checks a given domain against the walshy service for any known bad domains. - * - * @param {string} domain - The domain name to be checked. - */ - async check(domain: string) { - metrics.increment("domain.check.api.walshy"); + domain = { + /** + * Asynchronously checks a given domain against the Walshy service for any known bad domains. + * + * @param {string} domain - The domain name to be checked. + * @returns + */ + check: async (domain: string) => { + metrics.increment("services.walshy.domain.check"); - const response = await axios.post<{ - badDomain: boolean; - detection: "discord" | "community"; - }>("https://bad-domains.walshy.dev/check", { - // todo: extract headers to a seperate place to avoid duplication - headers: { - Referer: "https://phish.directory", - "User-Agent": "internal-server@phish.directory", - "X-Identity": "internal-server@phish.directory", - }, - domain: domain, - }); + const response = await axios.post<{ + badDomain: boolean; + detection: "discord" | "community"; + }>("https://bad-domains.walshy.dev/check", { + // todo: extract headers to a seperate place to avoid duplication + headers: { + Referer: "https://phish.directory", + "User-Agent": "internal-server@phish.directory", + "X-Identity": "internal-server@phish.directory", + }, + domain: domain, + }); - const data = response.data; - const dbDomain = await getDbDomain(domain); + const data = response.data; + const dbDomain = await getDbDomain(domain); - await prisma.rawAPIData.create({ - data: { - sourceAPI: "Walshy", - domain: { - connect: { - id: dbDomain.id, + await prisma.rawAPIData.create({ + data: { + sourceAPI: "Walshy", + domain: { + connect: { + id: dbDomain.id, + }, }, + data: data, }, - data: data, - }, - }); + }); - return data; - } + return data; + }, - // todo: log report counts and data to the database - /** - * Asynchronously reports a given domain to the walshy service for further processing or analysis. - * - * @param {string} domain - The domain name to be reported. - * @returns A promise that resolves when the report operation is complete. - */ - async report(domain: string) { - metrics.increment("domain.report.api.walshy"); + // todo: log report counts and data to the database + /** + * Asynchronously reports a given domain to the Walshy service for further processing or analysis. + * + * @param {string} domain - The domain name to be reported. + * @returns + */ + report: async (domain: string) => { + metrics.increment("services.walshy.domain.report"); - const response = await axios.post( - `https://bad-domains.walshy.dev/report`, - { - domain: domain, - }, - { - headers: { - Referer: "https://phish.directory", - "User-Agent": "internal-server@phish.directory", - "X-Identity": "internal-server@phish.directory", + const response = await axios.post( + `https://bad-domains.walshy.dev/report`, + { + domain: domain, + }, + { + headers: { + Referer: "https://phish.directory", + "User-Agent": "internal-server@phish.directory", + "X-Identity": "internal-server@phish.directory", + }, }, - }, - ); + ); - return response.data; - } + return response.data; + }, + }; } diff --git a/src/services/_TEMPLATE.ts b/src/services/_TEMPLATE.ts index 9dc1626..cc2dc9b 100644 --- a/src/services/_TEMPLATE.ts +++ b/src/services/_TEMPLATE.ts @@ -5,27 +5,32 @@ import metrics from "../metrics"; import { prisma } from "../prisma"; /** - * A service that provides access to the TEMPLATE service for checking and reporting domains. + * A service that provides access to the TEMPLATE service for checking and reporting domains, emails, etc. */ export class TEMPLATEService { - /** - * Asynchronously checks a given domain against the TEMPLATE service for any known bad domains. - * - * @param {string} domain - The domain name to be checked. - * @returns - */ - async check(domain: string, prisma: any) { - metrics.increment("domain.check.api.template"); - } + domain = { + /** + * Asynchronously checks a given domain against the TEMPLATE service for any known bad domains. + * + * @param {string} domain - The domain name to be checked. + * @returns + */ + check: async (domain: string) => { + metrics.increment("services.template.domain.check"); + // Implement the check logic here + }, - /** - * Asynchronously reports a given domain to the TEMPLATE service for further processing or analysis. - * - * @param {string} domain - The domain name to be reported. - * @returns - */ - async report(domain: string, prisma: any) { - metrics.increment("domain.report.api.template"); - // todo: implement this - } + /** + * Asynchronously reports a given domain to the TEMPLATE service for further processing or analysis. + * + * @param {string} domain - The domain name to be reported. + * @returns + */ + report: async (domain: string) => { + metrics.increment("services.template.domain.report"); + // Implement the report logic here + }, + }; + + // You can add more entities like IP addresses, usernames, etc., in a similar fashion. }