mihari 3.6.1 → 3.8.0

data/lib/mihari.rb

@@ -6,7 +6,11 @@ require "dry/files"
 require "mem"
 require "yaml"
 
+# Load .env
+require "dotenv/load"
+
 # Mixins
+require "mihari/mixins/autonomous_system"
 require "mihari/mixins/configurable"
 require "mihari/mixins/configuration"
 require "mihari/mixins/disallowed_data_value"
@@ -26,32 +30,32 @@ module Mihari
   extend Dry::Configurable
   extend Mixins::Configuration
 
-  setting :binaryedge_api_key, ENV["BINARYEDGE_API_KEY"]
-  setting :censys_id, ENV["CENSYS_ID"]
-  setting :censys_secret, ENV["CENSYS_SECRET"]
-  setting :circl_passive_password, ENV["CIRCL_PASSIVE_PASSWORD"]
-  setting :circl_passive_username, ENV["CIRCL_PASSIVE_USERNAME"]
-  setting :ipinfo_api_key, ENV["ipinfo_api_key"]
-  setting :misp_api_endpoint, ENV["MISP_API_ENDPOINT"]
-  setting :misp_api_key, ENV["MISP_API_KEY"]
-  setting :onyphe_api_key, ENV["ONYPHE_API_KEY"]
-  setting :otx_api_key, ENV["OTX_API_KEY"]
-  setting :passivetotal_api_key, ENV["PASSIVETOTAL_API_KEY"]
-  setting :passivetotal_username, ENV["PASSIVETOTAL_USERNAME"]
-  setting :pulsedive_api_key, ENV["PULSEDIVE_API_KEY"]
-  setting :securitytrails_api_key, ENV["SECURITYTRAILS_API_KEY"]
-  setting :shodan_api_key, ENV["SHODAN_API_KEY"]
-  setting :slack_channel, ENV["SLACK_CHANNEL"]
-  setting :slack_webhook_url, ENV["SLACK_WEBHOOK_URL"]
-  setting :spyse_api_key, ENV["SPYSE_API_KEY"]
-  setting :thehive_api_endpoint, ENV["THEHIVE_API_ENDPOINT"]
-  setting :thehive_api_key, ENV["THEHIVE_API_KEY"]
-  setting :urlscan_api_key, ENV["URLSCAN_API_KEY"]
-  setting :virustotal_api_key, ENV["VIRUSTOTAL_API_KEY"]
-  setting :zoomeye_api_key, ENV["ZOOMEYE_API_KEY"]
-  setting :webhook_url, ENV["WEBHOOK_URL"]
-  setting(:webhook_use_json_body, ENV["WEBHOOK_USE_JSON_BODY"]) { |value| truthy?(value) }
-  setting :database, ENV["DATABASE"] || "mihari.db"
+  setting :binaryedge_api_key, default: ENV["BINARYEDGE_API_KEY"]
+  setting :censys_id, default: ENV["CENSYS_ID"]
+  setting :censys_secret, default: ENV["CENSYS_SECRET"]
+  setting :circl_passive_password, default: ENV["CIRCL_PASSIVE_PASSWORD"]
+  setting :circl_passive_username, default: ENV["CIRCL_PASSIVE_USERNAME"]
+  setting :ipinfo_api_key, default: ENV["IPINFO_API_KEY"]
+  setting :misp_api_endpoint, default: ENV["MISP_API_ENDPOINT"]
+  setting :misp_api_key, default: ENV["MISP_API_KEY"]
+  setting :onyphe_api_key, default: ENV["ONYPHE_API_KEY"]
+  setting :otx_api_key, default: ENV["OTX_API_KEY"]
+  setting :passivetotal_api_key, default: ENV["PASSIVETOTAL_API_KEY"]
+  setting :passivetotal_username, default: ENV["PASSIVETOTAL_USERNAME"]
+  setting :pulsedive_api_key, default: ENV["PULSEDIVE_API_KEY"]
+  setting :securitytrails_api_key, default: ENV["SECURITYTRAILS_API_KEY"]
+  setting :shodan_api_key, default: ENV["SHODAN_API_KEY"]
+  setting :slack_channel, default: ENV["SLACK_CHANNEL"]
+  setting :slack_webhook_url, default: ENV["SLACK_WEBHOOK_URL"]
+  setting :spyse_api_key, default: ENV["SPYSE_API_KEY"]
+  setting :thehive_api_endpoint, default: ENV["THEHIVE_API_ENDPOINT"]
+  setting :thehive_api_key, default: ENV["THEHIVE_API_KEY"]
+  setting :urlscan_api_key, default: ENV["URLSCAN_API_KEY"]
+  setting :virustotal_api_key, default: ENV["VIRUSTOTAL_API_KEY"]
+  setting :zoomeye_api_key, default: ENV["ZOOMEYE_API_KEY"]
+  setting :webhook_url, default: ENV["WEBHOOK_URL"]
+  setting :webhook_use_json_body, constructor: ->(value = ENV["WEBHOOK_USE_JSON_BODY"]) { truthy?(value) }
+  setting :database, default: ENV["DATABASE"] || "mihari.db"
 
   class << self
     include Mem
@@ -66,6 +70,11 @@ module Mihari
     end
     memoize :analyzers
 
+    def enrichers
+      []
+    end
+    memoize :enrichers
+
     #
     # Load configuration from YAML file
     #
@@ -100,14 +109,20 @@ require "mihari/types"
 
 # Structs
 require "mihari/structs/censys"
+require "mihari/structs/ipinfo"
 require "mihari/structs/onyphe"
 require "mihari/structs/shodan"
+require "mihari/structs/virustotal_intelligence"
 
 # Schemas
 require "mihari/schemas/analyzer"
 require "mihari/schemas/configuration"
 require "mihari/schemas/rule"
 
+# Enrichers
+require "mihari/enrichers/base"
+require "mihari/enrichers/ipinfo"
+
 # Models
 require "mihari/models/alert"
 require "mihari/models/artifact"
@@ -149,9 +164,9 @@ require "mihari/analyzers/securitytrails"
 require "mihari/analyzers/shodan"
 require "mihari/analyzers/spyse"
 require "mihari/analyzers/urlscan"
+require "mihari/analyzers/virustotal_intelligence"
 require "mihari/analyzers/virustotal"
 require "mihari/analyzers/zoomeye"
-
 require "mihari/analyzers/rule"
 
 # Notifiers

data/mihari.gemspec

@@ -26,7 +26,7 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_development_dependency "bundler", "~> 2.2"
-  spec.add_development_dependency "coveralls_reborn", "~> 0.22"
+  spec.add_development_dependency "coveralls_reborn", "~> 0.23"
   spec.add_development_dependency "fakefs", "~> 1.3"
   spec.add_development_dependency "mysql2", "~> 0.5"
   spec.add_development_dependency "overcommit", "~> 0.58"
@@ -36,8 +36,8 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "rb-fsevent", "~> 0.11"
   spec.add_development_dependency "rerun", "~> 0.13"
   spec.add_development_dependency "rspec", "~> 3.10"
-  spec.add_development_dependency "standard", "~> 1.2"
-  spec.add_development_dependency "steep", "~> 0.45"
+  spec.add_development_dependency "standard", "~> 1.3"
+  spec.add_development_dependency "steep", "~> 0.46"
   spec.add_development_dependency "timecop", "~> 0.9"
   spec.add_development_dependency "vcr", "~> 6.0"
   spec.add_development_dependency "webmock", "~> 3.14"
@@ -54,16 +54,18 @@ Gem::Specification.new do |spec|
   spec.add_dependency "cymbal", "~> 2.0"
   spec.add_dependency "dnpedia", "~> 0.1"
   spec.add_dependency "dnstwister", "~> 0.1"
-  spec.add_dependency "dry-configurable", "~> 0.12"
+  spec.add_dependency "dotenv", "~> 2.7"
+  spec.add_dependency "dry-configurable", "~> 0.13"
   spec.add_dependency "dry-files", "~> 0.1"
   spec.add_dependency "dry-initializer", "~> 3.0"
   spec.add_dependency "dry-struct", "~> 1.4"
-  spec.add_dependency "dry-validation", "~> 1.6"
+  spec.add_dependency "dry-validation", "~> 1.7"
   spec.add_dependency "email_address", "~> 0.2"
   spec.add_dependency "hachi", "~> 1.0"
   spec.add_dependency "http", "~> 5.0"
   spec.add_dependency "launchy", "~> 2.5"
   spec.add_dependency "mem", "~> 0.1"
+  spec.add_dependency "memist", "~> 2.0"
   spec.add_dependency "misp", "~> 0.1"
   spec.add_dependency "net-ping", "~> 2.0"
   spec.add_dependency "normalize_country", "0.3"
@@ -90,7 +92,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency "thread_safe", "~> 0.3"
   spec.add_dependency "urlscan", "~> 0.7"
   spec.add_dependency "uuidtools", "~> 2.2"
-  spec.add_dependency "virustotalx", "~> 1.1"
+  spec.add_dependency "virustotalx", "~> 1.2"
   spec.add_dependency "whois", "~> 5.0"
   spec.add_dependency "whois-parser", "~> 1.2"
   spec.add_dependency "zoomeye-rb", "~> 0.2"

data/sig/lib/mihari/analyzers/base.rbs

@@ -3,8 +3,8 @@ module Mihari
     class Base
       # extend Dry::Initializer
 
+      include Mixins::AutonomousSystem
       include Mixins::Configurable
-
       include Mixins::Retriable
 
       attr_accessor ignore_old_artifacts: bool
@@ -85,15 +85,6 @@ module Mihari
       # @return [Array<Mihari::Emitters::Base>]
       #
       def valid_emitters: () -> Array[Mihari::Emitters::Base]
-
-      #
-      # Normalize ASN value
-      #
-      # @param [String, Integer] asn
-      #
-      # @return [Integer]
-      #
-      def normalize_asn: (String asn) -> Integer
     end
   end
 end

data/sig/lib/mihari/analyzers/virustotal_intelligence.rbs

@@ -0,0 +1,32 @@
+module Mihari
+  module Analyzers
+    class VirusTotalIntelligence < Base
+      attr_reader query: String
+      attr_reader title: String
+      attr_reader description: String
+      attr_reader tags: Array[String]
+
+      def initialize: (*untyped args, **untyped kwargs) -> void
+
+      def artifacts: () -> (Array[String] | Array[Mihari::Artifact])
+
+      private
+
+      def configuration_keys: () -> ::Array["virustotal_api_key"]
+
+      #
+      # VT API
+      #
+      # @return [::VirusTotal::API]
+      #
+      def api: () -> untyped
+
+      #
+      # Search with cursor
+      #
+      # @return [Array<Mihari::Structs::VirusTotalIntelligence::Response>]
+      #
+      def search_witgh_cursor: () -> Array[Mihari::Structs::VirusTotalIntelligence::Response]
+    end
+  end
+end

data/sig/lib/mihari/enrichers/base.rbs

@@ -0,0 +1,12 @@
+module Mihari
+  module Enrichers
+    class Base
+      include Mixins::Configurable
+
+      def self.inherited: (untyped child) -> untyped
+
+      # @return [Boolean]
+      def valid?: () -> bool
+    end
+  end
+end

data/sig/lib/mihari/enrichers/ipinfo.rbs

@@ -0,0 +1,16 @@
+module Mihari
+  module Enrichers
+    class IPInfo
+      def valid?: () -> bool
+
+      #
+      # Query IPInfo
+      #
+      # @param [String] ip
+      #
+      # @return [Mihari::Structs::IPInfo::Response, nil]
+      #
+      def self.query: (String ip) -> Mihari::Structs::IPInfo::Response?
+    end
+  end
+end

data/sig/lib/mihari/mixins/autonomous_system.rbs

@@ -0,0 +1,14 @@
+module Mihari
+  module Mixins
+    module AutonomousSystem
+      #
+      # Normalize ASN value
+      #
+      # @param [String, Integer] asn
+      #
+      # @return [Integer]
+      #
+      def normalize_asn: (String | Integer asn) -> Integer
+    end
+  end
+end

data/sig/lib/mihari/models/artifact.rbs

@@ -7,6 +7,7 @@ module Mihari
     attr_accessor data (): String
     attr_accessor data_type (): String
 
+    attr_accessor autonomous_system(): Mihari::AutonomousSystem
     attr_accessor geolocation (): Mihari::Geolocation
     attr_accessor whois_record(): Mihari::WhoisRecord
     attr_accessor dns_records(): Array[Mihari::DnsRecord]
@@ -41,6 +42,12 @@ module Mihari
     #
     def enrich_reverse_dns: () -> void
 
+    def enrich_geolocation: () -> void
+
+    def enrich_autonomous_system: () -> void
+
+    def enrich_all: () -> void
+
     private
 
     def normalize_as_domain: (String url_or_domain) -> String
@@ -50,5 +57,9 @@ module Mihari
     def can_enrich_dns?: () -> bool
 
     def can_enrich_revese_dns?: () -> bool
+
+    def can_enrich_geolocation?: () -> bool
+
+    def can_enrich_autonomous_system?: () -> bool
   end
 end

data/sig/lib/mihari/models/autonomous_system.rbs

@@ -1,5 +1,14 @@
 module Mihari
   class AutonomousSystem < ActiveRecord::Base
     attr_accessor asn (): Integer
+
+    #
+    # Build AS by IP
+    #
+    # @param [String] ip
+    #
+    # @return [Mihari::AutonomousSystem]
+    #
+    def self.build_by_ip: (String ip) -> Mihari::AutonomousSystem?
   end
 end

data/sig/lib/mihari/models/geolocation.rbs

@@ -2,5 +2,14 @@ module Mihari
   class Geolocation < ActiveRecord::Base
     attr_accessor country (): String
     attr_accessor country_code (): String
+
+    #
+    # Build geolocation by IP
+    #
+    # @param [String] ip
+    #
+    # @return [Mihari::Geolocation]
+    #
+    def self.build_by_ip: (String ip) -> Mihari::Geolocation?
   end
 end

data/sig/lib/mihari/structs/ipinfo.rbs

@@ -0,0 +1,17 @@
+module Mihari
+  module Structs
+    module IPInfo
+      class Response
+        attr_reader ip: String
+        attr_reader hostname: String?
+        attr_reader loc: String
+        attr_reader country_code: String
+        attr_reader asn: Integer?
+
+        def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::IPInfo::Response
+
+        def to_hash: () -> Hash[(String | Symbol), untyped]
+      end
+    end
+  end
+end

data/sig/lib/mihari/structs/virustotal_intelligence.rbs

@@ -0,0 +1,33 @@
+module Mihari
+  module Structs
+    module VirusTotalIntelligence
+      class ContextAttributes
+        attr_reader url: Array[String]?
+
+        def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::VirusTotalIntelligence::ContextAttributes
+      end
+
+      class Datum
+        attr_reader type: String
+        attr_reader context_attributes: Mihari::Structs::VirusTotalIntelligence::ContextAttributes?
+
+        def value: () -> String?
+
+        def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::VirusTotalIntelligence::Datum
+      end
+
+      class Meta
+        attr_reader cursor: String?
+
+        def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::VirusTotalIntelligence::Meta
+      end
+
+      class Response
+        attr_reader meta: Mihari::Structs::VirusTotalIntelligence::Meta
+        attr_reader data: Array[Mihari::Structs::VirusTotalIntelligence::Datum]
+
+        def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::VirusTotalIntelligence::Response
+      end
+    end
+  end
+end

data/sig/lib/mihari.rbs

@@ -42,6 +42,8 @@ module Mihari
 
   def self.analyzers: () -> ::Array[singleton(Mihari::Analyzers::Base)]
 
+  def self.enrichers: () -> ::Array[singleton(Mihari::Enrichers::Base)]
+
   #
   # Load configuration from YAML file
   #

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mihari
 version: !ruby/object:Gem::Version
-  version: 3.6.1
+  version: 3.8.0
 platform: ruby
 authors:
 - Manabu Niseki
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-08-29 00:00:00.000000000 Z
+date: 2021-09-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.22'
+        version: '0.23'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.22'
+        version: '0.23'
 - !ruby/object:Gem::Dependency
   name: fakefs
   requirement: !ruby/object:Gem::Requirement
@@ -170,28 +170,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '1.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '1.3'
 - !ruby/object:Gem::Dependency
   name: steep
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.45'
+        version: '0.46'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.45'
+        version: '0.46'
 - !ruby/object:Gem::Dependency
   name: timecop
   requirement: !ruby/object:Gem::Requirement
@@ -402,20 +402,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.1'
+- !ruby/object:Gem::Dependency
+  name: dotenv
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.7'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.7'
 - !ruby/object:Gem::Dependency
   name: dry-configurable
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.12'
+        version: '0.13'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.12'
+        version: '0.13'
 - !ruby/object:Gem::Dependency
   name: dry-files
   requirement: !ruby/object:Gem::Requirement
@@ -464,14 +478,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: '1.7'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: '1.7'
 - !ruby/object:Gem::Dependency
   name: email_address
   requirement: !ruby/object:Gem::Requirement
@@ -542,6 +556,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.1'
+- !ruby/object:Gem::Dependency
+  name: memist
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: misp
   requirement: !ruby/object:Gem::Requirement
@@ -912,14 +940,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.1'
+        version: '1.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.1'
+        version: '1.2'
 - !ruby/object:Gem::Dependency
   name: whois
   requirement: !ruby/object:Gem::Requirement
@@ -1018,6 +1046,7 @@ files:
 - lib/mihari/analyzers/spyse.rb
 - lib/mihari/analyzers/urlscan.rb
 - lib/mihari/analyzers/virustotal.rb
+- lib/mihari/analyzers/virustotal_intelligence.rb
 - lib/mihari/analyzers/zoomeye.rb
 - lib/mihari/cli/analyzer.rb
 - lib/mihari/cli/base.rb
@@ -1044,6 +1073,7 @@ files:
 - lib/mihari/commands/urlscan.rb
 - lib/mihari/commands/validator.rb
 - lib/mihari/commands/virustotal.rb
+- lib/mihari/commands/virustotal_intelligence.rb
 - lib/mihari/commands/web.rb
 - lib/mihari/commands/zoomeye.rb
 - lib/mihari/constants.rb
@@ -1055,7 +1085,10 @@ files:
 - lib/mihari/emitters/stdout.rb
 - lib/mihari/emitters/the_hive.rb
 - lib/mihari/emitters/webhook.rb
+- lib/mihari/enrichers/base.rb
+- lib/mihari/enrichers/ipinfo.rb
 - lib/mihari/errors.rb
+- lib/mihari/mixins/autonomous_system.rb
 - lib/mihari/mixins/configurable.rb
 - lib/mihari/mixins/configuration.rb
 - lib/mihari/mixins/disallowed_data_value.rb
@@ -1089,8 +1122,10 @@ files:
 - lib/mihari/serializers/whois.rb
 - lib/mihari/status.rb
 - lib/mihari/structs/censys.rb
+- lib/mihari/structs/ipinfo.rb
 - lib/mihari/structs/onyphe.rb
 - lib/mihari/structs/shodan.rb
+- lib/mihari/structs/virustotal_intelligence.rb
 - lib/mihari/templates/rule.yml.erb
 - lib/mihari/type_checker.rb
 - lib/mihari/types.rb
@@ -1139,6 +1174,8 @@ files:
 - lib/mihari/web/public/static/img/fa-regular-400.c5d109be.svg
 - lib/mihari/web/public/static/img/fa-solid-900.376c1f97.svg
 - lib/mihari/web/public/static/img/fa-solid-900.37bc7099.svg
+- lib/mihari/web/public/static/js/app.06d5cf1c.js
+- lib/mihari/web/public/static/js/app.06d5cf1c.js.map
 - lib/mihari/web/public/static/js/app.365f1907.js
 - lib/mihari/web/public/static/js/app.365f1907.js.map
 - lib/mihari/web/public/static/js/app.8e3e5150.js
@@ -1170,6 +1207,7 @@ files:
 - sig/lib/mihari/analyzers/spyse.rbs
 - sig/lib/mihari/analyzers/urlscan.rbs
 - sig/lib/mihari/analyzers/virustotal.rbs
+- sig/lib/mihari/analyzers/virustotal_intelligence.rbs
 - sig/lib/mihari/analyzers/zoomeye.rbs
 - sig/lib/mihari/cli/analyzer.rbs
 - sig/lib/mihari/cli/base.rbs
@@ -1207,7 +1245,10 @@ files:
 - sig/lib/mihari/emitters/stdout.rbs
 - sig/lib/mihari/emitters/the_hive.rbs
 - sig/lib/mihari/emitters/webhook.rbs
+- sig/lib/mihari/enrichers/base.rbs
+- sig/lib/mihari/enrichers/ipinfo.rbs
 - sig/lib/mihari/errors.rbs
+- sig/lib/mihari/mixins/autonomous_system.rbs
 - sig/lib/mihari/mixins/configurable.rbs
 - sig/lib/mihari/mixins/configuration.rbs
 - sig/lib/mihari/mixins/disallowed_data_value.rbs
@@ -1229,8 +1270,10 @@ files:
 - sig/lib/mihari/notifiers/slack.rbs
 - sig/lib/mihari/status.rbs
 - sig/lib/mihari/structs/censys.rbs
+- sig/lib/mihari/structs/ipinfo.rbs
 - sig/lib/mihari/structs/onyphe.rbs
 - sig/lib/mihari/structs/shodan.rbs
+- sig/lib/mihari/structs/virustotal_intelligence.rbs
 - sig/lib/mihari/type_checker.rbs
 - sig/lib/mihari/types.rbs
 - sig/lib/mihari/version.rbs