RubyGems - mihari - Versions diffs - 5.2.4 → 5.3.1 - Mend

mihari 5.2.4 → 5.3.1

Files changed (135) hide show

checksums.yaml +4 -4
data/.gitignore +4 -1
data/README.md +0 -10
data/Rakefile +13 -1
data/build_frontend.sh +1 -1
data/frontend/.eslintrc.cjs +22 -0
data/frontend/.gitignore +18 -12
data/frontend/.prettierrc.json +8 -0
data/frontend/env.d.ts +5 -0
data/frontend/package-lock.json +5213 -9655
data/frontend/package.json +38 -25
data/frontend/src/App.vue +5 -5
data/frontend/src/api-helper.ts +38 -40
data/frontend/src/api.ts +40 -40
data/frontend/src/components/ErrorMessage.vue +8 -8
data/frontend/src/components/Loading.vue +4 -4
data/frontend/src/components/Navbar.vue +10 -27
data/frontend/src/components/Pagination.vue +35 -42
data/frontend/src/components/alert/Alert.vue +22 -27
data/frontend/src/components/alert/Alerts.vue +23 -25
data/frontend/src/components/alert/AlertsWithPagination.vue +34 -34
data/frontend/src/components/alert/AlertsWrapper.vue +43 -50
data/frontend/src/components/alert/Form.vue +39 -40
data/frontend/src/components/artifact/AS.vue +7 -7
data/frontend/src/components/artifact/Artifact.vue +69 -86
data/frontend/src/components/artifact/ArtifactTag.vue +21 -27
data/frontend/src/components/artifact/ArtifactTags.vue +8 -8
data/frontend/src/components/artifact/ArtifactWrapper.vue +22 -25
data/frontend/src/components/artifact/CPEs.vue +6 -6
data/frontend/src/components/artifact/DnsRecords.vue +9 -9
data/frontend/src/components/artifact/Ports.vue +6 -6
data/frontend/src/components/artifact/ReverseDnsNames.vue +7 -7
data/frontend/src/components/artifact/Tags.vue +6 -6
data/frontend/src/components/artifact/WhoisRecord.vue +7 -9
data/frontend/src/components/config/Configs.vue +9 -12
data/frontend/src/components/config/ConfigsWrapper.vue +14 -20
data/frontend/src/components/link/Link.vue +7 -7
data/frontend/src/components/link/Links.vue +16 -21
data/frontend/src/components/rule/EditRule.vue +23 -23
data/frontend/src/components/rule/EditRuleWrapper.vue +22 -28
data/frontend/src/components/rule/Form.vue +28 -28
data/frontend/src/components/rule/InputForm.vue +31 -25
data/frontend/src/components/rule/NewRule.vue +19 -19
data/frontend/src/components/rule/Rule.vue +28 -30
data/frontend/src/components/rule/RuleWrapper.vue +24 -31
data/frontend/src/components/rule/Rules.vue +26 -30
data/frontend/src/components/rule/RulesWrapper.vue +40 -43
data/frontend/src/components/rule/YAML.vue +19 -22
data/frontend/src/components/tag/Tag.vue +24 -32
data/frontend/src/components/tag/Tags.vue +11 -11
data/frontend/src/countries.ts +23 -23
data/frontend/src/index.ts +9 -12
data/frontend/src/links/anyrun.ts +10 -10
data/frontend/src/links/base.ts +3 -3
data/frontend/src/links/censys.ts +10 -10
data/frontend/src/links/crtsh.ts +10 -10
data/frontend/src/links/dnslytics.ts +18 -18
data/frontend/src/links/greynoise.ts +10 -10
data/frontend/src/links/index.ts +15 -15
data/frontend/src/links/intezer.ts +10 -10
data/frontend/src/links/otx.ts +14 -14
data/frontend/src/links/securitytrails.ts +15 -15
data/frontend/src/links/shodan.ts +10 -10
data/frontend/src/links/urlscan.ts +19 -19
data/frontend/src/links/virustotal.ts +27 -27
data/frontend/src/main.ts +38 -8
data/frontend/src/router/index.ts +20 -20
data/frontend/src/rule.ts +6 -6
data/frontend/src/shims-vue.d.ts +2 -2
data/frontend/src/types.ts +91 -91
data/frontend/src/utils.ts +23 -29
data/frontend/src/views/Alerts.vue +7 -7
data/frontend/src/views/Artifact.vue +17 -17
data/frontend/src/views/Configs.vue +7 -7
data/frontend/src/views/EditRule.vue +17 -17
data/frontend/src/views/NewRule.vue +10 -10
data/frontend/src/views/Rule.vue +17 -17
data/frontend/src/views/Rules.vue +7 -7
data/frontend/tests/utils.spec.ts +9 -0
data/frontend/tsconfig.app.json +21 -0
data/frontend/tsconfig.json +10 -36
data/frontend/tsconfig.node.json +13 -0
data/frontend/tsconfig.vitest.json +12 -0
data/frontend/vite.config.ts +24 -0
data/frontend/vitest.config.ts +21 -0
data/lefthook.yml +4 -2
data/lib/mihari/analyzers/base.rb +48 -14
data/lib/mihari/analyzers/binaryedge.rb +10 -15
data/lib/mihari/analyzers/censys.rb +12 -15
data/lib/mihari/analyzers/circl.rb +10 -10
data/lib/mihari/analyzers/crtsh.rb +10 -6
data/lib/mihari/analyzers/dnstwister.rb +6 -8
data/lib/mihari/analyzers/feed.rb +21 -10
data/lib/mihari/analyzers/greynoise.rb +10 -20
data/lib/mihari/analyzers/onyphe.rb +9 -14
data/lib/mihari/analyzers/otx.rb +8 -9
data/lib/mihari/analyzers/passivetotal.rb +10 -10
data/lib/mihari/analyzers/pulsedive.rb +21 -31
data/lib/mihari/analyzers/securitytrails.rb +8 -6
data/lib/mihari/analyzers/shodan.rb +8 -13
data/lib/mihari/analyzers/urlscan.rb +15 -20
data/lib/mihari/analyzers/virustotal.rb +16 -26
data/lib/mihari/analyzers/virustotal_intelligence.rb +11 -17
data/lib/mihari/analyzers/zoomeye.rb +12 -17
data/lib/mihari/config.rb +133 -0
data/lib/mihari/constants.rb +3 -0
data/lib/mihari/emitters/slack.rb +13 -3
data/lib/mihari/errors.rb +1 -1
data/lib/mihari/http.rb +2 -3
data/lib/mihari/schemas/analyzer.rb +2 -0
data/lib/mihari/type_checker.rb +6 -6
data/lib/mihari/version.rb +1 -1
data/lib/mihari/web/endpoints/configs.rb +5 -1
data/lib/mihari/web/public/assets/{index-eed1bcd8.css → index-b17c40c6.css} +1 -5
data/lib/mihari/web/public/assets/index-f740e4f9.js +799 -0
data/lib/mihari/web/public/index.html +2 -2
data/lib/mihari/web/public/redoc-static.html +388 -2193
data/lib/mihari.rb +9 -59
data/mihari.gemspec +8 -8
metadata +29 -117
data/frontend/.browserslistrc +0 -3
data/frontend/.eslintrc.js +0 -33
data/frontend/babel.config.js +0 -3
data/frontend/jest.config.js +0 -9
data/frontend/tests/unit/utils.spec.ts +0 -7
data/frontend/vite.config.js +0 -24
data/lib/mihari/web/public/assets/fa-brands-400-20c4a58b.ttf +0 -0
data/lib/mihari/web/public/assets/fa-brands-400-74833209.woff2 +0 -0
data/lib/mihari/web/public/assets/fa-regular-400-528d022d.ttf +0 -0
data/lib/mihari/web/public/assets/fa-regular-400-8e7e5ea1.woff2 +0 -0
data/lib/mihari/web/public/assets/fa-solid-900-67a65763.ttf +0 -0
data/lib/mihari/web/public/assets/fa-solid-900-7152a693.woff2 +0 -0
data/lib/mihari/web/public/assets/fa-v4compatibility-0515a423.ttf +0 -0
data/lib/mihari/web/public/assets/fa-v4compatibility-694a17c3.woff2 +0 -0
data/lib/mihari/web/public/assets/index-ac4e5ffa.js +0 -50

data/lib/mihari/analyzers/binaryedge.rb CHANGED Viewed

@@ -3,23 +3,18 @@
 module Mihari
   module Analyzers
     class BinaryEdge < Base
-      param :query
-      option :interval, default: proc { 0 }
       # @return [String, nil]
       attr_reader :api_key
-      # @return [String]
-      attr_reader :query
-      # @return [Integer]
-      attr_reader :interval
-      def initialize(*args, **kwargs)
-        super(*args, **kwargs)
+      #
+      # @param [String] query
+      # @param [Hash, nil] options
+      # @param [String, nil] api_key
+      #
+      def initialize(query, options: nil, api_key: nil)
+        super(query, options: options)
-        @api_key = kwargs[:api_key] || Mihari.config.binaryedge_api_key
+        @api_key = api_key || Mihari.config.binaryedge_api_key
       end
       def artifacts
@@ -48,7 +43,7 @@ module Mihari
       #
       def search_with_page(page: 1)
         client.search(query, page: page)
-      rescue UnsuccessfulStatusCodeError => e
+      rescue StatusCodeError => e
         raise RetryableError, e if e.message.include?("Request time limit exceeded")
         raise e
@@ -69,7 +64,7 @@ module Mihari
           break if total <= page * PAGE_SIZE
           # sleep #{interval} seconds to avoid the rate limitation (if it is set)
-          sleep interval
+          sleep(interval) if interval
         end
         responses
       end

data/lib/mihari/analyzers/censys.rb CHANGED Viewed

@@ -3,27 +3,24 @@
 module Mihari
   module Analyzers
     class Censys < Base
-      param :query
-      option :interval, default: proc { 0 }
       # @return [String, nil]
       attr_reader :id
       # @return [String, nil]
       attr_reader :secret
-      # @return [Integer]
-      attr_reader :interval
-      # @return [String]
-      attr_reader :query
-      def initialize(*args, **kwargs)
-        super(*args, **kwargs)
+      #
+      # @param [String] query
+      # @param [hash, nil] options
+      # @param [String, nil] api_key
+      # @param [String, nil] id
+      # @param [String, nil] secret
+      #
+      def initialize(query, options: nil, id: nil, secret: nil)
+        super(query, options: options)
-        @id = kwargs[:id] || Mihari.config.censys_id
-        @secret = kwargs[:secret] || Mihari.config.censys_secret
+        @id = id || Mihari.config.censys_id
+        @secret = secret || Mihari.config.censys_secret
       end
       #
@@ -45,7 +42,7 @@ module Mihari
           break if cursor.nil? || cursor.empty?
           # sleep #{interval} seconds to avoid the rate limitation (if it is set)
-          sleep interval
+          sleep(interval) if interval
         end
         artifacts.flatten.uniq(&:data)

data/lib/mihari/analyzers/circl.rb CHANGED Viewed

@@ -5,8 +5,6 @@ module Mihari
     class CIRCL < Base
       include Mixins::Refang
-      param :query
       # @return [String, nil]
       attr_reader :type
@@ -16,17 +14,19 @@ module Mihari
       # @return [String, nil]
       attr_reader :password
-      # @return [String]
-      attr_reader :query
-      def initialize(*args, **kwargs)
-        super
+      #
+      # @param [String] query
+      # @param [Hash, nil] options
+      # @param [String, nil] username
+      # @param [String, nil] password
+      #
+      def initialize(query, options: nil, username: nil, password: nil)
+        super(refang(query), options: options)
-        @query = refang(query)
         @type = TypeChecker.type(query)
-        @username = kwargs[:username] || Mihari.config.circl_passive_username
-        @password = kwargs[:password] || Mihari.config.circl_passive_password
+        @username = username || Mihari.config.circl_passive_username
+        @password = password || Mihari.config.circl_passive_password
       end
       def artifacts

data/lib/mihari/analyzers/crtsh.rb CHANGED Viewed

@@ -3,15 +3,19 @@
 module Mihari
   module Analyzers
     class Crtsh < Base
-      param :query
-      option :exclude_expired, default: proc { true }
       # @return [Boolean]
       attr_reader :exclude_expired
-      # @return [String]
-      attr_reader :query
+      #
+      # @param [String] query
+      # @param [Hash, nil] options
+      # @param [Bool] exclude_expired
+      #
+      def initialize(query, options: nil, exclude_expired: true)
+        super(query, options: options)
+        @exclude_expired = exclude_expired
+      end
       def artifacts
         results = search

data/lib/mihari/analyzers/dnstwister.rb CHANGED Viewed

@@ -5,18 +5,16 @@ module Mihari
     class DNSTwister < Base
       include Mixins::Refang
-      param :query
       # @return [String]
       attr_reader :type
-      # @return [String]
-      attr_reader :query
-      def initialize(*args, **kwargs)
-        super
+      #
+      # @param [String] query
+      # @param [Hash, nil] options
+      #
+      def initialize(query, options: nil)
+        super(refang(query), options: options)
-        @query = refang(query)
         @type = TypeChecker.type(query)
       end

data/lib/mihari/analyzers/feed.rb CHANGED Viewed

@@ -6,16 +6,6 @@ require "mihari/feed/parser"
 module Mihari
   module Analyzers
     class Feed < Base
-      param :query
-      option :method, default: proc { "GET" }
-      option :headers, default: proc { {} }
-      option :params, default: proc {}
-      option :json, default: proc {}
-      option :data, default: proc {}
-      option :selector, default: proc { "" }
       # @return [Hash, nil]
       attr_reader :data
@@ -37,6 +27,27 @@ module Mihari
       # @return [String]
       attr_reader :query
+      #
+      # @param [String] query
+      # @param [Hash, nil] options
+      # @param [String] method
+      # @param [Hash] headers
+      # @param [Hash] params
+      # @param [Hash] json
+      # @param [Hash] data
+      # @param [String] selector
+      #
+      def initialize(query, options: nil, method: "GET", headers: {}, params: {}, json: {}, data: {}, selector: "")
+        super(query, options: options)
+        @method = method
+        @headers = headers
+        @params = params
+        @json = json
+        @data = data
+        @selector = selector
+      end
       def artifacts
         Mihari::Feed::Parser.new(results).parse selector
       end

data/lib/mihari/analyzers/greynoise.rb CHANGED Viewed

@@ -3,29 +3,28 @@
 module Mihari
   module Analyzers
     class GreyNoise < Base
-      param :query
+      PAGE_SIZE = 10_000
       # @return [String, nil]
       attr_reader :api_key
-      # @return [String]
-      attr_reader :query
-      def initialize(*args, **kwargs)
-        super(*args, **kwargs)
+      #
+      # @param [String] query
+      # @param [Hash, nil] options
+      # @param [String, nil] api_key
+      #
+      def initialize(query, options: nil, api_key: nil)
+        super(query, options: options)
-        @api_key = kwargs[:api_key] || Mihari.config.greynoise_api_key
+        @api_key = api_key || Mihari.config.greynoise_api_key
       end
       def artifacts
-        res = search
-        res.to_artifacts
+        client.gnql_search(query, size: PAGE_SIZE).to_artifacts
       end
       private
-      PAGE_SIZE = 10_000
       def configuration_keys
         %w[greynoise_api_key]
       end
@@ -33,15 +32,6 @@ module Mihari
       def client
         @client ||= Clients::GreyNoise.new(api_key: api_key)
       end
-      #
-      # Search
-      #
-      # @return [Hash]
-      #
-      def search
-        client.gnql_search(query, size: PAGE_SIZE)
-      end
     end
   end
 end

data/lib/mihari/analyzers/onyphe.rb CHANGED Viewed

@@ -5,23 +5,18 @@ require "normalize_country"
 module Mihari
   module Analyzers
     class Onyphe < Base
-      param :query
-      option :interval, default: proc { 0 }
       # @return [String, nil]
       attr_reader :api_key
-      # @return [String]
-      attr_reader :query
-      # @return [Integer]
-      attr_reader :interval
-      def initialize(*args, **kwargs)
-        super(*args, **kwargs)
+      #
+      # @param [String] query
+      # @param [Hash, nil] options
+      # @param [String, nil] api_key
+      #
+      def initialize(query, options: nil, api_key: nil)
+        super(query, options: options)
-        @api_key = kwargs[:api_key] || Mihari.config.onyphe_api_key
+        @api_key = api_key || Mihari.config.onyphe_api_key
       end
       def artifacts
@@ -70,7 +65,7 @@ module Mihari
           break if total <= page * PAGE_SIZE
           # sleep #{interval} seconds to avoid the rate limitation (if it is set)
-          sleep interval
+          sleep(interval) if interval
         end
         responses
       end

data/lib/mihari/analyzers/otx.rb CHANGED Viewed

@@ -5,24 +5,23 @@ module Mihari
     class OTX < Base
       include Mixins::Refang
-      param :query
       # @return [String, nil]
       attr_reader :type
       # @return [String, nil]
       attr_reader :api_key
-      # @return [String]
-      attr_reader :query
-      def initialize(*args, **kwargs)
-        super
+      #
+      # @param [String] query
+      # @param [Hash, nil] options
+      # @param [String, nil] api_key
+      #
+      def initialize(query, options: nil, api_key: nil)
+        super(refang(query), options: options)
-        @query = refang(query)
         @type = TypeChecker.type(query)
-        @api_key = kwargs[:api_key] || Mihari.config.otx_api_key
+        @api_key = api_key || Mihari.config.otx_api_key
       end
       def artifacts

data/lib/mihari/analyzers/passivetotal.rb CHANGED Viewed

@@ -5,8 +5,6 @@ module Mihari
     class PassiveTotal < Base
       include Mixins::Refang
-      param :query
       # @return [String, nil]
       attr_reader :type
@@ -16,17 +14,19 @@ module Mihari
       # @return [String, nil]
       attr_reader :api_key
-      # @return [String]
-      attr_reader :query
-      def initialize(*args, **kwargs)
-        super(*args, **kwargs)
+      #
+      # @param [String] query
+      # @param [Hash, nil] options
+      # @param [String, nil] api_key
+      # @param [String, nil] username
+      #
+      def initialize(query, options: nil, api_key: nil, username: nil)
+        super(refang(query), options: options)
-        @query = refang(query)
         @type = TypeChecker.type(query)
-        @username = kwargs[:username] || Mihari.config.passivetotal_username
-        @api_key = kwargs[:api_key] || Mihari.config.passivetotal_api_key
+        @username = username || Mihari.config.passivetotal_username
+        @api_key = api_key || Mihari.config.passivetotal_api_key
       end
       def artifacts

data/lib/mihari/analyzers/pulsedive.rb CHANGED Viewed

@@ -5,28 +5,39 @@ module Mihari
     class Pulsedive < Base
       include Mixins::Refang
-      param :query
       # @return [String, nil]
       attr_reader :type
       # @return [String, nil]
       attr_reader :api_key
-      # @return [Integer]
-      attr_reader :query
-      def initialize(*args, **kwargs)
-        super
+      #
+      # @param [String] query
+      # @param [Hash, nil] options
+      # @param [String, nil] api_key
+      #
+      def initialize(query, options: nil, api_key: nil)
+        super(refang(query), options: options)
-        @query = refang(query)
         @type = TypeChecker.type(query)
-        @api_key = kwargs[:api_key] || Mihari.config.pulsedive_api_key
+        @api_key = api_key || Mihari.config.pulsedive_api_key
       end
       def artifacts
-        search || []
+        raise InvalidInputError, "#{query}(type: #{type || "unknown"}) is not supported." unless valid_type?
+        indicator = client.get_indicator(query)
+        iid = indicator["iid"]
+        properties = client.get_properties(iid)
+        (properties["dns"] || []).filter_map do |property|
+          if %w[A PTR].include?(property["name"])
+            nil
+          else
+            data = property["value"]
+            Artifact.new(data: data, source: source, metadata: property)
+          end
+        end
       end
       private
@@ -47,27 +58,6 @@ module Mihari
       def valid_type?
         %w[ip domain].include? type
       end
-      #
-      # Search
-      #
-      # @return [Array<Mihari::Artifact>]
-      #
-      def search
-        raise InvalidInputError, "#{query}(type: #{type || "unknown"}) is not supported." unless valid_type?
-        indicator = client.get_indicator(query)
-        iid = indicator["iid"]
-        properties = client.get_properties(iid)
-        (properties["dns"] || []).filter_map do |property|
-          if %w[A PTR].include?(property["name"])
-            nil
-          else
-            data = property["value"]
-            Artifact.new(data: data, source: source, metadata: property)
-          end
-        end
-      end
     end
   end
 end

data/lib/mihari/analyzers/securitytrails.rb CHANGED Viewed

@@ -5,8 +5,6 @@ module Mihari
     class SecurityTrails < Base
       include Mixins::Refang
-      param :query
       # @return [String, nil]
       attr_reader :type
@@ -16,13 +14,17 @@ module Mihari
       # @return [String]
       attr_reader :query
-      def initialize(*args, **kwargs)
-        super
+      #
+      # @param [String] query
+      # @param [Hash, nil] options
+      # @param [String, nil] api_key
+      #
+      def initialize(query, options: nil, api_key: nil)
+        super(refang(query), options: options)
-        @query = refang(query)
         @type = TypeChecker.type(query)
-        @api_key = kwargs[:api_key] || Mihari.config.securitytrails_api_key
+        @api_key = api_key || Mihari.config.securitytrails_api_key
       end
       def artifacts

data/lib/mihari/analyzers/shodan.rb CHANGED Viewed

@@ -3,23 +3,18 @@
 module Mihari
   module Analyzers
     class Shodan < Base
-      param :query
-      option :interval, default: proc { 0 }
       # @return [String, nil]
       attr_reader :api_key
-      # @return [Integer]
-      attr_reader :interval
-      # @return [String]
-      attr_reader :query
-      def initialize(*args, **kwargs)
-        super(*args, **kwargs)
+      #
+      # @param [String] query
+      # @param [Hash, nil] options
+      # @param [String, nil] api_key
+      #
+      def initialize(query, options: nil, api_key: nil)
+        super(query, options: options)
-        @api_key = kwargs[:api_key] || Mihari.config.shodan_api_key
+        @api_key = api_key || Mihari.config.shodan_api_key
       end
       def artifacts

data/lib/mihari/analyzers/urlscan.rb CHANGED Viewed

@@ -3,35 +3,30 @@
 module Mihari
   module Analyzers
     class Urlscan < Base
-      param :query
-      option :allowed_data_types, default: proc { SUPPORTED_DATA_TYPES }
-      option :interval, default: proc { 0 }
       SUPPORTED_DATA_TYPES = %w[url domain ip].freeze
       SIZE = 1000
       # @return [String, nil]
       attr_reader :api_key
-      # @return [String]
-      attr_reader :query
-      # @return [Integer]
-      attr_reader :interval
-      # @return [String]
+      # @return [Array<String>]
       attr_reader :allowed_data_types
-      def initialize(*args, **kwargs)
-        super
+      #
+      # @param [String] query
+      # @param [Hash, nil] options
+      # @param [String, nil] api_key
+      # @param [Array<String>] allowed_data_types
+      #
+      def initialize(query, options: nil, api_key: nil, allowed_data_types: SUPPORTED_DATA_TYPES)
+        super(query, options: options)
-        unless valid_allowed_data_types?
-          raise InvalidInputError, "allowed_data_types should be any of url, domain and ip."
-        end
+        @api_key = api_key || Mihari.config.urlscan_api_key
+        @allowed_data_types = allowed_data_types
+        return if valid_allowed_data_types?
-        @api_key = kwargs[:api_key] || Mihari.config.urlscan_api_key
+        raise InvalidInputError, "allowed_data_types should be any of url, domain and ip."
       end
       def artifacts
@@ -82,7 +77,7 @@ module Mihari
           search_after = res.results.last.sort.join(",")
           # sleep #{interval} seconds to avoid the rate limitation (if it is set)
-          sleep interval
+          sleep(interval) if interval
         end
         responses

data/lib/mihari/analyzers/virustotal.rb CHANGED Viewed

@@ -5,28 +5,34 @@ module Mihari
     class VirusTotal < Base
       include Mixins::Refang
-      param :query
       # @return [String]
       attr_reader :type
       # @return [String, nil]
       attr_reader :api_key
-      # @return [String]
-      attr_reader :query
-      def initialize(*args, **kwargs)
-        super(*args, **kwargs)
+      #
+      # @param [String] query
+      # @param [Hash, nil] options
+      # @param [String, nil] api_key
+      #
+      def initialize(query, options: nil, api_key: nil)
+        super(refang(query), options: options)
-        @query = refang(query)
         @type = TypeChecker.type(query)
-        @api_key = kwargs[:api_key] || Mihari.config.virustotal_api_key
+        @api_key = api_key || Mihari.config.virustotal_api_key
       end
       def artifacts
-        search || []
+        case type
+        when "domain"
+          domain_search
+        when "ip"
+          ip_search
+        else
+          raise InvalidInputError, "#{query}(type: #{type || "unknown"}) is not supported." unless valid_type?
+        end
       end
       private
@@ -48,22 +54,6 @@ module Mihari
         %w[ip domain].include? type
       end
-      #
-      # Search
-      #
-      # @return [Array<Mihari::Artifact>]
-      #
-      def search
-        case type
-        when "domain"
-          domain_search
-        when "ip"
-          ip_search
-        else
-          raise InvalidInputError, "#{query}(type: #{type || "unknown"}) is not supported." unless valid_type?
-        end
-      end
       #
       # Domain search
       #