RubyGems - mihari - Versions diffs - 5.6.2 → 5.7.0 - Mend

mihari 5.6.2 → 5.7.0

Files changed (150) hide show

checksums.yaml +4 -4
data/.rubocop.yml +5 -1
data/README.md +1 -0
data/config.ru +1 -1
data/docs/analyzers/fofa.md +31 -0
data/docs/analyzers/index.md +1 -0
data/frontend/package-lock.json +73 -73
data/frontend/package.json +5 -5
data/frontend/src/components/alert/Form.vue +1 -14
data/frontend/src/components/artifact/AS.vue +2 -8
data/frontend/src/components/artifact/DnsRecords.vue +2 -8
data/frontend/src/components/artifact/ReverseDnsNames.vue +2 -10
data/frontend/src/components/artifact/WhoisRecord.vue +1 -1
data/lib/mihari/actor.rb +14 -4
data/lib/mihari/analyzers/base.rb +13 -12
data/lib/mihari/analyzers/binaryedge.rb +4 -1
data/lib/mihari/analyzers/censys.rb +4 -2
data/lib/mihari/analyzers/circl.rb +4 -1
data/lib/mihari/analyzers/crtsh.rb +4 -1
data/lib/mihari/analyzers/dnstwister.rb +4 -1
data/lib/mihari/analyzers/feed.rb +3 -0
data/lib/mihari/analyzers/fofa.rb +65 -0
data/lib/mihari/analyzers/greynoise.rb +4 -1
data/lib/mihari/analyzers/hunterhow.rb +6 -1
data/lib/mihari/analyzers/onyphe.rb +4 -1
data/lib/mihari/analyzers/otx.rb +4 -1
data/lib/mihari/analyzers/passivetotal.rb +4 -1
data/lib/mihari/analyzers/pulsedive.rb +3 -0
data/lib/mihari/analyzers/securitytrails.rb +4 -1
data/lib/mihari/analyzers/shodan.rb +4 -1
data/lib/mihari/analyzers/urlscan.rb +4 -1
data/lib/mihari/analyzers/virustotal.rb +4 -1
data/lib/mihari/analyzers/virustotal_intelligence.rb +4 -1
data/lib/mihari/analyzers/zoomeye.rb +5 -2
data/lib/mihari/cli/alert.rb +3 -0
data/lib/mihari/cli/base.rb +3 -0
data/lib/mihari/cli/database.rb +3 -0
data/lib/mihari/cli/main.rb +3 -0
data/lib/mihari/cli/rule.rb +3 -0
data/lib/mihari/clients/base.rb +3 -0
data/lib/mihari/clients/binaryedge.rb +5 -2
data/lib/mihari/clients/censys.rb +7 -4
data/lib/mihari/clients/circl.rb +3 -0
data/lib/mihari/clients/crtsh.rb +3 -0
data/lib/mihari/clients/dnstwister.rb +3 -0
data/lib/mihari/clients/fofa.rb +83 -0
data/lib/mihari/clients/greynoise.rb +5 -2
data/lib/mihari/clients/hunterhow.rb +5 -2
data/lib/mihari/clients/misp.rb +3 -0
data/lib/mihari/clients/onyphe.rb +5 -2
data/lib/mihari/clients/otx.rb +3 -0
data/lib/mihari/clients/passivetotal.rb +3 -0
data/lib/mihari/clients/publsedive.rb +4 -1
data/lib/mihari/clients/securitytrails.rb +3 -0
data/lib/mihari/clients/shodan.rb +5 -2
data/lib/mihari/clients/the_hive.rb +3 -0
data/lib/mihari/clients/urlscan.rb +7 -4
data/lib/mihari/clients/virustotal.rb +5 -2
data/lib/mihari/clients/zoomeye.rb +3 -0
data/lib/mihari/commands/alert.rb +5 -14
data/lib/mihari/commands/database.rb +3 -0
data/lib/mihari/commands/rule.rb +10 -1
data/lib/mihari/commands/search.rb +9 -6
data/lib/mihari/commands/version.rb +3 -0
data/lib/mihari/commands/web.rb +4 -1
data/lib/mihari/config.rb +139 -150
data/lib/mihari/constants.rb +1 -1
data/lib/mihari/database.rb +6 -0
data/lib/mihari/emitters/base.rb +13 -11
data/lib/mihari/emitters/database.rb +4 -1
data/lib/mihari/emitters/misp.rb +7 -4
data/lib/mihari/emitters/slack.rb +3 -3
data/lib/mihari/emitters/the_hive.rb +3 -3
data/lib/mihari/emitters/webhook.rb +4 -3
data/lib/mihari/enrichers/base.rb +15 -9
data/lib/mihari/enrichers/google_public_dns.rb +6 -5
data/lib/mihari/enrichers/ipinfo.rb +10 -8
data/lib/mihari/enrichers/shodan.rb +4 -6
data/lib/mihari/enrichers/whois.rb +12 -9
data/lib/mihari/errors.rb +6 -0
data/lib/mihari/feed/parser.rb +3 -0
data/lib/mihari/feed/reader.rb +3 -0
data/lib/mihari/http.rb +6 -0
data/lib/mihari/mixins/autonomous_system.rb +3 -0
data/lib/mihari/mixins/configurable.rb +3 -0
data/lib/mihari/mixins/error_notification.rb +3 -0
data/lib/mihari/mixins/falsepositive.rb +3 -0
data/lib/mihari/mixins/refang.rb +3 -0
data/lib/mihari/mixins/retriable.rb +6 -2
data/lib/mihari/models/alert.rb +7 -4
data/lib/mihari/models/artifact.rb +6 -0
data/lib/mihari/models/autonomous_system.rb +4 -1
data/lib/mihari/models/cpe.rb +4 -1
data/lib/mihari/models/dns.rb +4 -1
data/lib/mihari/models/geolocation.rb +4 -1
data/lib/mihari/models/port.rb +4 -1
data/lib/mihari/models/reverse_dns.rb +4 -1
data/lib/mihari/models/rule.rb +6 -3
data/lib/mihari/models/tag.rb +3 -0
data/lib/mihari/models/tagging.rb +3 -0
data/lib/mihari/models/whois.rb +4 -3
data/lib/mihari/rule.rb +17 -12
data/lib/mihari/schemas/alert.rb +3 -0
data/lib/mihari/schemas/analyzer.rb +11 -0
data/lib/mihari/schemas/emitter.rb +3 -0
data/lib/mihari/schemas/enricher.rb +3 -0
data/lib/mihari/schemas/macros.rb +4 -0
data/lib/mihari/schemas/mixins.rb +5 -0
data/lib/mihari/schemas/rule.rb +3 -0
data/lib/mihari/service.rb +16 -0
data/lib/mihari/services/alert_builder.rb +8 -5
data/lib/mihari/services/alert_proxy.rb +6 -1
data/lib/mihari/services/alert_runner.rb +8 -12
data/lib/mihari/services/rule_builder.rb +8 -5
data/lib/mihari/services/rule_runner.rb +8 -10
data/lib/mihari/structs/binaryedge.rb +13 -28
data/lib/mihari/structs/censys.rb +48 -127
data/lib/mihari/structs/config.rb +19 -30
data/lib/mihari/structs/filters.rb +38 -0
data/lib/mihari/structs/fofa.rb +44 -0
data/lib/mihari/structs/google_public_dns.rb +10 -28
data/lib/mihari/structs/greynoise.rb +33 -84
data/lib/mihari/structs/hunterhow.rb +24 -22
data/lib/mihari/structs/ipinfo.rb +14 -35
data/lib/mihari/structs/onyphe.rb +31 -76
data/lib/mihari/structs/shodan.rb +47 -112
data/lib/mihari/structs/urlscan.rb +24 -63
data/lib/mihari/structs/virustotal_intelligence.rb +20 -56
data/lib/mihari/type_checker.rb +4 -0
data/lib/mihari/types.rb +3 -0
data/lib/mihari/version.rb +1 -1
data/lib/mihari/web/api.rb +15 -10
data/lib/mihari/web/app.rb +59 -54
data/lib/mihari/web/endpoints/alerts.rb +94 -89
data/lib/mihari/web/endpoints/artifacts.rb +115 -110
data/lib/mihari/web/endpoints/configs.rb +18 -13
data/lib/mihari/web/endpoints/ip_addresses.rb +21 -16
data/lib/mihari/web/endpoints/rules.rb +203 -198
data/lib/mihari/web/endpoints/tags.rb +41 -36
data/lib/mihari/web/middleware/connection_adapter.rb +16 -9
data/lib/mihari/web/middleware/error_notification_adapter.rb +17 -10
data/lib/mihari/web/public/assets/{index-28d4c79d.js → index-821134e2.js} +30 -30
data/lib/mihari/web/public/assets/mode-yaml-24faa242.js +8 -0
data/lib/mihari/web/public/index.html +1 -1
data/lib/mihari.rb +24 -5
data/mihari.gemspec +8 -1
data/mkdocs.yml +3 -2
metadata +39 -7
data/lib/mihari/templates/rule.yml.erb +0 -5
data/lib/mihari/web/public/assets/mode-yaml-a21faa53.js +0 -8

data/lib/mihari/analyzers/circl.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Analyzers
+    #
+    # CIRCL passive DNS/SSL analyzer
+    #
     class CIRCL < Base
       include Mixins::Refang
@@ -51,7 +54,7 @@ module Mihari
       private
       def client
-        @client ||= Clients::CIRCL.new(username: username, password: password, timeout: timeout)
+        Clients::CIRCL.new(username: username, password: password, timeout: timeout)
       end
       def username?

data/lib/mihari/analyzers/crtsh.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Analyzers
+    #
+    # crt.sh analyzer
+    #
     class Crtsh < Base
       # @return [Boolean]
       attr_reader :exclude_expired
@@ -28,7 +31,7 @@ module Mihari
       # @return [Mihari::Clients::Crtsh]
       #
       def client
-        @client ||= Mihari::Clients::Crtsh.new(timeout: timeout)
+        Mihari::Clients::Crtsh.new(timeout: timeout)
       end
     end
   end

data/lib/mihari/analyzers/dnstwister.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Analyzers
+    #
+    # DNSTwister analyzer
+    #
     class DNSTwister < Base
       include Mixins::Refang
@@ -39,7 +42,7 @@ module Mihari
       end
       def client
-        @client ||= Clients::DNSTwister.new(timeout: timeout)
+        Clients::DNSTwister.new(timeout: timeout)
       end
       #

data/lib/mihari/analyzers/feed.rb CHANGED Viewed

@@ -5,6 +5,9 @@ require "mihari/feed/parser"
 module Mihari
   module Analyzers
+    #
+    # Feed analyzer
+    #
     class Feed < Base
       # @return [Hash, nil]
       attr_reader :data

data/lib/mihari/analyzers/fofa.rb ADDED Viewed

@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+module Mihari
+  module Analyzers
+    #
+    # Fofa analyzer
+    #
+    class Fofa < Base
+      # @return [String, nil]
+      attr_reader :api_key
+      # @return [String, nil]
+      attr_reader :email
+      #
+      # @param [String] query
+      # @param [Hash, nil] options
+      # @param [String, nil] api_key
+      # @param [String, nil] email
+      #
+      def initialize(query, options: nil, api_key: nil, email: nil)
+        super(query, options: options)
+        @api_key = api_key || Mihari.config.fofa_api_key
+        @email = email || Mihari.config.fofa_email
+      end
+      def artifacts
+        client.search_with_pagination(query, pagination_limit: pagination_limit).map do |res|
+          (res.results || []).map { |result| result[1] }
+        end.flatten.compact
+      end
+      def configuration_keys
+        %w[fofa_api_key fofa_email]
+      end
+      def configured?
+        api_key? && email?
+      end
+      private
+      def api_key?
+        !api_key.nil?
+      end
+      def email?
+        !email.nil?
+      end
+      #
+      # @return [Mihari::Clients::Fofa]
+      #
+      def client
+        Clients::Fofa.new(
+          api_key: api_key,
+          email: email,
+          pagination_interval: pagination_interval,
+          timeout: timeout
+        )
+      end
+    end
+  end
+end

data/lib/mihari/analyzers/greynoise.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Analyzers
+    #
+    # GreyNoise analyzer
+    #
     class GreyNoise < Base
       # @return [String, nil]
       attr_reader :api_key
@@ -31,7 +34,7 @@ module Mihari
       private
       def client
-        @client ||= Clients::GreyNoise.new(
+        Clients::GreyNoise.new(
           api_key: api_key,
           pagination_interval: pagination_interval,
           timeout: timeout

data/lib/mihari/analyzers/hunterhow.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Analyzers
+    #
+    # hunter.how analyzer
+    #
     class HunterHow < Base
       # @return [String, nil]
       attr_reader :api_key
@@ -14,6 +17,8 @@ module Mihari
       #
       # @param [String] query
+      # @param [Date] start_time
+      # @param [Date] end_time
       # @param [Hash, nil] options
       # @param [String, nil] api_key
       #
@@ -46,7 +51,7 @@ module Mihari
       private
       def client
-        @client ||= Clients::HunterHow.new(
+        Clients::HunterHow.new(
           api_key: api_key,
           pagination_interval: pagination_interval,
           timeout: timeout

data/lib/mihari/analyzers/onyphe.rb CHANGED Viewed

@@ -4,6 +4,9 @@ require "normalize_country"
 module Mihari
   module Analyzers
+    #
+    # Onyphe analyzer
+    #
     class Onyphe < Base
       # @return [String, nil]
       attr_reader :api_key
@@ -33,7 +36,7 @@ module Mihari
       private
       def client
-        @client ||= Clients::Onyphe.new(
+        Clients::Onyphe.new(
           api_key: api_key,
           pagination_interval: pagination_interval,
           timeout: timeout

data/lib/mihari/analyzers/otx.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Analyzers
+    #
+    # OTX analyzer
+    #
     class OTX < Base
       include Mixins::Refang
@@ -42,7 +45,7 @@ module Mihari
       private
       def client
-        @client ||= Mihari::Clients::OTX.new(api_key: api_key, timeout: timeout)
+        Mihari::Clients::OTX.new(api_key: api_key, timeout: timeout)
       end
       #

data/lib/mihari/analyzers/passivetotal.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Analyzers
+    #
+    # PassiveTotal analyzer
+    #
     class PassiveTotal < Base
       include Mixins::Refang
@@ -62,7 +65,7 @@ module Mihari
       private
       def client
-        @client ||= Clients::PassiveTotal.new(username: username, api_key: api_key, timeout: timeout)
+        Clients::PassiveTotal.new(username: username, api_key: api_key, timeout: timeout)
       end
       #

data/lib/mihari/analyzers/pulsedive.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Analyzers
+    #
+    # Pulsedive analyzer
+    #
     class Pulsedive < Base
       include Mixins::Refang

data/lib/mihari/analyzers/securitytrails.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Analyzers
+    #
+    # SecurityTrails
+    #
     class SecurityTrails < Base
       include Mixins::Refang
@@ -56,7 +59,7 @@ module Mihari
       private
       def client
-        @client ||= Clients::SecurityTrails.new(api_key: api_key, timeout: timeout)
+        Clients::SecurityTrails.new(api_key: api_key, timeout: timeout)
       end
       #

data/lib/mihari/analyzers/shodan.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Analyzers
+    #
+    # Shodan analyzer
+    #
     class Shodan < Base
       # @return [String, nil]
       attr_reader :api_key
@@ -34,7 +37,7 @@ module Mihari
       # @return [Clients::Shodan]
       #
       def client
-        @client ||= Clients::Shodan.new(
+        Clients::Shodan.new(
           api_key: api_key,
           pagination_interval: pagination_interval,
           timeout: timeout

data/lib/mihari/analyzers/urlscan.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Analyzers
+    #
+    # urlscan.io analyzer
+    #
     class Urlscan < Base
       SUPPORTED_DATA_TYPES = %w[url domain ip].freeze
@@ -44,7 +47,7 @@ module Mihari
       private
       def client
-        @client ||= Clients::UrlScan.new(
+        Clients::Urlscan.new(
           api_key: api_key,
           pagination_interval: pagination_interval,
           timeout: timeout

data/lib/mihari/analyzers/virustotal.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Analyzers
+    #
+    # VirusTotal analyzer
+    #
     class VirusTotal < Base
       include Mixins::Refang
@@ -51,7 +54,7 @@ module Mihari
       private
       def client
-        @client = Clients::VirusTotal.new(api_key: api_key)
+        Clients::VirusTotal.new(api_key: api_key)
       end
       #

data/lib/mihari/analyzers/virustotal_intelligence.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Analyzers
+    #
+    # VirusTotal Intelligence analyzer
+    #
     class VirusTotalIntelligence < Base
       # @return [String, nil]
       attr_reader :api_key
@@ -49,7 +52,7 @@ module Mihari
       # @return [::VirusTotal::API]
       #
       def client
-        @client = Clients::VirusTotal.new(
+        Clients::VirusTotal.new(
           api_key: api_key,
           pagination_interval: pagination_interval,
           timeout: timeout

data/lib/mihari/analyzers/zoomeye.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Analyzers
+    #
+    # ZoomEye analyzer
+    #
     class ZoomEye < Base
       # @return [String, nil]
       attr_reader :api_key
@@ -53,7 +56,7 @@ module Mihari
       end
       def client
-        @client ||= Clients::ZoomEye.new(
+        Clients::ZoomEye.new(
           api_key: api_key,
           pagination_interval: pagination_interval,
           timeout: timeout
@@ -63,7 +66,7 @@ module Mihari
       #
       # Convert responses into an array of String
       #
-      # @param [Hash] response
+      # @param [Hash] res
       #
       # @return [Array<Mihari::Models::Artifact>]
       #

data/lib/mihari/cli/alert.rb CHANGED Viewed

@@ -4,6 +4,9 @@ require "mihari/commands/alert"
 module Mihari
   module CLI
+    #
+    # Alert CLI class (mihari alert ...)
+    #
     class Alert < Base
       include Mihari::Commands::Alert
     end

data/lib/mihari/cli/base.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module CLI
+    #
+    # Base class for Thor classes
+    #
     class Base < Thor
       class << self
         def exit_on_failure?

data/lib/mihari/cli/database.rb CHANGED Viewed

@@ -4,6 +4,9 @@ require "mihari/commands/database"
 module Mihari
   module CLI
+    #
+    # Database CLI class (mihari db ...)
+    #
     class Database < Base
       include Mihari::Commands::Database
     end

data/lib/mihari/cli/main.rb CHANGED Viewed

@@ -19,6 +19,9 @@ require "mihari/cli/rule"
 module Mihari
   module CLI
+    #
+    # Main CLI class
+    #
     class Main < Base
       class_option :debug, desc: "Sets up debug mode", aliases: ["-d"], type: :boolean
       class_around :safe_execute

data/lib/mihari/cli/rule.rb CHANGED Viewed

@@ -4,6 +4,9 @@ require "mihari/commands/rule"
 module Mihari
   module CLI
+    #
+    # Rule CLI class (mihari rule ...)
+    #
     class Rule < Base
       include Mihari::Commands::Rule
     end

data/lib/mihari/clients/base.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Clients
+    #
+    # Base class for API clients
+    #
     class Base
       # @return [String]
       attr_reader :base_url

data/lib/mihari/clients/binaryedge.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Clients
+    #
+    # BinaryEdge API client
+    #
     class BinaryEdge < Base
       #
       # @param [String] base_url
@@ -27,7 +30,7 @@ module Mihari
       # @param [Integer] page Default 1, Maximum: 500
       # @param [Integer, nil] only_ips If selected, only output IP addresses, ports and protocols.
       #
-      # @return [Structs::BinaryEdge::Response]
+      # @return [Mihari::Structs::BinaryEdge::Response]
       #
       def search(query, page: 1, only_ips: nil)
         params = {
@@ -45,7 +48,7 @@ module Mihari
       # @param [Integer, nil] only_ips
       # @param [Integer] pagination_limit
       #
-      # @return [Enumerable<Structs::BinaryEdge::Response.>]
+      # @return [Enumerable<Mihari::Structs::BinaryEdge::Response>]
       #
       def search_with_pagination(query, only_ips: nil, pagination_limit: Mihari.config.pagination_limit)
         Enumerator.new do |y|

data/lib/mihari/clients/censys.rb CHANGED Viewed

@@ -4,6 +4,9 @@ require "base64"
 module Mihari
   module Clients
+    #
+    # Censys API client
+    #
     class Censys < Base
       #
       # @param [String] base_url
@@ -36,10 +39,10 @@ module Mihari
       # For more details, see our documentation: https://search.censys.io/api/v2/docs
       #
       # @param [String] query the query to be executed.
-      # @params [Integer, nil] per_page the number of results to be returned for each page.
-      # @params [Integer, nil] cursor the cursor of the desired result set.
+      # @param [Integer, nil] per_page the number of results to be returned for each page.
+      # @param [Integer, nil] cursor the cursor of the desired result set.
       #
-      # @return [Structs::Censys::Response]
+      # @return [Mihari::Structs::Censys::Response]
       #
       def search(query, per_page: nil, cursor: nil)
         params = { q: query, per_page: per_page, cursor: cursor }.compact
@@ -52,7 +55,7 @@ module Mihari
       # @param [Integer, nil] per_page
       # @param [Integer] pagination_limit
       #
-      # @return [Enumerable<Structs::Censys::Response>]
+      # @return [Enumerable<Mihari::Structs::Censys::Response>]
       #
       def search_with_pagination(query, per_page: nil, pagination_limit: Mihari.config.pagination_limit)
         cursor = nil

data/lib/mihari/clients/circl.rb CHANGED Viewed

@@ -4,6 +4,9 @@ require "base64"
 module Mihari
   module Clients
+    #
+    # CIRCL passive DNS/SSL API client
+    #
     class CIRCL < Base
       #
       # @param [String] base_url

data/lib/mihari/clients/crtsh.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Clients
+    #
+    # crt.sh API client
+    #
     class Crtsh < Base
       #
       # @param [String] base_url

data/lib/mihari/clients/dnstwister.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Clients
+    #
+    # DNSTwister API client
+    #
     class DNSTwister < Base
       #
       # @param [String] base_url

data/lib/mihari/clients/fofa.rb ADDED Viewed

@@ -0,0 +1,83 @@
+# frozen_string_literal: true
+require "base64"
+module Mihari
+  module Clients
+    #
+    # Fofa API client
+    #
+    class Fofa < Base
+      PAGE_SIZE = 10_000
+      # @return [String]
+      attr_reader :api_key
+      # @return [String]
+      attr_reader :email
+      #
+      # @param [String] base_url
+      # @param [String, nil] api_key
+      # @param [String, nil] email
+      # @param [Hash] headers
+      # @param [Integer] pagination_interval
+      # @param [Integer, nil] timeout
+      #
+      # @param [Object] email
+      def initialize(
+        base_url = "https://fofa.info/",
+        api_key:,
+        email:,
+        headers: {},
+        pagination_interval: Mihari.config.pagination_interval,
+        timeout: nil
+      )
+        raise(ArgumentError, "api_key is required") unless api_key
+        raise(ArgumentError, "email is required") unless email
+        @api_key = api_key
+        @email = email
+        super(base_url, headers: headers, pagination_interval: pagination_interval, timeout: timeout)
+      end
+      #
+      # @param [String] query
+      # @param [Integer] size
+      # @param [Integer] page
+      #
+      # @return [Mihari::Structs::Fofa::Response]
+      #
+      def search(query, page:, size: PAGE_SIZE)
+        qbase64 = Base64.urlsafe_encode64(query)
+        params = { qbase64: qbase64, size: size, page: page, email: email, key: api_key }.compact
+        res = get("/api/v1/search/all", params: params)
+        Structs::Fofa::Response.from_dynamic! JSON.parse(res.body.to_s)
+      end
+      #
+      # @param [String] query
+      # @param [Integer] size
+      # @param [Integer] pagination_limit
+      #
+      # @return [Enumerable<Mihari::Structs::Fofa::Response>]
+      #
+      def search_with_pagination(query, size: PAGE_SIZE, pagination_limit: Mihari.config.pagination_limit)
+        Enumerator.new do |y|
+          (1..pagination_limit).each do |page|
+            res = search(query, page: page, size: size)
+            y.yield res
+            break if res.error
+            break if (res.results || []).length < size
+            sleep_pagination_interval
+          end
+        end
+      end
+    end
+  end
+end

data/lib/mihari/clients/greynoise.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Clients
+    #
+    # GreyNoise API client
+    #
     class GreyNoise < Base
       PAGE_SIZE = 10_000
@@ -32,7 +35,7 @@ module Mihari
       # @param [Integer] size Maximum amount of results to grab
       # @param [Integer, nil] scroll Scroll token to paginate through results
       #
-      # @return [Hash]
+      # @return [Mihari::Structs::GreyNoise::Response]
       #
       def gnql_search(query, size: PAGE_SIZE, scroll: nil)
         params = { query: query, size: size, scroll: scroll }.compact
@@ -45,7 +48,7 @@ module Mihari
       # @param [Integer] size
       # @param [Integer] pagination_limit
       #
-      # @return [Enumerable<Structs::GreyNoise::Response>]
+      # @return [Enumerable<Mihari::Structs::GreyNoise::Response>]
       #
       def gnql_search_with_pagination(query, size: PAGE_SIZE, pagination_limit: Mihari.config.pagination_limit)
         scroll = nil

data/lib/mihari/clients/hunterhow.rb CHANGED Viewed

@@ -4,6 +4,9 @@ require "base64"
 module Mihari
   module Clients
+    #
+    # hunter.how API client
+    #
     class HunterHow < Base
       PAGE_SIZE = 100
@@ -38,7 +41,7 @@ module Mihari
       # @param [String] start_time
       # @param [String] end_time
       #
-      # @return [Structs::HunterHow::Response]
+      # @return [Mihari::Structs::HunterHow::Response]
       #
       def search(query, start_time:, end_time:, page: 1, page_size: PAGE_SIZE)
         params = {
@@ -60,7 +63,7 @@ module Mihari
       # @param [String] start_time
       # @param [String] end_time
       #
-      # @return [Enumerable<Structs::HunterHow::Response>]
+      # @return [Enumerable<Mihari::Structs::HunterHow::Response>]
       #
       def search_with_pagination(
         query,

data/lib/mihari/clients/misp.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Mihari
   module Clients
+    #
+    # MISP API client
+    #
     class MISP < Base
       #
       # @param [String] base_url