mihari 5.6.2 → 5.7.1

data/lib/mihari/web/public/assets/mode-yaml-24faa242.js

@@ -0,0 +1,8 @@
+ace.define("ace/mode/yaml_highlight_rules",["require","exports","module","ace/lib/oop","ace/mode/text_highlight_rules"],function(e,t,n){"use strict";var r=e("../lib/oop"),i=e("./text_highlight_rules").TextHighlightRules,s=function(){this.$rules={start:[{token:"comment",regex:"#.*$"},{token:"list.markup",regex:/^(?:-{3}|\.{3})\s*(?=#|$)/},{token:"list.markup",regex:/^\s*[\-?](?:$|\s)/},{token:"constant",regex:"!![\\w//]+"},{token:"constant.language",regex:"[&\\*][a-zA-Z0-9-_]+"},{token:["meta.tag","keyword"],regex:/^(\s*\w[^\s:]*?)(:(?=\s|$))/},{token:["meta.tag","keyword"],regex:/(\w[^\s:]*?)(\s*:(?=\s|$))/},{token:"keyword.operator",regex:"<<\\w*:\\w*"},{token:"keyword.operator",regex:"-\\s*(?=[{])"},{token:"string",regex:'["](?:(?:\\\\.)|(?:[^"\\\\]))*?["]'},{token:"string",regex:/[|>][-+\d]*(?:$|\s+(?:$|#))/,onMatch:function(e,t,n,r){r=r.replace(/ #.*/,"");var i=/^ *((:\s*)?-(\s*[^|>])?)?/.exec(r)[0].replace(/\S\s*$/,"").length,s=parseInt(/\d+[\s+-]*$/.exec(r));return s?(i+=s-1,this.next="mlString"):this.next="mlStringPre",n.length?(n[0]=this.next,n[1]=i):(n.push(this.next),n.push(i)),this.token},next:"mlString"},{token:"string",regex:"['](?:(?:\\\\.)|(?:[^'\\\\]))*?[']"},{token:"constant.numeric",regex:/(\b|[+\-\.])[\d_]+(?:(?:\.[\d_]*)?(?:[eE][+\-]?[\d_]+)?)(?=[^\d-\w]|$)$/},{token:"constant.numeric",regex:/[+\-]?\.inf\b|NaN\b|0x[\dA-Fa-f_]+|0b[10_]+/},{token:"constant.language.boolean",regex:"\\b(?:true|false|TRUE|FALSE|True|False|yes|no)\\b"},{token:"paren.lparen",regex:"[[({]"},{token:"paren.rparen",regex:"[\\])}]"},{token:"text",regex:/[^\s,:\[\]\{\}]+/}],mlStringPre:[{token:"indent",regex:/^ *$/},{token:"indent",regex:/^ */,onMatch:function(e,t,n){var r=n[1];return r>=e.length?(this.next="start",n.shift(),n.shift()):(n[1]=e.length-1,this.next=n[0]="mlString"),this.token},next:"mlString"},{defaultToken:"string"}],mlString:[{token:"indent",regex:/^ *$/},{token:"indent",regex:/^ */,onMatch:function(e,t,n){var r=n[1];return r>=e.length?(this.next="start",n.splice(0)):this.next="mlString",this.token},next:"mlString"},{token:"string",regex:".+"}]},this.normalizeRules()};r.inherits(s,i),t.YamlHighlightRules=s}),ace.define("ace/mode/matching_brace_outdent",["require","exports","module","ace/range"],function(e,t,n){"use strict";var r=e("../range").Range,i=function(){};(function(){this.checkOutdent=function(e,t){return/^\s+$/.test(e)?/^\s*\}/.test(t):!1},this.autoOutdent=function(e,t){var n=e.getLine(t),i=n.match(/^(\s*\})/);if(!i)return 0;var s=i[1].length,o=e.findMatchingBracket({row:t,column:s});if(!o||o.row==t)return 0;var u=this.$getIndent(e.getLine(o.row));e.replace(new r(t,0,t,s-1),u)},this.$getIndent=function(e){return e.match(/^\s*/)[0]}}).call(i.prototype),t.MatchingBraceOutdent=i}),ace.define("ace/mode/folding/coffee",["require","exports","module","ace/lib/oop","ace/mode/folding/fold_mode","ace/range"],function(e,t,n){"use strict";var r=e("../../lib/oop"),i=e("./fold_mode").FoldMode,s=e("../../range").Range,o=t.FoldMode=function(){};r.inherits(o,i),function(){this.commentBlock=function(e,t){var n=/\S/,r=e.getLine(t),i=r.search(n);if(i==-1||r[i]!="#")return;var o=r.length,u=e.getLength(),a=t,f=t;while(++t<u){r=e.getLine(t);var l=r.search(n);if(l==-1)continue;if(r[l]!="#")break;f=t}if(f>a){var c=e.getLine(f).length;return new s(a,o,f,c)}},this.getFoldWidgetRange=function(e,t,n){var r=this.indentationBlock(e,n);if(r)return r;r=this.commentBlock(e,n);if(r)return r},this.getFoldWidget=function(e,t,n){var r=e.getLine(n),i=r.search(/\S/),s=e.getLine(n+1),o=e.getLine(n-1),u=o.search(/\S/),a=s.search(/\S/);if(i==-1)return e.foldWidgets[n-1]=u!=-1&&u<a?"start":"","";if(u==-1){if(i==a&&r[i]=="#"&&s[i]=="#")return e.foldWidgets[n-1]="",e.foldWidgets[n+1]="","start"}else if(u==i&&r[i]=="#"&&o[i]=="#"&&e.getLine(n-2).search(/\S/)==-1)return e.foldWidgets[n-1]="start",e.foldWidgets[n+1]="","";return u!=-1&&u<i?e.foldWidgets[n-1]="start":e.foldWidgets[n-1]="",i<a?"start":""}}.call(o.prototype)}),ace.define("ace/mode/folding/yaml",["require","exports","module","ace/lib/oop","ace/mode/folding/coffee","ace/range"],function(e,t,n){"use strict";var r=e("../../lib/oop"),i=e("./coffee").FoldMode,s=e("../../range").Range,o=t.FoldMode=function(){};r.inherits(o,i),function(){this.getFoldWidgetRange=function(e,t,n){var r=/\S/,i=e.getLine(n),o=i.search(r),u=i[o]==="#",a=i[o]==="-";if(o==-1)return;var f=i.length,l=e.getLength(),c=n,h=n;if(u){var p=this.commentBlock(e,n);if(p)return p}else if(a){var p=this.indentationBlock(e,n);if(p)return p}else while(++n<l){var i=e.getLine(n),d=i.search(r);if(d==-1)continue;if(d<=o&&i[o]!=="-"){var v=e.getTokenAt(n,0);if(!v||v.type!=="string")break}h=n}if(h>c){var m=e.getLine(h).length;return new s(c,f,h,m)}},this.getFoldWidget=function(e,t,n){var r=e.getLine(n),i=r.search(/\S/),s=e.getLine(n+1),o=e.getLine(n-1),u=o.search(/\S/),a=s.search(/\S/),f=r[i]==="-";if(i==-1)return e.foldWidgets[n-1]=u!=-1&&u<a?"start":"","";if(u==-1){if(i==a&&r[i]=="#"&&s[i]=="#")return e.foldWidgets[n-1]="",e.foldWidgets[n+1]="","start"}else if(u==i&&r[i]=="#"&&o[i]=="#"&&e.getLine(n-2).search(/\S/)==-1)return e.foldWidgets[n-1]="start",e.foldWidgets[n+1]="","";return u!=-1&&u<i?e.foldWidgets[n-1]="start":u!=-1&&u==i&&f?e.foldWidgets[n-1]="start":e.foldWidgets[n-1]="",i<a?"start":""}}.call(o.prototype)}),ace.define("ace/mode/yaml",["require","exports","module","ace/lib/oop","ace/mode/text","ace/mode/yaml_highlight_rules","ace/mode/matching_brace_outdent","ace/mode/folding/yaml","ace/worker/worker_client"],function(e,t,n){"use strict";var r=e("../lib/oop"),i=e("./text").Mode,s=e("./yaml_highlight_rules").YamlHighlightRules,o=e("./matching_brace_outdent").MatchingBraceOutdent,u=e("./folding/yaml").FoldMode,a=e("../worker/worker_client").WorkerClient,f=function(){this.HighlightRules=s,this.$outdent=new o,this.foldingRules=new u,this.$behaviour=this.$defaultBehaviour};r.inherits(f,i),function(){this.lineCommentStart=["#"],this.getNextLineIndent=function(e,t,n){var r=this.$getIndent(t);if(e=="start"){var i=t.match(/^.*[\{\(\[]\s*$/);i&&(r+=n)}return r},this.checkOutdent=function(e,t,n){return this.$outdent.checkOutdent(t,n)},this.autoOutdent=function(e,t,n){this.$outdent.autoOutdent(t,n)},this.createWorker=function(e){var t=new a(["ace"],"ace/mode/yaml_worker","YamlWorker");return t.attachToDocument(e.getDocument()),t.on("annotate",function(t){e.setAnnotations(t.data)}),t.on("terminate",function(){e.clearAnnotations()}),t},this.$id="ace/mode/yaml"}.call(f.prototype),t.Mode=f});                (function() {
+                    ace.require(["ace/mode/yaml"], function(m) {
+                        if (typeof module == "object" && typeof exports == "object" && module) {
+                            module.exports = m;
+                        }
+                    });
+                })();
+            

data/lib/mihari/web/public/index.html

@@ -6,7 +6,7 @@
     <meta name="viewport" content="width=device-width,initial-scale=1.0" />
     <link rel="icon" href="/favicon.ico" />
     <title>Mihari</title>
-    <script type="module" crossorigin src="/assets/index-28d4c79d.js"></script>
+    <script type="module" crossorigin src="/assets/index-07fafab5.js"></script>
     <link rel="stylesheet" href="/assets/index-56fc2187.css">
   </head>
   <body>

data/lib/mihari.rb

@@ -3,8 +3,6 @@
 # standard libs
 require "ipaddr"
 require "json"
-require "net/http"
-require "net/https"
 require "resolv"
 require "yaml"
 
@@ -59,17 +57,23 @@ require "mihari/mixins/error_notification"
 require "mihari/mixins/refang"
 require "mihari/mixins/retriable"
 
+#
+# Mihari module
+#
 module Mihari
   class << self
     include Memist::Memoizable
 
+    #
+    # @return [Array<Mihari::Emitters::Base>]
+    #
     def emitters
       []
     end
     memoize :emitters
 
     #
-    # @return [Hash<String, Mihari::Enrichers::Base>]
+    # @return [Hash{String => Mihari::Enrichers::Base}]
     #
     def emitter_to_class
       @emitter_to_class ||= emitters.flat_map do |klass|
@@ -77,13 +81,16 @@ module Mihari
       end.to_h
     end
 
+    #
+    # @return [Array<Mihari::Analyzers::Base>]
+    #
     def analyzers
       []
     end
     memoize :analyzers
 
     #
-    # @return [Hash<String, Mihari::Analyzers::Base>]
+    # @return [Hash{String => Mihari::Analyzers::Base}]
     #
     def analyzer_to_class
       @analyzer_to_class ||= analyzers.flat_map do |klass|
@@ -91,13 +98,16 @@ module Mihari
       end.to_h
     end
 
+    #
+    # @return [Array<Mihari::Enrichers::Base>]
+    #
     def enrichers
       []
     end
     memoize :enrichers
 
     #
-    # @return [Hash<String, Mihari::Enrichers::Base>]
+    # @return [Hash{String => Mihari::Enrichers::Base}]
     #
     def enricher_to_class
       @enricher_to_class ||= enrichers.flat_map do |klass|
@@ -105,6 +115,9 @@ module Mihari
       end.to_h
     end
 
+    #
+    # @return [Mihari::Config]
+    #
     def config
       @config ||= Config.new
     end
@@ -130,7 +143,10 @@ module Mihari
 end
 
 # Core classes
+require "mihari/service"
+
 require "mihari/actor"
+
 require "mihari/database"
 require "mihari/http"
 require "mihari/type_checker"
@@ -174,6 +190,7 @@ require "mihari/clients/censys"
 require "mihari/clients/circl"
 require "mihari/clients/crtsh"
 require "mihari/clients/dnstwister"
+require "mihari/clients/fofa"
 require "mihari/clients/greynoise"
 require "mihari/clients/hunterhow"
 require "mihari/clients/misp"
@@ -197,6 +214,7 @@ require "mihari/analyzers/circl"
 require "mihari/analyzers/crtsh"
 require "mihari/analyzers/dnstwister"
 require "mihari/analyzers/feed"
+require "mihari/analyzers/fofa"
 require "mihari/analyzers/greynoise"
 require "mihari/analyzers/hunterhow"
 require "mihari/analyzers/onyphe"
@@ -221,6 +239,7 @@ require "mihari/structs/binaryedge"
 require "mihari/structs/censys"
 require "mihari/structs/config"
 require "mihari/structs/filters"
+require "mihari/structs/fofa"
 require "mihari/structs/google_public_dns"
 require "mihari/structs/greynoise"
 require "mihari/structs/ipinfo"
@@ -245,7 +264,6 @@ require "mihari/services/rule_builder"
 require "mihari/services/rule_runner"
 
 require "mihari/services/alert_builder"
-require "mihari/services/alert_proxy"
 require "mihari/services/alert_runner"
 
 # Entities

data/mihari.gemspec

@@ -10,6 +10,10 @@ def ci_env?
   ENV["CI"]
 end
 
+def is_ruby2?
+  RUBY_VERSION.to_s.start_with?("2.")
+end
+
 Gem::Specification.new do |spec|
   spec.name = "mihari"
   spec.version = Mihari::VERSION
@@ -27,7 +31,7 @@ Gem::Specification.new do |spec|
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
   spec.files = Dir.chdir(File.expand_path(__dir__)) do
-    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features|images|docker|.github)/}) }
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(.github|.vscode|docs|docker|frontend|images|spec|)/}) }
   end
   # Include frontend assets in lib/mihari/web/public
   spec.files += Dir.glob("lib/mihari/web/public/**/*")
@@ -56,6 +60,8 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "vcr", "~> 6.2"
   spec.add_development_dependency "webmock", "~> 3.19"
 
+  spec.add_development_dependency "rubocop-yard", "~> 0.7" unless is_ruby2?
+
   unless ci_env?
     spec.add_development_dependency "lefthook", "~> 1.5"
     spec.add_development_dependency "solargraph", "~> 0.49"
@@ -63,6 +69,7 @@ Gem::Specification.new do |spec|
 
   spec.add_dependency "activerecord", "7.1.1"
   spec.add_dependency "addressable", "2.8.5"
+  spec.add_dependency "anyway_config", "2.5.4"
   spec.add_dependency "awrence", "2.0.1"
   spec.add_dependency "dotenv", "2.8.1"
   spec.add_dependency "dry-container", "0.11.0"
@@ -91,7 +98,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency "semantic_logger", "4.14.0"
   spec.add_dependency "sentry-ruby", "5.12.0"
   spec.add_dependency "slack-notifier", "2.4.0"
-  spec.add_dependency "sqlite3", "1.6.7"
+  spec.add_dependency "sqlite3", "1.6.8"
   spec.add_dependency "thor", "1.3.0"
   spec.add_dependency "thor-hollaback", "0.2.1"
   spec.add_dependency "uuidtools", "2.2.0"

data/mkdocs.yml

@@ -16,6 +16,7 @@ nav:
   - Usage: usage.md
   - Configuration: configuration.md
   - Tips:
+      - Docker: docker.md
       - GitHub Actions: github_actions.md
       - Alternatives: alternatives.md
   - References:
@@ -29,6 +30,7 @@ markdown_extensions:
       permalink: true
   - admonition
   - pymdownx.details
-  - pymdownx.superfences
-  - pymdownx.highlight
   - pymdownx.extra
+  - pymdownx.highlight
+  - pymdownx.magiclink
+  - pymdownx.superfences

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mihari
 version: !ruby/object:Gem::Version
-  version: 5.6.2
+  version: 5.7.1
 platform: ruby
 authors:
 - Manabu Niseki
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-10-28 00:00:00.000000000 Z
+date: 2023-11-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -276,6 +276,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.19'
+- !ruby/object:Gem::Dependency
+  name: rubocop-yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.7'
 - !ruby/object:Gem::Dependency
   name: lefthook
   requirement: !ruby/object:Gem::Requirement
@@ -332,6 +346,20 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 2.8.5
+- !ruby/object:Gem::Dependency
+  name: anyway_config
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 2.5.4
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 2.5.4
 - !ruby/object:Gem::Dependency
   name: awrence
   requirement: !ruby/object:Gem::Requirement
@@ -730,14 +758,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.6.7
+        version: 1.6.8
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.6.7
+        version: 1.6.8
 - !ruby/object:Gem::Dependency
   name: thor
   requirement: !ruby/object:Gem::Requirement
@@ -828,132 +856,7 @@ files:
 - bin/setup
 - build_frontend.sh
 - config.ru
-- docs/alternatives.md
-- docs/analyzers/binaryedge.md
-- docs/analyzers/censys.md
-- docs/analyzers/circl.md
-- docs/analyzers/crtsh.md
-- docs/analyzers/dnstwister.md
-- docs/analyzers/feed.md
-- docs/analyzers/greynoise.md
-- docs/analyzers/hunterhow.md
-- docs/analyzers/index.md
-- docs/analyzers/onyphe.md
-- docs/analyzers/otx.md
-- docs/analyzers/passivetotal.md
-- docs/analyzers/pulsedive.md
-- docs/analyzers/securitytrails.md
-- docs/analyzers/shodan.md
-- docs/analyzers/urlscan.md
-- docs/analyzers/virustotal.md
-- docs/analyzers/virustotal_intelligence.md
-- docs/analyzers/zoomeye.md
-- docs/configuration.md
-- docs/emitters/database.md
-- docs/emitters/hive.md
-- docs/emitters/index.md
-- docs/emitters/misp.md
-- docs/emitters/slack.md
-- docs/emitters/webhook.md
-- docs/enrichers/google_public_dns.md
-- docs/enrichers/index.md
-- docs/enrichers/ipinfo.md
-- docs/enrichers/shodan.md
-- docs/enrichers/whois.md
-- docs/github_actions.md
-- docs/index.md
-- docs/installation.md
-- docs/requirements.md
-- docs/rule.md
-- docs/tags.md
-- docs/usage.md
 - exe/mihari
-- frontend/.eslintrc.cjs
-- frontend/.gitignore
-- frontend/.prettierrc.json
-- frontend/README.md
-- frontend/env.d.ts
-- frontend/index.html
-- frontend/package-lock.json
-- frontend/package.json
-- frontend/public/favicon.ico
-- frontend/scripts/swagger_doc_to_yaml.rb
-- frontend/src/App.vue
-- frontend/src/ace-config.ts
-- frontend/src/api-helper.ts
-- frontend/src/api.ts
-- frontend/src/components/ErrorMessage.vue
-- frontend/src/components/Loading.vue
-- frontend/src/components/Navbar.vue
-- frontend/src/components/Pagination.vue
-- frontend/src/components/alert/Alert.vue
-- frontend/src/components/alert/Alerts.vue
-- frontend/src/components/alert/AlertsWithPagination.vue
-- frontend/src/components/alert/AlertsWrapper.vue
-- frontend/src/components/alert/Form.vue
-- frontend/src/components/artifact/AS.vue
-- frontend/src/components/artifact/Artifact.vue
-- frontend/src/components/artifact/ArtifactTag.vue
-- frontend/src/components/artifact/ArtifactTags.vue
-- frontend/src/components/artifact/ArtifactWrapper.vue
-- frontend/src/components/artifact/CPEs.vue
-- frontend/src/components/artifact/DnsRecords.vue
-- frontend/src/components/artifact/Ports.vue
-- frontend/src/components/artifact/ReverseDnsNames.vue
-- frontend/src/components/artifact/Tags.vue
-- frontend/src/components/artifact/WhoisRecord.vue
-- frontend/src/components/config/Configs.vue
-- frontend/src/components/config/ConfigsWrapper.vue
-- frontend/src/components/link/Link.vue
-- frontend/src/components/link/Links.vue
-- frontend/src/components/rule/EditRule.vue
-- frontend/src/components/rule/EditRuleWrapper.vue
-- frontend/src/components/rule/Form.vue
-- frontend/src/components/rule/InputForm.vue
-- frontend/src/components/rule/NewRule.vue
-- frontend/src/components/rule/Rule.vue
-- frontend/src/components/rule/RuleWrapper.vue
-- frontend/src/components/rule/Rules.vue
-- frontend/src/components/rule/RulesWrapper.vue
-- frontend/src/components/rule/YAML.vue
-- frontend/src/components/tag/Tag.vue
-- frontend/src/components/tag/Tags.vue
-- frontend/src/countries.ts
-- frontend/src/index.ts
-- frontend/src/links/anyrun.ts
-- frontend/src/links/base.ts
-- frontend/src/links/censys.ts
-- frontend/src/links/crtsh.ts
-- frontend/src/links/dnslytics.ts
-- frontend/src/links/greynoise.ts
-- frontend/src/links/index.ts
-- frontend/src/links/intezer.ts
-- frontend/src/links/otx.ts
-- frontend/src/links/securitytrails.ts
-- frontend/src/links/shodan.ts
-- frontend/src/links/urlscan.ts
-- frontend/src/links/virustotal.ts
-- frontend/src/main.ts
-- frontend/src/router/index.ts
-- frontend/src/rule.ts
-- frontend/src/shims-vue.d.ts
-- frontend/src/swagger.yaml
-- frontend/src/types.ts
-- frontend/src/utils.ts
-- frontend/src/views/Alerts.vue
-- frontend/src/views/Artifact.vue
-- frontend/src/views/Configs.vue
-- frontend/src/views/EditRule.vue
-- frontend/src/views/NewRule.vue
-- frontend/src/views/Rule.vue
-- frontend/src/views/Rules.vue
-- frontend/tests/utils.spec.ts
-- frontend/tsconfig.app.json
-- frontend/tsconfig.json
-- frontend/tsconfig.node.json
-- frontend/tsconfig.vitest.json
-- frontend/vite.config.ts
-- frontend/vitest.config.ts
 - lefthook.yml
 - lib/mihari.rb
 - lib/mihari/actor.rb
@@ -964,6 +867,7 @@ files:
 - lib/mihari/analyzers/crtsh.rb
 - lib/mihari/analyzers/dnstwister.rb
 - lib/mihari/analyzers/feed.rb
+- lib/mihari/analyzers/fofa.rb
 - lib/mihari/analyzers/greynoise.rb
 - lib/mihari/analyzers/hunterhow.rb
 - lib/mihari/analyzers/onyphe.rb
@@ -987,6 +891,7 @@ files:
 - lib/mihari/clients/circl.rb
 - lib/mihari/clients/crtsh.rb
 - lib/mihari/clients/dnstwister.rb
+- lib/mihari/clients/fofa.rb
 - lib/mihari/clients/greynoise.rb
 - lib/mihari/clients/hunterhow.rb
 - lib/mihari/clients/misp.rb
@@ -1065,8 +970,8 @@ files:
 - lib/mihari/schemas/mixins.rb
 - lib/mihari/schemas/options.rb
 - lib/mihari/schemas/rule.rb
+- lib/mihari/service.rb
 - lib/mihari/services/alert_builder.rb
-- lib/mihari/services/alert_proxy.rb
 - lib/mihari/services/alert_runner.rb
 - lib/mihari/services/rule_builder.rb
 - lib/mihari/services/rule_runner.rb
@@ -1074,6 +979,7 @@ files:
 - lib/mihari/structs/censys.rb
 - lib/mihari/structs/config.rb
 - lib/mihari/structs/filters.rb
+- lib/mihari/structs/fofa.rb
 - lib/mihari/structs/google_public_dns.rb
 - lib/mihari/structs/greynoise.rb
 - lib/mihari/structs/hunterhow.rb
@@ -1082,7 +988,6 @@ files:
 - lib/mihari/structs/shodan.rb
 - lib/mihari/structs/urlscan.rb
 - lib/mihari/structs/virustotal_intelligence.rb
-- lib/mihari/templates/rule.yml.erb
 - lib/mihari/type_checker.rb
 - lib/mihari/types.rb
 - lib/mihari/version.rb
@@ -1096,9 +1001,9 @@ files:
 - lib/mihari/web/endpoints/tags.rb
 - lib/mihari/web/middleware/connection_adapter.rb
 - lib/mihari/web/middleware/error_notification_adapter.rb
-- lib/mihari/web/public/assets/index-28d4c79d.js
+- lib/mihari/web/public/assets/index-07fafab5.js
 - lib/mihari/web/public/assets/index-56fc2187.css
-- lib/mihari/web/public/assets/mode-yaml-a21faa53.js
+- lib/mihari/web/public/assets/mode-yaml-24faa242.js
 - lib/mihari/web/public/favicon.ico
 - lib/mihari/web/public/index.html
 - lib/mihari/web/public/redoc-static.html

data/docs/alternatives.md

@@ -1,5 +0,0 @@
-# Alternatives
-
-- [InQuest/ThreatIngestor](https://github.com/InQuest/ThreatIngestor) - Extract and aggregate threat intelligence.
-- [thalesgroup-cert/Watcher](https://github.com/thalesgroup-cert/Watcher) - Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
-- [projectdiscovery/uncover](https://github.com/projectdiscovery/uncover) - Quickly discover exposed hosts on the internet using multiple search engines.

data/docs/analyzers/binaryedge.md

@@ -1,26 +0,0 @@
----
-tags:
-  - Artifact:IP
----
-
-# BinaryEdge
-
-- [https://www.binaryedge.io/](https://www.binaryedge.io/)
-
-This analyzer uses [BinaryEdge API V2](https://docs.binaryedge.io/api-v2/) (`/v2/query/search`) to search. Pagination is supported.
-
-```yaml
-analyzer: binaryedge
-query: ...
-api_key: ...
-```
-
-## Components
-
-### Query
-
-`query` (`string`) is a search query.
-
-### API Key
-
-`api_key` (`string`) is an API key. Optional. Defaults to `ENV[”BINARYEDGE_API_KEY"]`.

data/docs/analyzers/censys.md

@@ -1,31 +0,0 @@
----
-tags:
-  - Artifact:IP
----
-
-# Censys
-
-- [https://censys.io/](https://censys.io/)
-
-This analyzer uses [Censys Search 2.0 REST API](https://search.censys.io/api) to search. Pagination is supported.
-
-```yaml
-analyzer: censys
-query: ...
-id: ...
-secret: ...
-```
-
-## Components
-
-### Query
-
-`query` (`string`) is a search query.
-
-### ID
-
-`id` (`string`) is a Cencys ID. Optional. Defaults to `ENV[”CENSYS_ID”]`.
-
-### Secret
-
-`secret` (`string`) is a Cencys secret. Optional. Defaults to `ENV[”CENSYS_SECRET”]`.

data/docs/analyzers/circl.md

@@ -1,37 +0,0 @@
----
-tags:
-  - Artifact:IP
-  - Passive DNS
-  - Passive SSL
----
-
-# CIRCL Passive DNS/SSL
-
-- [https://www.circl.lu/services/passive-dns/](https://www.circl.lu/services/passive-dns/)
-- [https://www.circl.lu/services/passive-ssl/](https://www.circl.lu/services/passive-ssl/)
-
-This analyzer uses CIRCL passive DNS API or passive SSL API:
-
-- Use passive DNS API if a query(input) is a domain
-- Use passive SSL API if a query(input) is a SHA1 certificate fingerprint
-
-```yaml
-analyzer: circl
-query: ...
-password: ...
-username: ...
-```
-
-## Components
-
-### Query
-
-`query` (`string`) is a domain or SHA1 certificate fingerprint.
-
-### Username
-
-`username` (`string`) is a username. Optional. Defaults to `ENV[”CIRCL_PASSIVE_USERNAME”]`.
-
-### Password
-
-`password` (`string`) is a password. Optional. Defaults to `ENV[”CIRCL_PASSIVE_PASSWORD”]`.

data/docs/analyzers/crtsh.md

@@ -1,26 +0,0 @@
----
-tags:
-  - Artifact:Domain
----
-
-# crt.sh
-
-- [https://crt.sh/](https://crt.sh/)
-
-This analyzer uses [crt.sh](http://crt.sh)'s (unofficial?) REST API.
-
-```yaml
-analyzer: crtsh
-query: ...
-exclude_expired: ...
-```
-
-## Components
-
-### Query
-
-`query` (`string`) is a search query.
-
-### Exclude Expired
-
-`exclude_expired` (`boolean`) determines whether to exclude expired domains or not. Optional. Defaults to `true`.

data/docs/analyzers/dnstwister.md

@@ -1,25 +0,0 @@
----
-tags:
-  - Artifact:Domain
----
-
-# dnstwister
-
-- [https://dnstwister.report/](https://dnstwister.report/)
-
-This analyzer uses [dnstwister API](https://dnstwister.report/api/) to search.
-
-```yaml
-analyzer: dnstwister
-query: ...
-```
-
-## Components
-
-### Query
-
-`query` (`string`) is a search query.
-
-!!! tip
-
-    There is no need to input a domain in hexadecimal format. This analyzer automatically converts a domain (in string format) into a hexadecimal value.