本文整理汇总了Python中cybox.core.Object类的典型用法代码示例。如果您正苦于以下问题:Python Object类的具体用法?Python Object怎么用?Python Object使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了Object类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_round_trip
def test_round_trip(self):
o = Object()
o.idref = "example:a1"
o.properties = Address("1.2.3.4", Address.CAT_IPV4)
o2 = cybox.test.round_trip(o)
self.assertEqual(o.to_dict(), o2.to_dict())示例2: buildObservable
def buildObservable(input_dict):
# add incident and confidence
observable = Observable()
observable.description = input_dict['description']
observable.title = input_dict['title']
source = MeasureSource()
source.name = input_dict['source']
observable.observable_source = [source] # figure out why this is necessary
if input_dict['keyword']:
observable.add_keyword(input_dict['keyword'])
"""
event = Event()
event.description = input_dict['event']
observable.event = event
"""
if input_dict['objectType'] and input_dict['object']:
cybObj = Object()
if input_dict['objectType'] == 'Address':
cybObj.properties = Address(input_dict['object'])
elif input_dict['objectType'] == 'File':
cybObj.properties = File()
cybObj.properties.file_path = FilePath(input_dict['object'])
elif input_dict['objectType'] == 'URI':
cybObj.properties = URI(input_dict['object'])
if cybObj:
observable.object_ = cybObj
print observable.to_xml()
return observable示例3: test_properties_not_in_inline
def test_properties_not_in_inline(self):
# https://github.com/CybOXProject/python-cybox/issues/287
o1 = Object(self.domain)
o2 = Object(self.ip)
o1.add_related(self.ip, "Resolved_To", inline=False)
xml = o1.to_xml(encoding=None)
print(xml)
self.assertTrue(o1.id_ in xml)
self.assertTrue(o2.id_ in xml)
self.assertFalse(str(self.ip.address_value) in xml)示例4: generateObservable
def generateObservable(indicator, attribute):
if (attribute["type"] in ("snort", "yara")):
generateTM(indicator, attribute)
else:
observable = None;
if (attribute["type"] in simple_type_to_method.keys()):
action = getattr(this_module, simple_type_to_method[attribute["type"]], None)
if (action != None):
property = action(attribute)
object = Object(property)
object.id_ = cybox.utils.idgen.__generator.namespace.prefix + ":" + property.__class__.__name__ + "-" + attribute["uuid"]
observable = Observable(object)
observable.id_ = cybox.utils.idgen.__generator.namespace.prefix + ":observable-" + attribute["uuid"]
indicator.add_observable(observable)示例5: __init__
def __init__(self, item=None, id_=None):
"""Create an Observable out of 'item'.
`item` can be any of:
- an Object
- an ObservableComposition
- any subclass of ObjectProperties.
In the first two cases, the appropriate property of the Observable will
be set. In the last cases, an Object will be built automatically to
ensure the correct hierarchy is created.
"""
if not id_:
id_ = cybox.utils.create_id(prefix="Observable")
self.id_ = id_
self.title = None
self.description = None
self.object_ = None
self.observable_composition = None
self.idref = None
if not item:
return
if isinstance(item, Object):
self.object_ = item
elif isinstance(item, ObservableComposition):
self.observable_composition = item
elif isinstance(item, ObjectProperties):
if item.parent:
self.object_ = item.parent
else:
self.object_ = Object(item)示例6: populate
def populate(self, entry_dict, static_bundle, malware_subject=None):
if 'file' in entry_dict and len(entry_dict['file'].keys()) > 1:
file_dict = self.create_object_dict(entry_dict['file'])
if malware_subject:
malware_subject.malware_instance_object_attributes = Object.from_dict(file_dict)
# Add the hashes for the Malware Instance Object Attributes
data = open(self.pefile_parser.infile, 'rb').read()
if data:
md5_hash = hashlib.md5(data).hexdigest()
sha1_hash = hashlib.sha1(data).hexdigest()
malware_subject.malware_instance_object_attributes.properties.add_hash(md5_hash)
malware_subject.malware_instance_object_attributes.properties.add_hash(sha1_hash)
else:
static_bundle.add_object(Object.from_dict(file_dict))
if 'pe' in entry_dict and len(entry_dict['pe'].keys()) > 1:
pe_dict = self.create_object_dict(entry_dict['pe'])
static_bundle.add_object(Object.from_dict(pe_dict))示例7: from_dict
def from_dict(observable_dict):
if not observable_dict:
return None
obs = Observable()
obs.id_ = observable_dict.get('id')
obs.title = observable_dict.get('title')
obs.description = StructuredText.from_dict(observable_dict.get('description'))
obs.object_ = Object.from_dict(observable_dict.get('object'))
obs.event = Object.from_dict(observable_dict.get('event'))
obs.observable_composition = ObservableComposition.from_dict(observable_dict.get('observable_composition'))
obs.idref = observable_dict.get('idref')
obs.sighting_count = observable_dict.get('sighting_count')
if observable_dict.get('observable_source'):
obs.observable_source = [MeasureSource.from_dict(x) for x in observable_dict.get('observable_source')]
return obs示例8: from_dict
def from_dict(observable_dict):
if not observable_dict:
return None
from cybox.core import PatternFidelity
obs = Observable()
obs.id_ = observable_dict.get('id')
obs.title = observable_dict.get('title')
obs.description = StructuredText.from_dict(observable_dict.get('description'))
obs.object_ = Object.from_dict(observable_dict.get('object'))
obs.event = Object.from_dict(observable_dict.get('event'))
obs.observable_composition = ObservableComposition.from_dict(observable_dict.get('observable_composition'))
obs.idref = observable_dict.get('idref')
obs.sighting_count = observable_dict.get('sighting_count')
if observable_dict.get('observable_source'):
obs.observable_source = [MeasureSource.from_dict(x) for x in observable_dict.get('observable_source')]
obs.keywords = Keywords.from_dict(observable_dict.get('keywords'))
obs.pattern_fidelity = PatternFidelity.from_dict(observable_dict.get('pattern_fidelity'))
return obs示例9: from_obj
def from_obj(observable_obj):
if not observable_obj:
return None
obs = Observable()
obs.id_ = observable_obj.get_id()
obs.title = observable_obj.get_Title()
obs.description = StructuredText.from_obj(observable_obj.get_Description())
obs.object_ = Object.from_obj(observable_obj.get_Object())
obs.observable_composition = ObservableComposition.from_obj(observable_obj.get_Observable_Composition())
obs.idref = observable_obj.get_idref()
return obs示例10: from_dict
def from_dict(observable_dict):
if not observable_dict:
return None
obs = Observable()
obs.id_ = observable_dict.get('id')
obs.title = observable_dict.get('title')
obs.description = StructuredText.from_dict(observable_dict.get('description'))
obs.object_ = Object.from_dict(observable_dict.get('object'))
obs.observable_composition = ObservableComposition.from_dict(observable_dict.get('observable_composition'))
obs.idref = observable_dict.get('idref')
return obs示例11: prune_objects
def prune_objects(self, candidate_indicator_objects):
"""Perform contraindicator and required property checking and prune un-wanted
properties from the input list of candidate Indicator CybOX Objects.
Args:
candidate_indicator_objects: a list of ``maec.bundle.object_history.ObjectHistoryEntry`` objects representing
the initial list of CybOX Objects that may be used in the STIX Indicators.
Returns:
A list of ``maec.bundle.object_history.ObjectHistoryEntry`` objects representing
the final list of checked and pruned CybOX Objects that will be used for the STIX Indicators.
"""
final_indicator_objects = []
# Prune any unwanted properties from Objects
for entry in candidate_indicator_objects:
object = entry.object
xsi_type = object.properties._XSI_TYPE
# Do the contraindicator check
if xsi_type in self.config.supported_objects and not self._contraindicator_check(entry):
object_type_conf = self.config.supported_objects[xsi_type]
# Prune the properties of the Object to correspond to the input config file
# First, test for the presence of only the required properties
if self._required_property_check(object, self.config.supported_objects[xsi_type]):
# If the required properties are found, prune based on the full set (optional + required)
full_properties = {}
full_properties.update(object_type_conf["required"])
full_properties.update(object_type_conf["optional"])
full_properties.update(object_type_conf["mutually_exclusive"])
full_pruned_properties = self._prune_object_properties(object.properties.to_dict(), full_properties)
full_pruned_properties["xsi:type"] = xsi_type
# Create a new Object with the pruned ObjectProperties
pruned_object = Object()
pruned_object.properties = ObjectProperties.from_dict(full_pruned_properties)
entry.object = pruned_object
# Add the updated Object History entry to the final list of Indicators
final_indicator_objects.append(entry)
return final_indicator_objects示例12: __init__
def __init__(self, item=None, id_=None, idref=None, title=None, description=None):
"""Create an Observable out of 'item'.
`item` can be any of:
- an Object
- an Event
- an ObservableComposition
- any subclass of ObjectProperties.
In the first three cases, the appropriate property of the Observable
will be set. In the last cases, an Object will be built automatically
to ensure the correct hierarchy is created.
"""
super(Observable, self).__init__()
if not id_ and not idref:
id_ = cybox.utils.create_id(prefix="Observable")
self.id_ = id_
self.title = title
self.description = description
self.object_ = None
self.event = None
self.observable_composition = None
self.idref = idref
self.sighting_count = None
self.observable_source = []
self.keywords = Keywords()
self.pattern_fidelity = None
if item is None:
return
elif isinstance(item, Object):
self.object_ = item
elif isinstance(item, ObservableComposition):
self.observable_composition = item
elif isinstance(item, Event):
self.event = item
elif isinstance(item, ObjectProperties):
if item.parent:
self.object_ = item.parent
else:
self.object_ = Object(item)
else:
msg = ("item must be an Object, Event, ObservableComposition, or "
"subclass of ObjectProperties. Received an %s" % type(item))
raise TypeError(msg)示例13: from_obj
def from_obj(observable_obj):
if not observable_obj:
return None
obs = Observable()
obs.id_ = observable_obj.get_id()
obs.title = observable_obj.get_Title()
obs.description = StructuredText.from_obj(observable_obj.get_Description())
obs.object_ = Object.from_obj(observable_obj.get_Object())
obs.event = Event.from_obj(observable_obj.get_Event())
obs.observable_composition = ObservableComposition.from_obj(observable_obj.get_Observable_Composition())
obs.idref = observable_obj.get_idref()
obs.sighting_count = observable_obj.get_sighting_count()
if observable_obj.get_Observable_Source():
obs.observable_source = [MeasureSource.from_obj(x) for x in observable_obj.get_Observable_Source()]
return obs示例14: from_dict
def from_dict(malware_subject_dict):
if not malware_subject_dict:
return None
malware_subject_ = MalwareSubject(None)
malware_subject_.id = malware_subject_dict.get('id')
malware_subject_.malware_instance_object_attributes = Object.from_dict(malware_subject_dict.get('malware_instance_object_attributes'))
malware_subject_.minor_variants = MinorVariants.from_list(malware_subject_dict.get('minor_variants'))
malware_subject_.configuration_details = MalwareConfigurationDetails.from_dict(malware_subject_dict.get('configuration_details'))
malware_subject_.development_environment = MalwareDevelopmentEnvironment.from_dict(malware_subject_dict.get('development_environment'))
malware_subject_.field_data = None #TODO: add support
malware_subject_.analyses = Analyses.from_list(malware_subject_dict.get('analyses'))
malware_subject_.findings_bundles = FindingsBundleList.from_dict(malware_subject_dict.get('findings_bundles'))
malware_subject_.relationships = MalwareSubjectRelationshipList.from_list(malware_subject_dict.get('id'))
if malware_subject_dict.get('label'):
malware_subject_.label = [VocabString.from_dict(x) for x in malware_subject_dict.get('label')]
if malware_subject_dict.get('compatible_platform'):
malware_subject_.compatible_platform = [PlatformSpecification.from_dict(x) for x in malware_subject_dict.get('compatible_platform')]
return malware_subject_示例15: from_obj
def from_obj(malware_subject_obj):
if not malware_subject_obj:
return None
malware_subject_ = MalwareSubject(None)
malware_subject_.id = malware_subject_obj.get_id()
malware_subject_.malware_instance_object_attributes = Object.from_obj(malware_subject_obj.get_Malware_Instance_Object_Attributes())
malware_subject_.minor_variants = MinorVariants.from_obj(malware_subject_obj.get_Minor_Variants())
malware_subject_.configuration_details = MalwareConfigurationDetails.from_obj(malware_subject_obj.get_Configuration_Details())
malware_subject_.development_environment = MalwareDevelopmentEnvironment.from_obj(malware_subject_obj.get_Development_Environment())
malware_subject_.field_data = None #TODO: add support
malware_subject_.analyses = Analyses.from_obj(malware_subject_obj.get_Analyses())
malware_subject_.findings_bundles = FindingsBundleList.from_obj(malware_subject_obj.get_Findings_Bundles())
malware_subject_.relationships = MalwareSubjectRelationshipList.from_obj(malware_subject_obj.get_Relationships())
if malware_subject_obj.get_Label():
malware_subject_.label = [VocabString.from_obj(x) for x in malware_subject_obj.get_Label()]
if malware_subject_obj.get_Compatible_Platform():
malware_subject_.compatible_platform = [PlatformSpecification.from_obj(x) for x in malware_subject_obj.get_Compatible_Platform()]
return malware_subject_