本文整理汇总了Python中cybox.core.Object.from_dict方法的典型用法代码示例。如果您正苦于以下问题:Python Object.from_dict方法的具体用法?Python Object.from_dict怎么用?Python Object.from_dict使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类cybox.core.Object的用法示例。
在下文中一共展示了Object.from_dict方法的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: populate
# 需要导入模块: from cybox.core import Object [as 别名]
# 或者: from cybox.core.Object import from_dict [as 别名]
def populate(self, entry_dict, static_bundle, malware_subject=None):
if 'file' in entry_dict and len(entry_dict['file'].keys()) > 1:
file_dict = self.create_object_dict(entry_dict['file'])
if malware_subject:
malware_subject.malware_instance_object_attributes = Object.from_dict(file_dict)
# Add the hashes for the Malware Instance Object Attributes
data = open(self.pefile_parser.infile, 'rb').read()
if data:
md5_hash = hashlib.md5(data).hexdigest()
sha1_hash = hashlib.sha1(data).hexdigest()
malware_subject.malware_instance_object_attributes.properties.add_hash(md5_hash)
malware_subject.malware_instance_object_attributes.properties.add_hash(sha1_hash)
else:
static_bundle.add_object(Object.from_dict(file_dict))
if 'pe' in entry_dict and len(entry_dict['pe'].keys()) > 1:
pe_dict = self.create_object_dict(entry_dict['pe'])
static_bundle.add_object(Object.from_dict(pe_dict))示例2: from_dict
# 需要导入模块: from cybox.core import Object [as 别名]
# 或者: from cybox.core.Object import from_dict [as 别名]
def from_dict(observable_dict):
if not observable_dict:
return None
obs = Observable()
obs.id_ = observable_dict.get('id')
obs.title = observable_dict.get('title')
obs.description = StructuredText.from_dict(observable_dict.get('description'))
obs.object_ = Object.from_dict(observable_dict.get('object'))
obs.event = Object.from_dict(observable_dict.get('event'))
obs.observable_composition = ObservableComposition.from_dict(observable_dict.get('observable_composition'))
obs.idref = observable_dict.get('idref')
obs.sighting_count = observable_dict.get('sighting_count')
if observable_dict.get('observable_source'):
obs.observable_source = [MeasureSource.from_dict(x) for x in observable_dict.get('observable_source')]
return obs示例3: from_dict
# 需要导入模块: from cybox.core import Object [as 别名]
# 或者: from cybox.core.Object import from_dict [as 别名]
def from_dict(observable_dict):
if not observable_dict:
return None
from cybox.core import PatternFidelity
obs = Observable()
obs.id_ = observable_dict.get('id')
obs.title = observable_dict.get('title')
obs.description = StructuredText.from_dict(observable_dict.get('description'))
obs.object_ = Object.from_dict(observable_dict.get('object'))
obs.event = Object.from_dict(observable_dict.get('event'))
obs.observable_composition = ObservableComposition.from_dict(observable_dict.get('observable_composition'))
obs.idref = observable_dict.get('idref')
obs.sighting_count = observable_dict.get('sighting_count')
if observable_dict.get('observable_source'):
obs.observable_source = [MeasureSource.from_dict(x) for x in observable_dict.get('observable_source')]
obs.keywords = Keywords.from_dict(observable_dict.get('keywords'))
obs.pattern_fidelity = PatternFidelity.from_dict(observable_dict.get('pattern_fidelity'))
return obs示例4: from_dict
# 需要导入模块: from cybox.core import Object [as 别名]
# 或者: from cybox.core.Object import from_dict [as 别名]
def from_dict(observable_dict):
if not observable_dict:
return None
obs = Observable()
obs.id_ = observable_dict.get('id')
obs.title = observable_dict.get('title')
obs.description = StructuredText.from_dict(observable_dict.get('description'))
obs.object_ = Object.from_dict(observable_dict.get('object'))
obs.observable_composition = ObservableComposition.from_dict(observable_dict.get('observable_composition'))
obs.idref = observable_dict.get('idref')
return obs示例5: from_dict
# 需要导入模块: from cybox.core import Object [as 别名]
# 或者: from cybox.core.Object import from_dict [as 别名]
def from_dict(malware_subject_dict):
if not malware_subject_dict:
return None
malware_subject_ = MalwareSubject(None)
malware_subject_.id = malware_subject_dict.get('id')
malware_subject_.malware_instance_object_attributes = Object.from_dict(malware_subject_dict.get('malware_instance_object_attributes'))
malware_subject_.minor_variants = MinorVariants.from_list(malware_subject_dict.get('minor_variants'))
malware_subject_.configuration_details = MalwareConfigurationDetails.from_dict(malware_subject_dict.get('configuration_details'))
malware_subject_.development_environment = MalwareDevelopmentEnvironment.from_dict(malware_subject_dict.get('development_environment'))
malware_subject_.field_data = None #TODO: add support
malware_subject_.analyses = Analyses.from_list(malware_subject_dict.get('analyses'))
malware_subject_.findings_bundles = FindingsBundleList.from_dict(malware_subject_dict.get('findings_bundles'))
malware_subject_.relationships = MalwareSubjectRelationshipList.from_list(malware_subject_dict.get('id'))
if malware_subject_dict.get('label'):
malware_subject_.label = [VocabString.from_dict(x) for x in malware_subject_dict.get('label')]
if malware_subject_dict.get('compatible_platform'):
malware_subject_.compatible_platform = [PlatformSpecification.from_dict(x) for x in malware_subject_dict.get('compatible_platform')]
return malware_subject_示例6: merge_binned_malware_subjects
# 需要导入模块: from cybox.core import Object [as 别名]
# 或者: from cybox.core.Object import from_dict [as 别名]
def merge_binned_malware_subjects(merged_malware_subject, binned_list, id_mappings_dict):
'''Merge a list of input binned (related) Malware Subjects'''
# Merge the Malware_Instance_Object_Attributes
mal_inst_obj_list = [x.malware_instance_object_attributes for x in binned_list]
merged_inst_obj = Object.from_dict(merge_entities(mal_inst_obj_list))
# Give the merged Object a new ID
merged_inst_obj.id_ = maec.utils.idgen.create_id('object')
# Deduplicate the hash values, if they exist
if merged_inst_obj.properties and merged_inst_obj.properties.hashes:
hashes = merged_inst_obj.properties.hashes
hashes = HashList(deduplicate_vocabulary_list(hashes, value_name = 'simple_hash_value'))
hashes = HashList(deduplicate_vocabulary_list(hashes, value_name = 'fuzzy_hash_value'))
merged_inst_obj.properties.hashes = hashes
# Merge and deduplicate the labels
merged_labels = list(itertools.chain(*[x.label for x in binned_list if x.label]))
deduplicated_labels = deduplicate_vocabulary_list(merged_labels)
# Merge the configuration details
config_details_list = [x.configuration_details for x in binned_list if x.configuration_details]
merged_config_details = None
if config_details_list:
merged_config_details = MalwareConfigurationDetails.from_dict(merge_entities(config_details_list))
# Merge the minor variants
merged_minor_variants = list(itertools.chain(*[x.minor_variants for x in binned_list if x.minor_variants]))
# Merge the field data # TODO: Add support. Not implemented in the APIs.
# Merge the analyses
merged_analyses = list(itertools.chain(*[x.analyses for x in binned_list if x.analyses]))
# Merge the findings bundles
merged_findings_bundles = merge_findings_bundles([x.findings_bundles for x in binned_list if x.findings_bundles])
# Merge the relationships
merged_relationships = list(itertools.chain(*[x.relationships for x in binned_list if x.relationships]))
# Merge the compatible platforms
merged_compatible_platforms = list(itertools.chain(*[x.compatible_platform for x in binned_list if x.compatible_platform]))
# Build the merged Malware Subject
merged_malware_subject.malware_instance_object_attributes = merged_inst_obj
if deduplicated_labels: merged_malware_subject.label = deduplicated_labels
if merged_config_details: merged_malware_subject.configuration_details = merged_config_details
if merged_minor_variants: merged_malware_subject.minor_variants = MinorVariants(merged_minor_variants)
if merged_analyses: merged_malware_subject.analyses = Analyses(merged_analyses)
if merged_findings_bundles: merged_malware_subject.findings_bundles = merged_findings_bundles
if merged_relationships: merged_malware_subject.relationships = MalwareSubjectRelationshipList(merged_relationships)
if merged_compatible_platforms: merged_malware_subject.compatible_platform = merged_compatible_platforms示例7: from_dict
# 需要导入模块: from cybox.core import Object [as 别名]
# 或者: from cybox.core.Object import from_dict [as 别名]
def from_dict(bundle_dict):
if not bundle_dict:
return None
bundle_ = Bundle(None, None)
bundle_.id = bundle_dict.get('id')
bundle_.schema_version = bundle_dict.get('schema_version')
bundle_.defined_subject = bundle_dict.get('defined_subject')
bundle_.content_type = bundle_dict.get('content_type')
bundle_.timestamp = datetime.datetime.strptime(bundle_dict.get('timestamp'), "%Y-%m-%dT%H:%M:%S.%f")
bundle_.malware_instance_object_attributes = Object.from_dict(bundle_dict.get('malware_instance_object_attributes'))
bundle_.av_classifications = AVClassifications.from_list(bundle_dict.get('av_classifications'))
bundle_.process_tree = ProcessTree.from_dict(bundle_dict.get('process_tree'))
bundle_.behaviors = BehaviorList.from_list(bundle_dict.get('behaviors', []))
bundle_.capabilities = CapabilityList.from_dict(bundle_dict.get('capabilities'))
bundle_.actions = ActionList.from_list(bundle_dict.get('actions', []))
bundle_.objects = ObjectList.from_list(bundle_dict.get('objects', []))
bundle_.candidate_indicators = CandidateIndicatorList.from_list(bundle_dict.get('candidate_indicators', []))
bundle_.collections = Collections.from_dict(bundle_dict.get('collections'))
return bundle_示例8: from_dict
# 需要导入模块: from cybox.core import Object [as 别名]
# 或者: from cybox.core.Object import from_dict [as 别名]
def from_dict(object_dict):
if not object_dict:
return None
obj = Object.from_dict(object_dict, AssociatedObject())
obj.association_type_ = VocabString.from_dict(object_dict.get('association_type', None))
return obj