本文整理汇总了Python中cybox.core.Observable.idref方法的典型用法代码示例。如果您正苦于以下问题:Python Observable.idref方法的具体用法?Python Observable.idref怎么用?Python Observable.idref使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类cybox.core.Observable的用法示例。
在下文中一共展示了Observable.idref方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: main
# 需要导入模块: from cybox.core import Observable [as 别名]
# 或者: from cybox.core.Observable import idref [as 别名]
def main():
stix_package = STIXPackage()
addr1 = Observable(Address(address_value="198.51.100.2", category=Address.CAT_IPV4))
addr2 = Observable(Address(address_value="198.51.100.17", category=Address.CAT_IPV4))
addr3 = Observable(Address(address_value="203.0.113.19", category=Address.CAT_IPV4))
stix_package.add_observable(addr1)
stix_package.add_observable(addr2)
stix_package.add_observable(addr3)
obs_addr1 = Observable()
obs_addr2 = Observable()
obs_addr3 = Observable()
obs_addr1.id_ = None
obs_addr2.id_ = None
obs_addr3.id_ = None
obs_addr1.idref = addr1.id_
obs_addr2.idref = addr2.id_
obs_addr3.idref = addr3.id_
infrastructure = Infrastructure()
infrastructure.observable_characterization = Observables([obs_addr1, obs_addr2, obs_addr3])
resource = Resource()
resource.infrastructure = infrastructure
ttp = TTP(title="Malware C2 Channel")
ttp.resources = resource
stix_package.add_ttp(ttp)
print stix_package.to_xml()示例2: test_id_idref_exclusive
# 需要导入模块: from cybox.core import Observable [as 别名]
# 或者: from cybox.core.Observable import idref [as 别名]
def test_id_idref_exclusive(self):
o = Observable()
self.assertTrue(o.id_ is not None)
self.assertTrue(o.idref is None)
o.idref = "foo"
self.assertTrue(o.idref is not None)
self.assertTrue(o.id_ is None)示例3: Observable
# 需要导入模块: from cybox.core import Observable [as 别名]
# 或者: from cybox.core.Observable import idref [as 别名]
file = File.from_dict({"file_name": "blah", "file_extension": "bat"})
file.file_name.condition = "Contains"
file.file_extension.condition = "Equals"
obs2 = Observable(file)
observables_doc.add(obs2)
mutex = Mutex.from_dict({"name": "Some_OTHER_MUTEX!!!"})
obs3 = Observable(mutex)
observables_doc.add(obs3)
# to add logic:
# normally you'd probably have logic for all items, but this is just a demo, not reality
oproc_ref = Observable()
oproc_ref.id_ = None
oproc_ref.idref = obs1.id_
ofile_ref = Observable()
ofile_ref.id_ = None
ofile_ref.idref = obs2.id_
omutex_ref = Observable()
omutex_ref.id_ = None
omutex_ref.idref = obs3.id_
o_comp = Observable(ObservableComposition(operator = "OR"))
o_comp.observable_composition.add(oproc_ref)
o_comp.observable_composition.add(ofile_ref)
o_comp2 = Observable(ObservableComposition(operator = "AND"))
o_comp2.observable_composition.add(omutex_ref)