本文整理汇总了Python中cybox.core.Observables类的典型用法代码示例。如果您正苦于以下问题:Python Observables类的具体用法?Python Observables怎么用?Python Observables使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了Observables类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: main
def main():
print '<?xml version="1.0" encoding="UTF-8"?>'
v = AnyURI("www.sample1.com/index.html")
v.condition = "Equals"
u = URI()
u.value = v
u.type_ = URI.TYPE_URL
o = Observables(u)
print o.to_xml()
示例2: main
def main():
fn = 'se_07.xml'
print "parsing input xml document..."
observables_obj = cybox_core_binding.parse(fn) # build a binding object
observables = Observables.from_obj(observables_obj) # build an api object from binding
observables_dict = observables.to_dict() # create dictionary from api object
pprint(observables_dict)
print "building xml from dictionary..."
observables_two = Observables.from_dict(observables_dict) # create copy api object from dictionary
xml = observables_two.to_xml() # generate xml from copied api object
print xml
示例3: test_round_trip
def test_round_trip(self):
a = Address("[email protected]", Address.CAT_EMAIL)
a2 = Address("[email protected]", Address.CAT_EMAIL)
ms = MeasureSource()
ms.class_ = "System"
ms.source_type = "Analysis"
ms.description = StructuredText("A Description")
o = Observables([a, a2])
o.observable_package_source = ms
o2 = round_trip(o, output=True)
self.assertEqual(o.to_dict(), o2.to_dict())
示例4: test_get_namespaces
def test_get_namespaces(self):
m = EmailMessage()
m.to = "[email protected]"
m.subject = "Here's a cool picture"
m.links = Links()
u = URI("http://example.com/cool.jpg", URI.TYPE_URL)
m.links.append(u.parent.id_)
o = Observables([u, m])
logger.info(o.to_xml())
actual_namespaces = o._get_namespaces()
logger.info("\n".join([str(x) for x in actual_namespaces]))
self.assertEqual(5, len(actual_namespaces))
示例5: cybox_http
def cybox_http(observable, observable_type, objects):
nsname, nsurl = observable.namespace.split(':', 1)
NS = cybox.utils.Namespace(nsurl, nsname)
cybox.utils.set_id_namespace(NS)
observables = Observables()
for obj in objects:
h = cybox_object_http(obj)
# get related objects
related_objects_list = get_related_objects_for_object(obj.id, observable_type)
o = Observable(h)
o.title = observable.name
o.description = observable.description
observables.add(o)
return observables
示例6: from_dict
def from_dict(cls, dict_repr, return_obj=None):
if not dict_repr:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = dict_repr.get('id')
return_obj.idref = dict_repr.get('idref')
return_obj.timestamp = dict_repr.get('timestamp')
return_obj.version = dict_repr.get('version')
return_obj.title = dict_repr.get('title')
return_obj.stage = VocabString.from_dict(dict_repr.get('stage'))
return_obj.type_ = VocabString.from_dict(dict_repr.get('type'))
return_obj.description = StructuredText.from_dict(dict_repr.get('description'))
return_obj.short_description = StructuredText.from_dict(dict_repr.get('short_description'))
return_obj.objective = Objective.from_dict(dict_repr.get('objective'))
return_obj.parameter_observables = \
Observables.from_dict(dict_repr.get('parameter_observables'))
return_obj.impact = Statement.from_dict(dict_repr.get('impact'))
return_obj.cost = Statement.from_dict(dict_repr.get('cost'))
return_obj.efficacy = Statement.from_dict(dict_repr.get('efficacy'))
return_obj.information_source = InformationSource.from_dict(dict_repr.get('information_source'))
return_obj.handling = Marking.from_dict(dict_repr.get('handling'))
return_obj.related_coas = \
RelatedCOAs.from_dict(dict_repr.get('related_coas'))
return_obj.related_packages = \
RelatedPackageRefs.from_dict(dict_repr.get('related_packages'))
return return_obj
示例7: from_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.timestamp = obj.timestamp
if isinstance(obj, cls._binding_class): # CourseOfActionType properties
return_obj.version = obj.version
return_obj.title = obj.Title
return_obj.stage = VocabString.from_obj(obj.Stage)
return_obj.type_ = VocabString.from_obj(obj.Type)
return_obj.description = StructuredText.from_obj(obj.Description)
return_obj.short_description = StructuredText.from_obj(obj.Short_Description)
return_obj.objective = Objective.from_obj(obj.Objective)
return_obj.parameter_observables = \
Observables.from_obj(obj.Parameter_Observables)
return_obj.impact = Statement.from_obj(obj.Impact)
return_obj.cost = Statement.from_obj(obj.Cost)
return_obj.efficacy = Statement.from_obj(obj.Efficacy)
return_obj.information_source = InformationSource.from_obj(obj.Information_Source)
return_obj.handling = Marking.from_obj(obj.Handling)
return_obj.related_coas = \
RelatedCOAs.from_obj(obj.Related_COAs)
return_obj.related_packages = \
RelatedPackageRefs.from_obj(obj.Related_Packages)
return return_obj
示例8: from_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.timestamp = obj.get_timestamp()
if isinstance(obj, cls._binding_class): # CourseOfActionType properties
return_obj.version = obj.get_version() or cls._version
return_obj.title = obj.get_Title()
return_obj.stage = VocabString.from_obj(obj.get_Stage())
return_obj.type_ = VocabString.from_obj(obj.get_Type())
return_obj.description = StructuredText.from_obj(obj.get_Description())
return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
return_obj.objective = Objective.from_obj(obj.get_Objective())
return_obj.parameter_observables = \
Observables.from_obj(obj.get_Parameter_Observables())
return_obj.impact = Statement.from_obj(obj.get_Impact())
return_obj.cost = Statement.from_obj(obj.get_Cost())
return_obj.efficacy = Statement.from_obj(obj.get_Efficacy())
return_obj.information_source = InformationSource.from_obj(obj.get_Information_Source())
return_obj.handling = Marking.from_obj(obj.get_Handling())
return_obj.related_coas = \
RelatedCOAs.from_obj(obj.get_Related_COAs())
return_obj.related_packages = \
RelatedPackageRefs.from_obj(obj.get_Related_Packages())
return return_obj
示例9: from_obj
def from_obj(cls, obj, return_obj=None):
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.timestamp = obj.get_timestamp()
return_obj.stix_header = STIXHeader.from_obj(obj.get_STIX_Header())
return_obj.related_packages = RelatedPackages.from_obj(obj.get_Related_Packages())
if obj.get_version():
return_obj.version = obj.get_version()
if obj.get_Campaigns():
return_obj.campaigns = [Campaign.from_obj(x) for x in obj.get_Campaigns().get_Campaign()]
if obj.get_Courses_Of_Action():
return_obj.courses_of_action = [CourseOfAction.from_obj(x) for x in obj.get_Courses_Of_Action().get_Course_Of_Action()]
if obj.get_Exploit_Targets():
return_obj.exploit_targets = [ExploitTarget.from_obj(x) for x in obj.get_Exploit_Targets().get_Exploit_Target()]
if obj.get_Indicators():
return_obj.indicators = [Indicator.from_obj(x) for x in obj.get_Indicators().get_Indicator()]
if obj.get_Observables():
return_obj.observables = Observables.from_obj(obj.get_Observables())
if obj.get_Incidents():
return_obj.incidents = [Incident.from_obj(x) for x in obj.get_Incidents().get_Incident()]
if obj.get_Threat_Actors():
return_obj.threat_actors = [ThreatActor.from_obj(x) for x in obj.get_Threat_Actors().get_Threat_Actor()]
if obj.get_TTPs():
return_obj.ttps = TTPs.from_obj(obj.get_TTPs())
return return_obj
示例10: from_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
super(CourseOfAction, cls).from_obj(obj, return_obj=return_obj)
if isinstance(obj, cls._binding_class): # CourseOfActionType properties
return_obj.title = obj.Title
return_obj.stage = VocabString.from_obj(obj.Stage)
return_obj.type_ = VocabString.from_obj(obj.Type)
return_obj.objective = Objective.from_obj(obj.Objective)
return_obj.parameter_observables = \
Observables.from_obj(obj.Parameter_Observables)
return_obj.impact = Statement.from_obj(obj.Impact)
return_obj.cost = Statement.from_obj(obj.Cost)
return_obj.efficacy = Statement.from_obj(obj.Efficacy)
return_obj.related_coas = \
RelatedCOAs.from_obj(obj.Related_COAs)
return_obj.related_packages = \
related.RelatedPackageRefs.from_obj(obj.Related_Packages)
return_obj.structured_coa = \
_BaseStructuredCOA.from_obj(obj.Structured_COA)
return return_obj
示例11: parse
def parse(xml_file):
# create binding object from xml file
observables_obj = cybox_core_binding.parse(xml_file)
# convert binding object into python-cybox object
observables = Observables.from_obj(observables_obj)
return observables
示例12: main
def main():
infilename = ''
outfilename = ''
#Get the command-line arguments
args = sys.argv[1:]
if len(args) < 4:
usage()
sys.exit(1)
for i in range(0,len(args)):
if args[i] == '-i':
infilename = args[i+1]
elif args[i] == '-o':
outfilename = args[i+1]
if os.path.isfile(infilename):
try:
# Perform the translation using the methods from the OpenIOC to CybOX Script
openioc_indicators = openioc.parse(infilename)
observables_obj = openioc_to_cybox.generate_cybox(openioc_indicators, infilename, True)
observables_cls = Observables.from_obj(observables_obj)
# Set the namespace to be used in the STIX Package
stix.utils.set_id_namespace({"https://github.com/STIXProject/openioc-to-stix":"openiocToSTIX"})
# Wrap the created Observables in a STIX Package/Indicator
stix_package = STIXPackage()
# Add the OpenIOC namespace
input_namespaces = {"http://openioc.org/":"openioc"}
stix_package.__input_namespaces__ = input_namespaces
for observable in observables_cls.observables:
indicator_dict = {}
producer_dict = {}
producer_dict['tools'] = [{'name':'OpenIOC to STIX Utility', 'version':str(__VERSION__)}]
indicator_dict['producer'] = producer_dict
indicator_dict['title'] = "CybOX-represented Indicator Created from OpenIOC File"
indicator = Indicator.from_dict(indicator_dict)
indicator.add_observable(observables_cls.observables[0])
stix_package.add_indicator(indicator)
# Create and write the STIX Header
stix_header = STIXHeader()
stix_header.package_intent = "Indicators - Malware Artifacts"
stix_header.description = "CybOX-represented Indicators Translated from OpenIOC File"
stix_package.stix_header = stix_header
# Write the generated STIX Package as XML to the output file
outfile = open(outfilename, 'w')
# Ignore any warnings - temporary fix for no schemaLocation w/ namespace
with warnings.catch_warnings():
warnings.simplefilter("ignore")
outfile.write(stix_package.to_xml())
warnings.resetwarnings()
outfile.flush()
outfile.close()
except Exception, err:
print('\nError: %s\n' % str(err))
traceback.print_exc()
示例13: from_obj
def from_obj(cls, obj, return_obj=None):
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.timestamp = obj.timestamp
return_obj.stix_header = STIXHeader.from_obj(obj.STIX_Header)
return_obj.related_packages = RelatedPackages.from_obj(obj.Related_Packages)
if obj.version:
return_obj.version = obj.version
if obj.Campaigns:
return_obj.campaigns = [Campaign.from_obj(x) for x in obj.Campaigns.Campaign]
if obj.Courses_Of_Action:
return_obj.courses_of_action = [CourseOfAction.from_obj(x) for x in obj.Courses_Of_Action.Course_Of_Action]
if obj.Exploit_Targets:
return_obj.exploit_targets = [ExploitTarget.from_obj(x) for x in obj.Exploit_Targets.Exploit_Target]
if obj.Indicators:
return_obj.indicators = [Indicator.from_obj(x) for x in obj.Indicators.Indicator]
if obj.Observables:
return_obj.observables = Observables.from_obj(obj.Observables)
if obj.Incidents:
return_obj.incidents = [Incident.from_obj(x) for x in obj.Incidents.Incident]
if obj.Threat_Actors:
return_obj.threat_actors = [ThreatActor.from_obj(x) for x in obj.Threat_Actors.Threat_Actor]
if obj.TTPs:
return_obj.ttps = TTPs.from_obj(obj.TTPs)
return return_obj
示例14: parse
def parse(xml_file):
obs_obj = cybox_core_binding.parse(xml_file) # create binding object from xml file
obs = Observables.from_obj(obs_obj) # convert binding object into python-cybox object
#pro = process_binding.parse(xml_file)
#p = Process.from_obj(pro)
#print p.pid
return obs
示例15: from_dict
def from_dict(cls, dict_repr, return_obj=None):
if not dict_repr:
return None
if not return_obj:
return_obj = cls()
super(CourseOfAction, cls).from_dict(dict_repr, return_obj=return_obj)
get = dict_repr.get
return_obj.stage = VocabString.from_dict(get('stage'))
return_obj.type_ = VocabString.from_dict(get('type'))
return_obj.objective = Objective.from_dict(get('objective'))
return_obj.parameter_observables = \
Observables.from_dict(get('parameter_observables'))
return_obj.impact = Statement.from_dict(get('impact'))
return_obj.cost = Statement.from_dict(get('cost'))
return_obj.efficacy = Statement.from_dict(get('efficacy'))
return_obj.related_coas = \
RelatedCOAs.from_dict(get('related_coas'))
return_obj.related_packages = \
related.RelatedPackageRefs.from_dict(get('related_packages'))
return_obj.structured_coa = \
_BaseStructuredCOA.from_dict(get('structured_coa'))
return return_obj