本文整理汇总了Python中cybox.core.Observables.from_obj方法的典型用法代码示例。如果您正苦于以下问题:Python Observables.from_obj方法的具体用法?Python Observables.from_obj怎么用?Python Observables.from_obj使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类cybox.core.Observables的用法示例。
在下文中一共展示了Observables.from_obj方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: from_obj
# 需要导入模块: from cybox.core import Observables [as 别名]
# 或者: from cybox.core.Observables import from_obj [as 别名]
def from_obj(cls, obj, return_obj=None):
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.timestamp = obj.timestamp
return_obj.stix_header = STIXHeader.from_obj(obj.STIX_Header)
return_obj.related_packages = RelatedPackages.from_obj(obj.Related_Packages)
if obj.version:
return_obj.version = obj.version
if obj.Campaigns:
return_obj.campaigns = [Campaign.from_obj(x) for x in obj.Campaigns.Campaign]
if obj.Courses_Of_Action:
return_obj.courses_of_action = [CourseOfAction.from_obj(x) for x in obj.Courses_Of_Action.Course_Of_Action]
if obj.Exploit_Targets:
return_obj.exploit_targets = [ExploitTarget.from_obj(x) for x in obj.Exploit_Targets.Exploit_Target]
if obj.Indicators:
return_obj.indicators = [Indicator.from_obj(x) for x in obj.Indicators.Indicator]
if obj.Observables:
return_obj.observables = Observables.from_obj(obj.Observables)
if obj.Incidents:
return_obj.incidents = [Incident.from_obj(x) for x in obj.Incidents.Incident]
if obj.Threat_Actors:
return_obj.threat_actors = [ThreatActor.from_obj(x) for x in obj.Threat_Actors.Threat_Actor]
if obj.TTPs:
return_obj.ttps = TTPs.from_obj(obj.TTPs)
return return_obj示例2: from_obj
# 需要导入模块: from cybox.core import Observables [as 别名]
# 或者: from cybox.core.Observables import from_obj [as 别名]
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.timestamp = obj.timestamp
if isinstance(obj, cls._binding_class): # CourseOfActionType properties
return_obj.version = obj.version
return_obj.title = obj.Title
return_obj.stage = VocabString.from_obj(obj.Stage)
return_obj.type_ = VocabString.from_obj(obj.Type)
return_obj.description = StructuredText.from_obj(obj.Description)
return_obj.short_description = StructuredText.from_obj(obj.Short_Description)
return_obj.objective = Objective.from_obj(obj.Objective)
return_obj.parameter_observables = \
Observables.from_obj(obj.Parameter_Observables)
return_obj.impact = Statement.from_obj(obj.Impact)
return_obj.cost = Statement.from_obj(obj.Cost)
return_obj.efficacy = Statement.from_obj(obj.Efficacy)
return_obj.information_source = InformationSource.from_obj(obj.Information_Source)
return_obj.handling = Marking.from_obj(obj.Handling)
return_obj.related_coas = \
RelatedCOAs.from_obj(obj.Related_COAs)
return_obj.related_packages = \
RelatedPackageRefs.from_obj(obj.Related_Packages)
return return_obj示例3: from_obj
# 需要导入模块: from cybox.core import Observables [as 别名]
# 或者: from cybox.core.Observables import from_obj [as 别名]
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.timestamp = obj.get_timestamp()
if isinstance(obj, cls._binding_class): # CourseOfActionType properties
return_obj.version = obj.get_version() or cls._version
return_obj.title = obj.get_Title()
return_obj.stage = VocabString.from_obj(obj.get_Stage())
return_obj.type_ = VocabString.from_obj(obj.get_Type())
return_obj.description = StructuredText.from_obj(obj.get_Description())
return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
return_obj.objective = Objective.from_obj(obj.get_Objective())
return_obj.parameter_observables = \
Observables.from_obj(obj.get_Parameter_Observables())
return_obj.impact = Statement.from_obj(obj.get_Impact())
return_obj.cost = Statement.from_obj(obj.get_Cost())
return_obj.efficacy = Statement.from_obj(obj.get_Efficacy())
return_obj.information_source = InformationSource.from_obj(obj.get_Information_Source())
return_obj.handling = Marking.from_obj(obj.get_Handling())
return_obj.related_coas = \
RelatedCOAs.from_obj(obj.get_Related_COAs())
return_obj.related_packages = \
RelatedPackageRefs.from_obj(obj.get_Related_Packages())
return return_obj示例4: parse
# 需要导入模块: from cybox.core import Observables [as 别名]
# 或者: from cybox.core.Observables import from_obj [as 别名]
def parse(xml_file):
obs_obj = cybox_core_binding.parse(xml_file) # create binding object from xml file
obs = Observables.from_obj(obs_obj) # convert binding object into python-cybox object
#pro = process_binding.parse(xml_file)
#p = Process.from_obj(pro)
#print p.pid
return obs示例5: from_obj
# 需要导入模块: from cybox.core import Observables [as 别名]
# 或者: from cybox.core.Observables import from_obj [as 别名]
def from_obj(cls, obj, return_obj=None):
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.timestamp = obj.get_timestamp()
return_obj.stix_header = STIXHeader.from_obj(obj.get_STIX_Header())
return_obj.related_packages = RelatedPackages.from_obj(obj.get_Related_Packages())
if obj.get_version():
return_obj.version = obj.get_version()
if obj.get_Campaigns():
return_obj.campaigns = [Campaign.from_obj(x) for x in obj.get_Campaigns().get_Campaign()]
if obj.get_Courses_Of_Action():
return_obj.courses_of_action = [CourseOfAction.from_obj(x) for x in obj.get_Courses_Of_Action().get_Course_Of_Action()]
if obj.get_Exploit_Targets():
return_obj.exploit_targets = [ExploitTarget.from_obj(x) for x in obj.get_Exploit_Targets().get_Exploit_Target()]
if obj.get_Indicators():
return_obj.indicators = [Indicator.from_obj(x) for x in obj.get_Indicators().get_Indicator()]
if obj.get_Observables():
return_obj.observables = Observables.from_obj(obj.get_Observables())
if obj.get_Incidents():
return_obj.incidents = [Incident.from_obj(x) for x in obj.get_Incidents().get_Incident()]
if obj.get_Threat_Actors():
return_obj.threat_actors = [ThreatActor.from_obj(x) for x in obj.get_Threat_Actors().get_Threat_Actor()]
if obj.get_TTPs():
return_obj.ttps = TTPs.from_obj(obj.get_TTPs())
return return_obj示例6: main
# 需要导入模块: from cybox.core import Observables [as 别名]
# 或者: from cybox.core.Observables import from_obj [as 别名]
def main():
infilename = ''
outfilename = ''
#Get the command-line arguments
args = sys.argv[1:]
if len(args) < 4:
usage()
sys.exit(1)
for i in range(0,len(args)):
if args[i] == '-i':
infilename = args[i+1]
elif args[i] == '-o':
outfilename = args[i+1]
if os.path.isfile(infilename):
try:
# Perform the translation using the methods from the OpenIOC to CybOX Script
openioc_indicators = openioc.parse(infilename)
observables_obj = openioc_to_cybox.generate_cybox(openioc_indicators, infilename, True)
observables_cls = Observables.from_obj(observables_obj)
# Set the namespace to be used in the STIX Package
stix.utils.set_id_namespace({"https://github.com/STIXProject/openioc-to-stix":"openiocToSTIX"})
# Wrap the created Observables in a STIX Package/Indicator
stix_package = STIXPackage()
# Add the OpenIOC namespace
input_namespaces = {"http://openioc.org/":"openioc"}
stix_package.__input_namespaces__ = input_namespaces
for observable in observables_cls.observables:
indicator_dict = {}
producer_dict = {}
producer_dict['tools'] = [{'name':'OpenIOC to STIX Utility', 'version':str(__VERSION__)}]
indicator_dict['producer'] = producer_dict
indicator_dict['title'] = "CybOX-represented Indicator Created from OpenIOC File"
indicator = Indicator.from_dict(indicator_dict)
indicator.add_observable(observables_cls.observables[0])
stix_package.add_indicator(indicator)
# Create and write the STIX Header
stix_header = STIXHeader()
stix_header.package_intent = "Indicators - Malware Artifacts"
stix_header.description = "CybOX-represented Indicators Translated from OpenIOC File"
stix_package.stix_header = stix_header
# Write the generated STIX Package as XML to the output file
outfile = open(outfilename, 'w')
# Ignore any warnings - temporary fix for no schemaLocation w/ namespace
with warnings.catch_warnings():
warnings.simplefilter("ignore")
outfile.write(stix_package.to_xml())
warnings.resetwarnings()
outfile.flush()
outfile.close()
except Exception, err:
print('\nError: %s\n' % str(err))
traceback.print_exc()示例7: parse
# 需要导入模块: from cybox.core import Observables [as 别名]
# 或者: from cybox.core.Observables import from_obj [as 别名]
def parse(xml_file):
# create binding object from xml file
observables_obj = cybox_core_binding.parse(xml_file)
# convert binding object into python-cybox object
observables = Observables.from_obj(observables_obj)
return observables示例8: from_obj
# 需要导入模块: from cybox.core import Observables [as 别名]
# 或者: from cybox.core.Observables import from_obj [as 别名]
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
super(CourseOfAction, cls).from_obj(obj, return_obj=return_obj)
if isinstance(obj, cls._binding_class): # CourseOfActionType properties
return_obj.title = obj.Title
return_obj.stage = VocabString.from_obj(obj.Stage)
return_obj.type_ = VocabString.from_obj(obj.Type)
return_obj.objective = Objective.from_obj(obj.Objective)
return_obj.parameter_observables = \
Observables.from_obj(obj.Parameter_Observables)
return_obj.impact = Statement.from_obj(obj.Impact)
return_obj.cost = Statement.from_obj(obj.Cost)
return_obj.efficacy = Statement.from_obj(obj.Efficacy)
return_obj.related_coas = \
RelatedCOAs.from_obj(obj.Related_COAs)
return_obj.related_packages = \
related.RelatedPackageRefs.from_obj(obj.Related_Packages)
return_obj.structured_coa = \
_BaseStructuredCOA.from_obj(obj.Structured_COA)
return return_obj示例9: from_obj
# 需要导入模块: from cybox.core import Observables [as 别名]
# 或者: from cybox.core.Observables import from_obj [as 别名]
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.identity = Identity.from_obj(obj.Identity)
return_obj.targeted_technical_details = Observables.from_obj(obj.Targeted_Technical_Details)
return_obj.targeted_systems = TargetedSystems.from_obj(obj.Targeted_Systems)
return_obj.targeted_information = TargetedInformation.from_obj(obj.Targeted_Information)
return return_obj示例10: main
# 需要导入模块: from cybox.core import Observables [as 别名]
# 或者: from cybox.core.Observables import from_obj [as 别名]
def main():
fn = 'se_07.xml'
print "parsing input xml document..."
observables_obj = cybox_core_binding.parse(fn) # build a binding object
observables = Observables.from_obj(observables_obj) # build an api object from binding
observables_dict = observables.to_dict() # create dictionary from api object
pprint(observables_dict)
print "building xml from dictionary..."
observables_two = Observables.from_dict(observables_dict) # create copy api object from dictionary
xml = observables_two.to_xml() # generate xml from copied api object
print xml示例11: main
# 需要导入模块: from cybox.core import Observables [as 别名]
# 或者: from cybox.core.Observables import from_obj [as 别名]
def main():
infilename = ''
outfilename = ''
#Get the command-line arguments
args = sys.argv[1:]
if len(args) < 4:
usage()
sys.exit(1)
for i in range(0,len(args)):
if args[i] == '-i':
infilename = args[i+1]
elif args[i] == '-o':
outfilename = args[i+1]
if os.path.isfile(infilename):
try:
# Perform the translation using the methods from the OpenIOC to CybOX Script
openioc_indicators = openioc.parse(infilename)
observables_obj = openioc_to_cybox.generate_cybox(openioc_indicators, infilename, True)
observables_cls = Observables.from_obj(observables_obj)
# Wrap the created Observables in a STIX Package/Indicator
stix_package = STIXPackage()
for observable in observables_cls.observables:
indicator_dict = {}
producer_dict = {}
producer_dict['tools'] = [{'name':'OpenIOC to STIX Utility', 'version':str(__VERSION__)}]
indicator_dict['producer'] = producer_dict
indicator_dict['title'] = "CybOX-represented Indicator Created from OpenIOC File"
indicator = Indicator.from_dict(indicator_dict)
indicator.add_observable(observables_cls.observables[0])
stix_package.add_indicator(indicator)
# Create and write the STIX Header
stix_header = STIXHeader()
stix_header.package_intent = "Indicators - Malware Artifacts"
stix_header.description = "CybOX-represented Indicators Translated from OpenIOC File"
stix_package.stix_header = stix_header
# Write the generated STIX Package as XML to the output file
outfile = open(outfilename, 'w')
outfile.write(stix_package.to_xml())
outfile.flush()
outfile.close()
except Exception, err:
print('\nError: %s\n' % str(err))
traceback.print_exc()示例12: from_obj
# 需要导入模块: from cybox.core import Observables [as 别名]
# 或者: from cybox.core.Observables import from_obj [as 别名]
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.identity = Identity.from_obj(obj.get_Identity())
return_obj.targeted_technical_details = Observables.from_obj(obj.get_Targeted_Technical_Details())
if obj.get_Targeted_Systems():
return_obj.targeted_systems = [VocabString.from_obj(x) for x in obj.get_Targeted_Systems()]
if obj.get_Targeted_Information():
return_obj.targeted_information = [VocabString.from_obj(x) for x in obj.get_Targeted_Information()]
return return_obj示例13: from_obj
# 需要导入模块: from cybox.core import Observables [as 别名]
# 或者: from cybox.core.Observables import from_obj [as 别名]
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.get_id()
return_obj.title = obj.get_Title()
return_obj.description = StructuredText.from_obj(obj.get_Description())
return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
return_obj.observable_characterization = Observables.from_obj(obj.get_Observable_Characterization())
if obj.get_Type():
return_obj.types = [AttackerInfrastructureType.from_obj(x) for x in obj.get_Type()]
return return_obj示例14: from_obj
# 需要导入模块: from cybox.core import Observables [as 别名]
# 或者: from cybox.core.Observables import from_obj [as 别名]
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.id
return_obj.title = obj.Title
return_obj.description = StructuredText.from_obj(obj.Description)
return_obj.short_description = StructuredText.from_obj(obj.Short_Description)
return_obj.observable_characterization = Observables.from_obj(obj.Observable_Characterization)
if obj.Type:
return_obj.types = [VocabString.from_obj(x) for x in obj.Type]
return return_obj示例15: read_cybox
# 需要导入模块: from cybox.core import Observables [as 别名]
# 或者: from cybox.core.Observables import from_obj [as 别名]
def read_cybox(input_file, isJson):
if not isJson:
cybox_obj = cybox_core_binding.parse(input_file)
cybox_observables = Observables.from_obj(cybox_obj)
cybox_data = cybox_observables.to_dict()
else:
with open(input_file, 'r') as f:
cybox_data = json.load(input_file)
# TODO: Add other indicator types
indicator_data = {'ip_addresses': [],
'hostnames': [] }
# TODO: Support additional logic (build parse tree or similar?)
for each in cybox_data['observables']:
if each['object']['properties']['category'] == 'ipv4-addr':
indicator_data['ip_addresses'].append(each['object']['properties']['address_value'])
return indicator_data