本文整理汇总了Python中cybox.objects.email_message_object.EmailMessage.add_related方法的典型用法代码示例。如果您正苦于以下问题:Python EmailMessage.add_related方法的具体用法?Python EmailMessage.add_related怎么用?Python EmailMessage.add_related使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类cybox.objects.email_message_object.EmailMessage的用法示例。
在下文中一共展示了EmailMessage.add_related方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: main
# 需要导入模块: from cybox.objects.email_message_object import EmailMessage [as 别名]
# 或者: from cybox.objects.email_message_object.EmailMessage import add_related [as 别名]
def main():
stix_package = STIXPackage()
ttp = TTP(title="Phishing")
stix_package.add_ttp(ttp)
# Create the indicator for just the subject
email_subject_object = EmailMessage()
email_subject_object.header = EmailHeader()
email_subject_object.header.subject = "[IMPORTANT] Please Review Before"
email_subject_object.header.subject.condition = "StartsWith"
email_subject_indicator = Indicator()
email_subject_indicator.title = "Malicious E-mail Subject Line"
email_subject_indicator.add_indicator_type("Malicious E-mail")
email_subject_indicator.observable = email_subject_object
email_subject_indicator.confidence = "Low"
# Create the indicator for just the attachment
file_attachment_object = EmailMessage()
file_attachment_object.attachments = Attachments()
attached_file_object = File()
attached_file_object.file_name = "Final Report"
attached_file_object.file_name.condition = "StartsWith"
attached_file_object.file_extension = "doc.exe"
attached_file_object.file_extension.condition = "Equals"
file_attachment_object.add_related(attached_file_object, "Contains", inline=True)
file_attachment_object.attachments.append(file_attachment_object.parent.id_)
indicator_attachment = Indicator()
indicator_attachment.title = "Malicious E-mail Attachment"
indicator_attachment.add_indicator_type("Malicious E-mail")
indicator_attachment.observable = file_attachment_object
indicator_attachment.confidence = "Low"
# Create the combined indicator w/ both subject an attachment
full_email_object = EmailMessage()
full_email_object.attachments = Attachments()
# Add the previously referenced file as another reference rather than define it again:
full_email_object.attachments.append(file_attachment_object.parent.id_)
full_email_object.header = EmailHeader()
full_email_object.header.subject = "[IMPORTANT] Please Review Before"
full_email_object.header.subject.condition = "StartsWith"
combined_indicator = Indicator(title="Malicious E-mail")
combined_indicator.add_indicator_type("Malicious E-mail")
combined_indicator.confidence = Confidence(value="High")
combined_indicator.observable = full_email_object
email_subject_indicator.add_indicated_ttp(TTP(idref=ttp.id_))
indicator_attachment.add_indicated_ttp(TTP(idref=ttp.id_))
combined_indicator.add_indicated_ttp(TTP(idref=ttp.id_))
stix_package.indicators = [combined_indicator, email_subject_indicator, indicator_attachment]
print stix_package.to_xml()示例2: generateEmailAttachmentObject
# 需要导入模块: from cybox.objects.email_message_object import EmailMessage [as 别名]
# 或者: from cybox.objects.email_message_object.EmailMessage import add_related [as 别名]
def generateEmailAttachmentObject(indicator, filename):
file_object = File()
file_object.file_name = filename
email = EmailMessage()
email.attachments = Attachments()
email.add_related(file_object, "Contains", inline=True)
email.attachments.append(file_object.parent.id_)
indicator.observable = email示例3: generateEmailAttachmentObject
# 需要导入模块: from cybox.objects.email_message_object import EmailMessage [as 别名]
# 或者: from cybox.objects.email_message_object.EmailMessage import add_related [as 别名]
def generateEmailAttachmentObject(indicator, attribute):
file_object = File()
file_object.file_name = attribute["value"]
email = EmailMessage()
email.attachments = Attachments()
email.add_related(file_object, "Contains", inline=True)
file_object.parent.id_ = cybox.utils.idgen.__generator.namespace.prefix + ":file-" + attribute["uuid"]
email.attachments.append(file_object.parent.id_)
email.parent.id_ = cybox.utils.idgen.__generator.namespace.prefix + ":EmailMessage-" + attribute["uuid"]
observable = Observable(email)
observable.id_ = cybox.utils.idgen.__generator.namespace.prefix + ":observable-" + attribute["uuid"]
indicator.observable = observable示例4: main
# 需要导入模块: from cybox.objects.email_message_object import EmailMessage [as 别名]
# 或者: from cybox.objects.email_message_object.EmailMessage import add_related [as 别名]
def main():
NS = cybox.utils.Namespace("http://example.com/", "example")
cybox.utils.set_id_namespace(NS)
m = EmailMessage()
m.to = ["[email protected]", "[email protected]"]
m.from_ = "[email protected]"
m.subject = "New modifications to the specification"
a = Address("192.168.1.1", Address.CAT_IPV4)
m.add_related(a, "Received_From", inline=False)
print(Observables([m, a]).to_xml())示例5: main
# 需要导入模块: from cybox.objects.email_message_object import EmailMessage [as 别名]
# 或者: from cybox.objects.email_message_object.EmailMessage import add_related [as 别名]
def main():
NS = cybox.utils.Namespace("http://example.com/", "example")
cybox.utils.set_id_namespace(NS)
# �I�u�W�F�N�g�̍쐬�iEmailMesage)
m = EmailMessage()
# �I�u�W�F�N�g�Ɋ֘A�t��
m.to = ["[email protected]", "[email protected]"]
m.from_ = "[email protected]"
m.subject = "New modifications to the specification"
# �I�u�W�F�N�g�̍쐬�iAdress)
a = Address("192.168.1.1", Address.CAT_IPV4)
# �I�u�W�F�N�g�Ԃ̊֘A
m.add_related(a, "Received_From", inline=False)
a.add_related(m, "Received_to", inline=False)
print Observables([m, a]).to_xml()