本文整理汇总了Python中cybox.objects.uri_object.URI类的典型用法代码示例。如果您正苦于以下问题:Python URI类的具体用法?Python URI怎么用?Python URI使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了URI类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: stix_xml
def stix_xml(bldata):
# Create the STIX Package and Header objects
stix_package = STIXPackage()
stix_header = STIXHeader()
# Set the description
stix_header.description = "RiskIQ Blacklist Data - STIX Format"
# Set the namespace
NAMESPACE = {"http://www.riskiq.com" : "RiskIQ"}
set_id_namespace(NAMESPACE)
# Set the produced time to now
stix_header.information_source = InformationSource()
stix_header.information_source.time = Time()
stix_header.information_source.time.produced_time = datetime.now()
# Create the STIX Package
stix_package = STIXPackage()
# Build document
stix_package.stix_header = stix_header
# Build the Package Intent
stix_header.package_intents.append(PackageIntent.TERM_INDICATORS)
# Build the indicator
indicator = Indicator()
indicator.title = "List of Malicious URLs detected by RiskIQ - Malware, Phishing, and Spam"
indicator.add_indicator_type("URL Watchlist")
for datum in bldata:
url = URI()
url.value = ""
url.value = datum['url']
url.type_ = URI.TYPE_URL
url.condition = "Equals"
indicator.add_observable(url)
stix_package.add_indicator(indicator)
return stix_package.to_xml()示例2: dns_queries
def dns_queries(dnsqueries):
a = MalwareAction()
ao = AssociatedObject()
a.name = "Query DNS"
a.type_ = "Query"
# hostnameの解決
quri = URI()
quri.value = dnsqueries["hostname"]
dns_question = DNSQuestion()
dns_question.qname = quri
ao.properties = DNSQuery()
ao.properties.question = dns_question
# resultの解決
if dnsqueries.has_key("results"):
records = []
for result in dnsqueries["results"]:
dnsrecord = DNSRecord()
dnsrecord.domain_name = quri.value
address = Address()
address.CAT_IPV4
address.address_value = result
dnsrecord.ip_address = address
records.append(dnsrecord)
ao.properties.answer_resource_records = DNSResourceRecords(records)
#print ao.properties.path # print for debug
a.associated_objects = AssociatedObjects()
a.associated_objects.append(ao)
#print a.associated_objects.to # debug print
return a示例3: main
def main():
v = AnyURI("http://www.example.com/index1.html")
v.condition = "Equals"
u = URI()
u.value = v
u.type_ = URI.TYPE_URL
print(Observables(u).to_xml())示例4: main
def main():
NS = cybox.utils.Namespace("http://example.com/", "example")
cybox.utils.set_id_namespace(NS)
v = AnyURI("http://www.example.com/index1.html")
u = URI()
u.value = v
u.type_ = URI.TYPE_URL
print Observables(u).to_xml()示例5: test_round_trip
def test_round_trip(self):
u = "http://www.example.com"
t = URI.TYPE_URL
uri = URI(AnyURI(u), t)
uri2 = cybox.test.round_trip(uri)
self.assertEqual(uri.to_dict(), uri2.to_dict())
self.assertEqual(u, str(uri2))
self.assertEqual(t, uri2.type_)示例6: main
def main():
print '<?xml version="1.0" encoding="UTF-8"?>'
v = AnyURI("www.sample1.com/index.html")
v.condition = "Equals"
u = URI()
u.value = v
u.type_ = URI.TYPE_URL
o = Observables(u)
print o.to_xml()示例7: test_round_trip
def test_round_trip(self):
v = AnyURI("http://www.example.com")
t = URI.TYPE_URL
u = URI()
u.value = v
u.type_ = t
uri2 = round_trip(u, URI, output=False)
self.assertEqual(uri2.value, v)
self.assertEqual(uri2.type_, t)示例8: create_url_indicator
def create_url_indicator(self, url_indicator):
indicator = Indicator()
indicator.title = 'URL of site hosting malware'
indicator.add_indicator_type('URL Watchlist')
url = URI()
url.value = url_indicator
url.type_ = URI.TYPE_URL
url.condition = 'Equals'
indicator.add_observable(url)
return indicator示例9: create_url_observable
def create_url_observable(url):
url_object = URI.from_dict({"value": url, "type": URI.TYPE_URL})
url_observable = Observable(url_object)
url_observable.title = "Malware Artifact - URL"
url_observable.description = "URL derived from sandboxed malware sample."
url_observable.short_description = "URL from malware."
return url_observable示例10: main
def main():
pkg = STIXPackage()
indicator = Indicator()
indicator.id_ = "example:package-382ded87-52c9-4644-bab0-ad3168cbad50"
indicator.title = "Malicious site hosting downloader"
indicator.add_indicator_type("URL Watchlist")
url = URI()
url.value = "http://x4z9arb.cn/4712"
url.type_ = URI.TYPE_URL
indicator.add_observable(url)
pkg.add_indicator(indicator)
print pkg.to_xml()示例11: create_domain_name_observable
def create_domain_name_observable(domain_name):
domain_name_object = URI.from_dict({"value": domain_name, "type": URI.TYPE_DOMAIN})
domain_name_observable = Observable(domain_name_object)
domain_name_observable.title = "Malware Artifact - Domain"
domain_name_observable.description = "Domain derived from sandboxed malware sample."
domain_name_observable.short_description = "Domain from malware."
return domain_name_observable示例12: from_dict
def from_dict(registrar_dict):
if not registrar_dict:
return None
registrar = WhoisRegistrar()
registrar.registrar_id = String.from_dict(registrar_dict.get('registrar_id'))
registrar.registrar_guid = String.from_dict(registrar_dict.get('registrar_guid'))
registrar.name = String.from_dict(registrar_dict.get('name'))
registrar.address = String.from_dict(registrar_dict.get('address'))
registrar.email_address = Address.from_dict(registrar_dict.get('email_address'), Address.CAT_EMAIL)
registrar.phone_number = String.from_dict(registrar_dict.get('phone_number'))
registrar.whois_server = URI.from_dict(registrar_dict.get('whois_server'))
registrar.referral_url = URI.from_dict(registrar_dict.get('referral_url'))
registrar.contacts = WhoisContacts.from_list(registrar_dict.get('contacts'))
return registrar示例13: from_obj
def from_obj(registrar_obj):
if not registrar_obj:
return None
registrar = WhoisRegistrar()
registrar.registrar_id = String.from_obj(registrar_obj.get_Registrar_ID())
registrar.registrar_guid = String.from_obj(registrar_obj.get_Registrar_GUID())
registrar.name = String.from_obj(registrar_obj.get_Name())
registrar.address = String.from_obj(registrar_obj.get_Address())
registrar.email_address = Address.from_obj(registrar_obj.get_Email_Address())
registrar.phone_number = String.from_obj(registrar_obj.get_Phone_Number())
registrar.whois_server = URI.from_obj(registrar_obj.get_Whois_Server())
registrar.referral_url = URI.from_obj(registrar_obj.get_Referral_URL())
registrar.contacts = WhoisContacts.from_obj(registrar_obj.get_Contacts())
return registrar示例14: fqdn
def fqdn(fqdn,provider,reporttime):
currentTime = time.time()
parsed_uri = urlparse( str(fqdn) )
domain = '{uri.scheme}://{uri.netloc}/'.format(uri=parsed_uri)
if domain.startswith('https'):
domain = domain[8:]
else:
domain = domain[7:]
if domain.endswith('/'):
domain = domain[:-1]
vuln = Vulnerability()
vuln.cve_id = "FQDN-" + str(domain) + '_' + str(currentTime)
vuln.description = "maliciousIPV4"
et = ExploitTarget(title=provider + " observable")
et.add_vulnerability(vuln)
url = URI()
url.value = fqdn
url.type_ = URI.TYPE_URL
url.condition = "Equals"
# Create an Indicator with the File Hash Object created above.
indicator = Indicator()
indicator.title = "FQDN-" + str(fqdn)
indicator.description = ("Malicious FQDN " + str(fqdn) + " reported from " + provider)
indicator.set_producer_identity(provider)
indicator.set_produced_time(reporttime)
indicator.add_observable(url)
# Create a STIX Package
stix_package = STIXPackage()
stix_package.add(et)
stix_package.add(indicator)
# Print the XML!
#print(stix_package.to_xml())
f = open('/opt/TARDIS/Observables/FQDN/' + str(domain) + '_' + str(currentTime) + '.xml','w')
f.write(stix_package.to_xml())
f.close()
示例15: from_dict
def from_dict(mal_conf_storage_dict):
if not mal_conf_storage_dict:
return None
mal_conf_storage_ = MalwareConfigurationStorageDetails()
mal_conf_storage_.malware_binary = MalwareBinaryConfigurationStorageDetails.from_dict(mal_conf_storage_dict['malware_binary'])
mal_conf_storage_.file = File.from_dict(mal_conf_storage_dict['file'])
if mal_conf_storage_dict['url']:
mal_conf_storage_.url = [URI.from_dict(x) for x in mal_conf_storage_dict['configuration_parameter']]
return mal_conf_storage_