本文整理汇总了Python中cybox.objects.uri_object.URI.condition方法的典型用法代码示例。如果您正苦于以下问题:Python URI.condition方法的具体用法?Python URI.condition怎么用?Python URI.condition使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类cybox.objects.uri_object.URI
的用法示例。
在下文中一共展示了URI.condition方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: stix_xml
# 需要导入模块: from cybox.objects.uri_object import URI [as 别名]
# 或者: from cybox.objects.uri_object.URI import condition [as 别名]
def stix_xml(bldata):
# Create the STIX Package and Header objects
stix_package = STIXPackage()
stix_header = STIXHeader()
# Set the description
stix_header.description = "RiskIQ Blacklist Data - STIX Format"
# Set the namespace
NAMESPACE = {"http://www.riskiq.com" : "RiskIQ"}
set_id_namespace(NAMESPACE)
# Set the produced time to now
stix_header.information_source = InformationSource()
stix_header.information_source.time = Time()
stix_header.information_source.time.produced_time = datetime.now()
# Create the STIX Package
stix_package = STIXPackage()
# Build document
stix_package.stix_header = stix_header
# Build the Package Intent
stix_header.package_intents.append(PackageIntent.TERM_INDICATORS)
# Build the indicator
indicator = Indicator()
indicator.title = "List of Malicious URLs detected by RiskIQ - Malware, Phishing, and Spam"
indicator.add_indicator_type("URL Watchlist")
for datum in bldata:
url = URI()
url.value = ""
url.value = datum['url']
url.type_ = URI.TYPE_URL
url.condition = "Equals"
indicator.add_observable(url)
stix_package.add_indicator(indicator)
return stix_package.to_xml()
示例2: create_url_indicator
# 需要导入模块: from cybox.objects.uri_object import URI [as 别名]
# 或者: from cybox.objects.uri_object.URI import condition [as 别名]
def create_url_indicator(self, url_indicator):
indicator = Indicator()
indicator.title = 'URL of site hosting malware'
indicator.add_indicator_type('URL Watchlist')
url = URI()
url.value = url_indicator
url.type_ = URI.TYPE_URL
url.condition = 'Equals'
indicator.add_observable(url)
return indicator
示例3: fqdn
# 需要导入模块: from cybox.objects.uri_object import URI [as 别名]
# 或者: from cybox.objects.uri_object.URI import condition [as 别名]
def fqdn(fqdn,provider,reporttime):
currentTime = time.time()
parsed_uri = urlparse( str(fqdn) )
domain = '{uri.scheme}://{uri.netloc}/'.format(uri=parsed_uri)
if domain.startswith('https'):
domain = domain[8:]
else:
domain = domain[7:]
if domain.endswith('/'):
domain = domain[:-1]
vuln = Vulnerability()
vuln.cve_id = "FQDN-" + str(domain) + '_' + str(currentTime)
vuln.description = "maliciousIPV4"
et = ExploitTarget(title=provider + " observable")
et.add_vulnerability(vuln)
url = URI()
url.value = fqdn
url.type_ = URI.TYPE_URL
url.condition = "Equals"
# Create an Indicator with the File Hash Object created above.
indicator = Indicator()
indicator.title = "FQDN-" + str(fqdn)
indicator.description = ("Malicious FQDN " + str(fqdn) + " reported from " + provider)
indicator.set_producer_identity(provider)
indicator.set_produced_time(reporttime)
indicator.add_observable(url)
# Create a STIX Package
stix_package = STIXPackage()
stix_package.add(et)
stix_package.add(indicator)
# Print the XML!
#print(stix_package.to_xml())
f = open('/opt/TARDIS/Observables/FQDN/' + str(domain) + '_' + str(currentTime) + '.xml','w')
f.write(stix_package.to_xml())
f.close()
示例4: cybox_object_uri
# 需要导入模块: from cybox.objects.uri_object import URI [as 别名]
# 或者: from cybox.objects.uri_object.URI import condition [as 别名]
def cybox_object_uri(obj):
u = URI()
u.value = obj.uri_value
u.type_ = obj.uri_type
u.condition = obj.condition
return u