本文整理汇总了Python中stix.core.STIXHeader.title方法的典型用法代码示例。如果您正苦于以下问题:Python STIXHeader.title方法的具体用法?Python STIXHeader.title怎么用?Python STIXHeader.title使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类stix.core.STIXHeader的用法示例。
在下文中一共展示了STIXHeader.title方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: stix_pkg
# 需要导入模块: from stix.core import STIXHeader [as 别名]
# 或者: from stix.core.STIXHeader import title [as 别名]
def stix_pkg(config, src, endpoint, payload, title='random test data',
description='random test data',
package_intents='Indicators - Watchlist',
tlp_color='WHITE', dest=None):
'''package observables'''
# setup the xmlns...
xmlns_url = config['edge']['sites'][dest]['stix']['xmlns_url']
xmlns_name = config['edge']['sites'][dest]['stix']['xmlns_name']
set_stix_id_namespace({xmlns_url: xmlns_name})
set_cybox_id_namespace(Namespace(xmlns_url, xmlns_name))
# construct a stix package...
stix_package = STIXPackage()
stix_header = STIXHeader()
stix_header.title = title
stix_header.description = description
stix_header.package_intents = package_intents
marking = MarkingSpecification()
marking.controlled_structure = '../../../../descendant-or-self::node()'
tlp_marking = TLPMarkingStructure()
tlp_marking.color = tlp_color
marking.marking_structures.append(tlp_marking)
stix_package.stix_header = stix_header
stix_package.stix_header.handling = Marking()
stix_package.stix_header.handling.add_marking(marking)
if isinstance(payload, Observable):
stix_package.add_observable(payload)
elif isinstance(payload, Indicator):
stix_package.add_indicator(payload)
elif isinstance(payload, Incident):
stix_package.add_incident(payload)
return(stix_package)示例2: test_stix_header
# 需要导入模块: from stix.core import STIXHeader [as 别名]
# 或者: from stix.core.STIXHeader import title [as 别名]
def test_stix_header(self):
header = STIXHeader()
header.title = UNICODE_STR
header.description = UNICODE_STR
header.short_description = UNICODE_STR
header2 = round_trip(header)
self._test_equal(header, header2)示例3: test_to_xml_utf16_encoded
# 需要导入模块: from stix.core import STIXHeader [as 别名]
# 或者: from stix.core.STIXHeader import title [as 别名]
def test_to_xml_utf16_encoded(self):
encoding = 'utf-16'
s = STIXHeader()
s.title = UNICODE_STR
xml = s.to_xml(encoding=encoding)
print(xml)
self.assertTrue(UNICODE_STR in xml.decode(encoding))示例4: generateMainPackage
# 需要导入模块: from stix.core import STIXHeader [as 别名]
# 或者: from stix.core.STIXHeader import title [as 别名]
def generateMainPackage(events):
stix_package = STIXPackage()
stix_header = STIXHeader()
stix_header.title = "Export from " + namespace[1] + " MISP"
stix_header.package_intents = "Threat Report"
stix_package.stix_header = stix_header
return stix_package示例5: _add_header
# 需要导入模块: from stix.core import STIXHeader [as 别名]
# 或者: from stix.core.STIXHeader import title [as 别名]
def _add_header(self, stix_package, title, desc):
stix_header = STIXHeader()
stix_header.title = title
stix_header.description = desc
stix_header.information_source = InformationSource()
stix_header.information_source.time = CyboxTime()
stix_header.information_source.time.produced_time = datetime.now()
stix_package.stix_header = stix_header示例6: main
# 需要导入模块: from stix.core import STIXHeader [as 别名]
# 或者: from stix.core.STIXHeader import title [as 别名]
def main():
# get args
parser = argparse.ArgumentParser(
description="Parse an input JSON file and output STIX XML ",
formatter_class=argparse.ArgumentDefaultsHelpFormatter)
parser.add_argument("infile",help="input file")
parser.add_argument("--outfile","-o", help="output file")
args = parser.parse_args()
# We assume the input file is a flat JSON file
# format 'bot_name':[list,of,ips]
content = json.load(open(args.infile))
# Set up STIX document
stix_package = STIXPackage()
stix_header = STIXHeader()
stix_header.title = "C2 Server IP Addresses"
stix_header.add_package_intent (PackageIntent.TERM_INDICATORS_WATCHLIST)
stix_package.stix_header = stix_header
# Create Indicator and TTP for each item in JSON document
for item in content:
# Create TTP for C2 server
ttp = TTP()
ttp.title = item
stix_package.add_ttp(ttp)
# Create Indicator for C2 IP addresses
indicator = Indicator()
indicator.title = "IP addresses for known C2 channel"
indicator.description = "Bot connecting to control server"
# Add IPs for C2 node
addr = Address(address_value=content[item], category=Address.CAT_IPV4)
addr.address_value.condition= "Equals"
indicator.add_object(addr)
# Relate Indicator and TTP
indicator.add_indicated_ttp(TTP(idref=ttp.id_))
# Add Indicator to STIX PAckage
stix_package.add_indicator(indicator)
# Output to given file
# The context manager is just to make the output look nicer by ignoring
# warnings from to_xml()
with warnings.catch_warnings():
warnings.simplefilter("ignore")
stix_out = stix_package.to_xml()
if args.outfile:
fd = open(args.outfile,'w')
fd.write(stix_out)
else:
print stix_out示例7: _export_multi_json
# 需要导入模块: from stix.core import STIXHeader [as 别名]
# 或者: from stix.core.STIXHeader import title [as 别名]
def _export_multi_json():
from stix.core import STIXPackage, STIXHeader
if jsonPattern is None:
if streamFlag: #stream
fullFileName = "cifStream"
else:
fullFileName = myJsonFile
xmlFileName = outputFile
else:
fullFileName = jsonPath + myJsonFile + '.json'
fileName = "stix_" + str(myJsonFile)
xmlFileName = stixPath + fileName + '.xml'
if testMode:
print "-----------------File Name: -------- " + fullFileName
print "xmlFileName: " + xmlFileName
global log_string
log_string = log_string + "\n\n" + str(datetime.datetime.now().time()) + ": fullFileName: " + fullFileName + "\n"
log_string = log_string + str(datetime.datetime.now().time()) + ": xmlFileName: " + xmlFileName + "\n"
wholeJson = _prepare_json(fullFileName)
stix_package = STIXPackage()
stix_header = STIXHeader()
stix_header.description = "Search result from CIF with search parameter " + str(mySearchParam)
stix_header.title = "Indicators from search by " + str(mySearchParam)
stix_package.stix_header = stix_header
stix_header.package_intent = "Purpose: mitigation"
for x in wholeJson:
indicatorIns = _export_from_json_to_xml(json.loads(x))
stix_package.add_indicator(indicatorIns)
if streamFlag is False:
f = open(xmlFileName, 'w')
try:
f.write(stix_package.to_xml())
finally:
f.close()
#if testMode:
# print stix_package.to_xml()
log_string = log_string + str(datetime.datetime.now().time()) + ": -------------- STIX----------- \n\n" + stix_package.to_xml()
return stix_package.to_xml() 示例8: generateEventPackage
# 需要导入模块: from stix.core import STIXHeader [as 别名]
# 或者: from stix.core.STIXHeader import title [as 别名]
def generateEventPackage(event):
package_name = namespace[1] + ':STIXPackage-' + event["Event"]["uuid"]
stix_package = STIXPackage(id_=package_name)
stix_header = STIXHeader()
stix_header.title="MISP event #" + event["Event"]["id"] + " uuid: " + event["Event"]["uuid"]
stix_header.package_intents="Threat Report"
stix_package.stix_header = stix_header
objects = generateSTIXObjects(event)
incident = objects[0]
ttps = objects[1]
stix_package.add_incident(incident)
for ttp in ttps:
stix_package.add_ttp(ttp)
return stix_package示例9: test_utf16_roundtrip
# 需要导入模块: from stix.core import STIXHeader [as 别名]
# 或者: from stix.core.STIXHeader import title [as 别名]
def test_utf16_roundtrip(self):
sh = STIXHeader()
sh.title = UNICODE_STR
sp = STIXPackage()
sp.stix_header = sh
# serialize as utf-16
xml16 = sp.to_xml(encoding="utf-16")
# deserialize as utf-16
sp2 = STIXPackage.from_xml(StringIO(xml16), encoding="utf-16")
sh2 = sp2.stix_header
# check that the titles align
self.assertEqual(sh.title, sh2.title)示例10: generateEventPackage
# 需要导入模块: from stix.core import STIXHeader [as 别名]
# 或者: from stix.core.STIXHeader import title [as 别名]
def generateEventPackage(event):
package_name = namespace[1] + ":STIXPackage-" + event["Event"]["uuid"]
timestamp = getDateFromTimestamp(int(event["Event"]["timestamp"]))
stix_package = STIXPackage(id_=package_name, timestamp=timestamp)
stix_header = STIXHeader()
stix_header.title = event["Event"]["info"] + " (MISP Event #" + event["Event"]["id"] + ")"
stix_header.package_intents = "Threat Report"
stix_package.stix_header = stix_header
objects = generateSTIXObjects(event)
incident = objects[0]
ttps = objects[1]
stix_package.add_incident(incident)
for ttp in ttps:
stix_package.add_ttp(ttp)
return stix_package示例11: gen_stix_indicator_sample
# 需要导入模块: from stix.core import STIXHeader [as 别名]
# 或者: from stix.core.STIXHeader import title [as 别名]
def gen_stix_indicator_sample(
config,
target=None,
datatype=None,
title="random test data",
description="random test data",
package_intents="Indicators - Watchlist",
tlp_color="WHITE",
observables_list=None,
):
"""generate sample stix data comprised of indicator_count
indicators of type datatype"""
# setup the xmlns...
xmlns_url = config["edge"]["sites"][target]["stix"]["xmlns_url"]
xmlns_name = config["edge"]["sites"][target]["stix"]["xmlns_name"]
set_stix_id_namespace({xmlns_url: xmlns_name})
set_cybox_id_namespace(Namespace(xmlns_url, xmlns_name))
# construct a stix package...
stix_package = STIXPackage()
stix_header = STIXHeader()
stix_header.title = title
stix_header.description = description
stix_header.package_intents = package_intents
marking = MarkingSpecification()
marking.controlled_structure = "../../../../descendant-or-self::node()"
tlp_marking = TLPMarkingStructure()
tlp_marking.color = tlp_color
marking.marking_structures.append(tlp_marking)
stix_package.stix_header = stix_header
stix_package.stix_header.handling = Marking()
stix_package.stix_header.handling.add_marking(marking)
indicator_ = Indicator()
indicator_.title = str(uuid.uuid4()) + "_sample_indicator"
indicator_.confidence = "Unknown"
indicator_.add_indicator_type("Malware Artifacts")
observable_composition_ = ObservableComposition()
observable_composition_.operator = indicator_.observable_composition_operator
for observable_id in observables_list:
observable_ = Observable()
observable_.idref = observable_id
observable_composition_.add(observable_)
indicator_.observable = Observable()
indicator_.observable.observable_composition = observable_composition_
stix_package.add_indicator(indicator_)
return stix_package示例12: wrap_maec
# 需要导入模块: from stix.core import STIXHeader [as 别名]
# 或者: from stix.core.STIXHeader import title [as 别名]
def wrap_maec(maec_package, file_name=None):
"""Wrap a MAEC Package in a STIX TTP/Package. Return the newly created STIX Package.
Args:
maec_package: the ``maec.package.package.Package`` instance to wrap in STIX.
file_name: the name of the input file from which the MAEC Package originated,
to be used in the Title of the STIX TTP that wraps the MAEC Package. Optional.
Returns:
A ``stix.STIXPackage`` instance with a single TTP that wraps the input MAEC Package.
"""
# Set the namespace to be used in the STIX Package
stix.utils.set_id_namespace({"https://github.com/MAECProject/maec-to-stix":"MAECtoSTIX"})
# Create the STIX MAEC Instance
maec_malware_instance = MAECInstance()
maec_malware_instance.maec = maec_package
# Create the STIX TTP that includes the MAEC Instance
ttp = TTP()
ttp.behavior = Behavior()
ttp.behavior.add_malware_instance(maec_malware_instance)
# Create the STIX Package and add the TTP to it
stix_package = STIXPackage()
stix_package.add_ttp(ttp)
# Create the STIX Header and add it to the Package
stix_header = STIXHeader()
if file_name:
stix_header.title = "STIX TTP wrapper around MAEC file: " + str(file_name)
stix_header.add_package_intent("Malware Characterization")
# Add the Information Source to the STIX Header
tool_info = ToolInformation()
stix_header.information_source = InformationSource()
tool_info.name = "MAEC to STIX"
tool_info.version = str(maec_to_stix.__version__)
stix_header.information_source.tools = ToolInformationList(tool_info)
stix_package.stix_header = stix_header
return stix_package示例13: gen_stix_indicator_sample
# 需要导入模块: from stix.core import STIXHeader [as 别名]
# 或者: from stix.core.STIXHeader import title [as 别名]
def gen_stix_indicator_sample(config, target=None, datatype=None,
title='random test data',
description='random test data',
package_intents='Indicators - Watchlist',
tlp_color='WHITE', observables_list=None):
'''generate sample stix data comprised of indicator_count
indicators of type datatype'''
# setup the xmlns...
xmlns_url = config['edge']['sites'][target]['stix']['xmlns_url']
xmlns_name = config['edge']['sites'][target]['stix']['xmlns_name']
set_stix_id_namespace({xmlns_url: xmlns_name})
set_cybox_id_namespace(Namespace(xmlns_url, xmlns_name))
# construct a stix package...
stix_package = STIXPackage()
stix_header = STIXHeader()
stix_header.title = title
stix_header.description = description
stix_header.package_intents = package_intents
marking = MarkingSpecification()
marking.controlled_structure = '../../../../descendant-or-self::node()'
tlp_marking = TLPMarkingStructure()
tlp_marking.color = tlp_color
marking.marking_structures.append(tlp_marking)
stix_package.stix_header = stix_header
stix_package.stix_header.handling = Marking()
stix_package.stix_header.handling.add_marking(marking)
indicator_ = Indicator()
indicator_.title = str(uuid.uuid4()) + '_sample_indicator'
indicator_.confidence = 'Unknown'
indicator_.add_indicator_type('Malware Artifacts')
observable_composition_ = ObservableComposition()
observable_composition_.operator = \
indicator_.observable_composition_operator
for observable_id in observables_list:
observable_ = Observable()
observable_.idref = observable_id
observable_composition_.add(observable_)
indicator_.observable = Observable()
indicator_.observable.observable_composition = observable_composition_
stix_package.add_indicator(indicator_)
return(stix_package)示例14: _create_stix_package
# 需要导入模块: from stix.core import STIXHeader [as 别名]
# 或者: from stix.core.STIXHeader import title [as 别名]
def _create_stix_package(self):
"""Create and return a STIX Package with the basic information populated.
Returns:
A ``stix.STIXPackage`` object with a STIX Header that describes the intent of
the package in terms of capturing malware artifacts, along with some associated
metadata.
"""
stix_package = STIXPackage()
stix_header = STIXHeader()
stix_header.add_package_intent("Indicators - Malware Artifacts")
if self.file_name:
stix_header.title = "STIX Indicators extracted from MAEC file: " + str(self.file_name)
# Add the Information Source to the STIX Header
tool_info = ToolInformation()
stix_header.information_source = InformationSource()
tool_info.name = "MAEC to STIX"
tool_info.version = str(__version__)
stix_header.information_source.tools = ToolInformationList(tool_info)
stix_package.stix_header = stix_header
return stix_package示例15: alta_informacion
# 需要导入模块: from stix.core import STIXHeader [as 别名]
# 或者: from stix.core.STIXHeader import title [as 别名]
def alta_informacion(request):
#"""
#When in GET method return all the Content Blocks.
#When in POST method, given a content binding id, a title, description and content we create a Content Block.
#"""
logger = logging.getLogger('TAXIIApplication.rest.views.alta_informacion')
logger.debug('Entering alta_informacion')
logger.debug(request.method)
if request.method == 'GET':
content = ContentBlock.objects.all()
serializer = ContentBlockSerializer(content, many=True)
return Response(serializer.data)
elif request.method == 'POST':
cont = request.DATA.get('content')
c = StringIO.StringIO(cont)
logger.debug(request.DATA.get('content_binding'))
observables_obj = cybox_core_binding.parse(c)
observables = Observables.from_obj(observables_obj)
logger.debug(str(observables))
stix_package = STIXPackage()
stix_header = STIXHeader()
stix_header.description = request.DATA.get('description')
stix_header.title = request.DATA.get('title')
stix_package.stix_header = stix_header
stix_package.add_observable(observables)
content_binding = ContentBindingId.objects.get(id=1)
cb = ContentBlock(title=request.DATA.get('title'), description=request.DATA.get('description') ,content_binding=content_binding, content=stix_package.to_xml())
cb.save()
df = DataFeed.objects.get(name='default')
df.content_blocks.add(cb)
return Response(status=status.HTTP_201_CREATED)