本文整理汇总了Python中stix.core.STIXPackage.add_report方法的典型用法代码示例。如果您正苦于以下问题:Python STIXPackage.add_report方法的具体用法?Python STIXPackage.add_report怎么用?Python STIXPackage.add_report使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类stix.core.STIXPackage的用法示例。
在下文中一共展示了STIXPackage.add_report方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: main
# 需要导入模块: from stix.core import STIXPackage [as 别名]
# 或者: from stix.core.STIXPackage import add_report [as 别名]
def main():
campaign = Campaign(title="Campaign against ICS")
ttp = TTP(title="DrownedRat")
alpha_report = Report()
alpha_report.header = Header()
alpha_report.header.title = "Report on Adversary Alpha's Campaign against the Industrial Control Sector"
alpha_report.header.descriptions = "Adversary Alpha has a campaign against the ICS sector!"
alpha_report.header.intents = "Campaign Characterization"
alpha_report.add_campaign(Campaign(idref=campaign._id))
rat_report = Report()
rat_report.header = Header()
rat_report.header.title = "Indicators for Malware DrownedRat"
rat_report.header.intents = "Indicators - Malware Artifacts"
rat_report.add_ttp(TTP(idref=ttp._id))
wrapper = STIXPackage()
info_src = InformationSource()
info_src.identity = Identity(name="Government Sharing Program - GSP")
wrapper.stix_header = STIXHeader(information_source=info_src)
wrapper.add_report(alpha_report)
wrapper.add_report(rat_report)
wrapper.add_campaign(campaign)
wrapper.add_ttp(ttp)
print wrapper.to_xml()示例2: build_stix
# 需要导入模块: from stix.core import STIXPackage [as 别名]
# 或者: from stix.core.STIXPackage import add_report [as 别名]
def build_stix( input_dict ):
# setup stix document
stix_package = STIXPackage()
stix_header = STIXHeader()
stix_header.description = "TTP " + input_dict['title']
# Add handling requirements if needed
if input_dict['marking']:
mark = SimpleMarkingStructure()
mark.statement = input_dict['marking']
mark_spec = MarkingSpecification()
mark_spec.marking_structures.append(mark)
stix_header.handling = Marking(mark_spec)
stix_package.stix_header = stix_header
report = Report()
if input_dict['incidents']:
for each in input_dict['incidents'].split(','):
result = query_db('select * from incidents where id = ?',
[each], one=True)
report.add_incident(buildIncident(result))
if input_dict['ttps']:
for each in input_dict['ttps'].split(','):
result = query_db('select * from ttps where id = ?',
[each], one=True)
report.add_ttp(buildTtp(result))
if input_dict['indicators']:
for each in input_dict['indicators'].split(','):
result = query_db('select * from indicators where id = ?',
[each], one=True)
report.add_indicator(buildIndicator(result))
if input_dict['observables']:
for each in input_dict['observables'].split(','):
result = query_db('select * from observables where id = ?',
[each], one=True)
report.add_observable(buildObservable(result))
if input_dict['threatActors']:
for each in input_dict['threatActors'].split(','):
result = query_db('select * from threatActors where id = ?',
[each], one=True)
report.add_threat_actor(buildThreatActor(result))
if input_dict['targets']:
for each in input_dict['targets'].split(','):
result = query_db('select * from targets where id = ?',
[each], one=True)
report.add_exploit_target(buildTarget(result))
if input_dict['coas']:
for each in input_dict['coas'].split(','):
result = query_db('select * from coas where id = ?',
[each], one=True)
report.add_course_of_action(buildCoa(result))
if input_dict['campaigns']:
for each in input_dict['campaigns'].split(','):
result = query_db('select * from campaigns where id = ?',
[each], one=True)
report.add_campaign(buildCampaign(result))
stix_package.add_report(report)
return stix_package