本文整理匯總了Python中pymisp.ExpandedPyMISP方法的典型用法代碼示例。如果您正苦於以下問題:Python pymisp.ExpandedPyMISP方法的具體用法?Python pymisp.ExpandedPyMISP怎麽用?Python pymisp.ExpandedPyMISP使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類pymisp
的用法示例。
在下文中一共展示了pymisp.ExpandedPyMISP方法的5個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: __init__
# 需要導入模塊: import pymisp [as 別名]
# 或者: from pymisp import ExpandedPyMISP [as 別名]
def __init__(self, url, key, ssl=True, tags=None, artifact_types=None, filter_string=None, allowed_sources=None):
"""MISP operator."""
self.api = pymisp.ExpandedPyMISP(url, key, ssl)
if tags:
self.tags = tags
else:
self.tags = ['type:OSINT']
self.event_info = 'ThreatIngestor Event: {source_name}'
super(Plugin, self).__init__(
artifact_types, filter_string, allowed_sources
)
self.artifact_types = artifact_types or [
threatingestor.artifacts.Domain,
threatingestor.artifacts.Hash,
threatingestor.artifacts.IPAddress,
threatingestor.artifacts.URL,
threatingestor.artifacts.YARASignature,
]
示例2: mock_misp
# 需要導入模塊: import pymisp [as 別名]
# 或者: from pymisp import ExpandedPyMISP [as 別名]
def mock_misp(mocker):
from pymisp import ExpandedPyMISP
mocker.patch.object(ExpandedPyMISP, '__init__', return_value=None)
示例3: __init__
# 需要導入模塊: import pymisp [as 別名]
# 或者: from pymisp import ExpandedPyMISP [as 別名]
def __init__(self, url, key, ssl=True, name='Unnamed', proxies=None):
self.misp_connections = []
if type(url) is list:
for idx, server in enumerate(url):
verify = True
# Given ssl parameter is a list
if isinstance(ssl, list):
if isinstance(ssl[idx], str) and os.path.isfile(ssl[idx]):
verify = ssl[idx]
elif isinstance(ssl[idx], str) and not os.path.isfile(ssl[idx]) and ssl[idx] != "":
raise CertificateNotFoundError('Certificate not found under {}.'.format(ssl[idx]))
elif isinstance(ssl[idx], bool):
verify = ssl[idx]
# Do the same checks again, for the non-list type
elif isinstance(ssl, str) and os.path.isfile(ssl):
verify = ssl
elif isinstance(ssl, str) and not os.path.isfile(ssl) and ssl != "":
raise CertificateNotFoundError('Certificate not found under {}.'.format(ssl))
elif isinstance(ssl, bool):
verify = ssl
self.misp_connections.append(pymisp.ExpandedPyMISP(url=server,
key=key[idx],
ssl=verify,
proxies=proxies))
else:
verify = True
if isinstance(ssl, str) and os.path.isfile(ssl):
verify = ssl
elif isinstance(ssl, str) and not os.path.isfile(ssl) and ssl != "":
raise CertificateNotFoundError('Certificate not found under {}.'.format(ssl))
elif isinstance(ssl, bool):
verify = ssl
self.misp_connections.append(pymisp.ExpandedPyMISP(url=url,
key=key,
ssl=verify,
proxies=proxies))
self.misp_name = name
示例4: __init__
# 需要導入模塊: import pymisp [as 別名]
# 或者: from pymisp import ExpandedPyMISP [as 別名]
def __init__(self, config=None, parameters=None):
self.misp = None
if not config:
raise MaltegoException("ERROR: MISP connection not yet established, and config not provided as parameter.")
misp_verify = True
misp_debug = False
misp_url = None
misp_key = None
try:
if is_local_exec_mode():
misp_url = config['MISP_maltego.local.misp_url']
misp_key = config['MISP_maltego.local.misp_key']
if config['MISP_maltego.local.misp_verify'] in ['False', 'false', 0, 'no', 'No']:
misp_verify = False
if config['MISP_maltego.local.misp_debug'] in ['True', 'true', 1, 'yes', 'Yes']:
misp_debug = True
else:
try:
misp_url = parameters['mispurl'].value
misp_key = parameters['mispkey'].value
except AttributeError:
raise MaltegoException("ERROR: mispurl and mispkey need to be set to something valid")
self.misp = PyMISP(misp_url, misp_key, misp_verify, 'json', misp_debug, tool='misp_maltego')
except Exception:
if is_local_exec_mode():
raise MaltegoException("ERROR: Cannot connect to MISP server. Please verify your MISP_Maltego.conf settings.")
else:
raise MaltegoException("ERROR: Cannot connect to MISP server. Please verify your settings (MISP URL and API key), and ensure the MISP server is reachable from the internet.")
示例5: __init__
# 需要導入模塊: import pymisp [as 別名]
# 或者: from pymisp import ExpandedPyMISP [as 別名]
def __init__(self):
# Instantiate the connector helper from config
config_file_path = os.path.dirname(os.path.abspath(__file__)) + "/config.yml"
config = (
yaml.load(open(config_file_path), Loader=yaml.FullLoader)
if os.path.isfile(config_file_path)
else {}
)
self.helper = OpenCTIConnectorHelper(config)
# Extra config
self.misp_url = get_config_variable("MISP_URL", ["misp", "url"], config)
self.misp_key = get_config_variable("MISP_KEY", ["misp", "key"], config)
self.misp_ssl_verify = get_config_variable(
"MISP_SSL_VERIFY", ["misp", "ssl_verify"], config
)
self.misp_create_report = get_config_variable(
"MISP_CREATE_REPORTS", ["misp", "create_reports"], config
)
self.misp_report_class = (
get_config_variable("MISP_REPORT_CLASS", ["misp", "report_class"], config)
or "MISP Event"
)
self.misp_import_from_date = get_config_variable(
"MISP_IMPORT_FROM_DATE", ["misp", "import_from_date"], config
)
self.misp_import_tags = get_config_variable(
"MISP_IMPORT_TAGS", ["misp", "import_tags"], config
)
self.misp_import_tags_not = get_config_variable(
"MISP_IMPORT_TAGS_NOT", ["misp", "import_tags_not"], config
)
self.import_creator_orgs = get_config_variable(
"MISP_IMPORT_CREATOR_ORGS", ["misp", "import_creator_orgs"], config
)
self.import_owner_orgs = get_config_variable(
"MISP_IMPORT_OWNER_ORGS", ["misp", "import_owner_orgs"], config
)
self.import_distribution_levels = get_config_variable(
"MISP_IMPORT_DISTRIBUTION_LEVELS",
["misp", "import_distribution_levels"],
config,
)
self.import_threat_levels = get_config_variable(
"MISP_IMPORT_THREAT_LEVELS", ["misp", "import_threat_levels"], config
)
self.misp_interval = get_config_variable(
"MISP_INTERVAL", ["misp", "interval"], config, True
)
self.update_existing_data = get_config_variable(
"CONNECTOR_UPDATE_EXISTING_DATA",
["connector", "update_existing_data"],
config,
)
# Initialize MISP
self.misp = ExpandedPyMISP(
url=self.misp_url, key=self.misp_key, ssl=self.misp_ssl_verify, debug=False
)