def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
super(CourseOfAction, cls).from_obj(obj, return_obj=return_obj)
if isinstance(obj,
cls._binding_class): # CourseOfActionType properties
return_obj.title = obj.Title
return_obj.stage = VocabString.from_obj(obj.Stage)
return_obj.type_ = VocabString.from_obj(obj.Type)
return_obj.objective = Objective.from_obj(obj.Objective)
return_obj.parameter_observables = \
Observables.from_obj(obj.Parameter_Observables)
return_obj.impact = Statement.from_obj(obj.Impact)
return_obj.cost = Statement.from_obj(obj.Cost)
return_obj.efficacy = Statement.from_obj(obj.Efficacy)
return_obj.related_coas = \
RelatedCOAs.from_obj(obj.Related_COAs)
return_obj.related_packages = \
related.RelatedPackageRefs.from_obj(obj.Related_Packages)
return_obj.structured_coa = \
_BaseStructuredCOA.from_obj(obj.Structured_COA)
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.timestamp = obj.get_timestamp()
if isinstance(obj, cls._binding_class): # ThreatActorType properties
return_obj.version = obj.get_version() if obj.get_version() else cls._version
return_obj.title = obj.get_Title()
return_obj.description = StructuredText.from_obj(obj.get_Description())
return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
return_obj.identity = Identity.from_obj(obj.get_Identity())
return_obj.types = [Statement.from_obj(x) for x in obj.get_Type()]
return_obj.motivations = [Statement.from_obj(x) for x in obj.get_Motivation()]
return_obj.sophistications = [Statement.from_obj(x) for x in obj.get_Sophistication()]
return_obj.intended_effects = [Statement.from_obj(x) for x in obj.get_Intended_Effect()]
return_obj.planning_and_operational_supports = [Statement.from_obj(x) for x in obj.get_Planning_And_Operational_Support()]
return_obj.observed_ttps = ObservedTTPs.from_obj(obj.get_Observed_TTPs())
return_obj.associated_campaigns = AssociatedCampaigns.from_obj(obj.get_Associated_Campaigns())
return_obj.associated_actors = AssociatedActors.from_obj(obj.get_Associated_Actors())
return_obj.handling = Marking.from_obj(obj.get_Handling())
return_obj.confidence = Confidence.from_obj(obj.get_Confidence())
return_obj.information_source = InformationSource.from_obj(obj.get_Information_Source())
return_obj.related_packages = RelatedPackageRefs.from_obj(obj.get_Related_Packages())
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.timestamp = obj.timestamp
if isinstance(obj, cls._binding_class): # CourseOfActionType properties
return_obj.version = obj.version
return_obj.title = obj.Title
return_obj.stage = VocabString.from_obj(obj.Stage)
return_obj.type_ = VocabString.from_obj(obj.Type)
return_obj.description = StructuredText.from_obj(obj.Description)
return_obj.short_description = StructuredText.from_obj(obj.Short_Description)
return_obj.objective = Objective.from_obj(obj.Objective)
return_obj.parameter_observables = \
Observables.from_obj(obj.Parameter_Observables)
return_obj.impact = Statement.from_obj(obj.Impact)
return_obj.cost = Statement.from_obj(obj.Cost)
return_obj.efficacy = Statement.from_obj(obj.Efficacy)
return_obj.information_source = InformationSource.from_obj(obj.Information_Source)
return_obj.handling = Marking.from_obj(obj.Handling)
return_obj.related_coas = \
RelatedCOAs.from_obj(obj.Related_COAs)
return_obj.related_packages = \
RelatedPackageRefs.from_obj(obj.Related_Packages)
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.timestamp = obj.timestamp
if isinstance(obj, cls._binding_class): # ThreatActorType properties
return_obj.version = obj.version
return_obj.title = obj.Title
return_obj.description = StructuredText.from_obj(obj.Description)
return_obj.short_description = StructuredText.from_obj(obj.Short_Description)
return_obj.identity = Identity.from_obj(obj.Identity)
return_obj.types = [Statement.from_obj(x) for x in obj.Type]
return_obj.motivations = [Statement.from_obj(x) for x in obj.Motivation]
return_obj.sophistications = [Statement.from_obj(x) for x in obj.Sophistication]
return_obj.intended_effects = [Statement.from_obj(x) for x in obj.Intended_Effect]
return_obj.planning_and_operational_supports = [Statement.from_obj(x) for x in obj.Planning_And_Operational_Support]
return_obj.observed_ttps = ObservedTTPs.from_obj(obj.Observed_TTPs)
return_obj.associated_campaigns = AssociatedCampaigns.from_obj(obj.Associated_Campaigns)
return_obj.associated_actors = AssociatedActors.from_obj(obj.Associated_Actors)
return_obj.handling = Marking.from_obj(obj.Handling)
return_obj.confidence = Confidence.from_obj(obj.Confidence)
return_obj.information_source = InformationSource.from_obj(obj.Information_Source)
return_obj.related_packages = RelatedPackageRefs.from_obj(obj.Related_Packages)
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
super(CourseOfAction, cls).from_obj(obj, return_obj=return_obj)
if isinstance(obj, cls._binding_class): # CourseOfActionType properties
return_obj.title = obj.Title
return_obj.stage = VocabString.from_obj(obj.Stage)
return_obj.type_ = VocabString.from_obj(obj.Type)
return_obj.objective = Objective.from_obj(obj.Objective)
return_obj.parameter_observables = \
Observables.from_obj(obj.Parameter_Observables)
return_obj.impact = Statement.from_obj(obj.Impact)
return_obj.cost = Statement.from_obj(obj.Cost)
return_obj.efficacy = Statement.from_obj(obj.Efficacy)
return_obj.related_coas = \
RelatedCOAs.from_obj(obj.Related_COAs)
return_obj.related_packages = \
related.RelatedPackageRefs.from_obj(obj.Related_Packages)
return_obj.structured_coa = \
_BaseStructuredCOA.from_obj(obj.Structured_COA)
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.timestamp = obj.timestamp
if isinstance(obj, cls._binding_class): # CourseOfActionType properties
return_obj.version = obj.version
return_obj.title = obj.Title
return_obj.stage = VocabString.from_obj(obj.Stage)
return_obj.type_ = VocabString.from_obj(obj.Type)
return_obj.description = StructuredText.from_obj(obj.Description)
return_obj.short_description = StructuredText.from_obj(obj.Short_Description)
return_obj.objective = Objective.from_obj(obj.Objective)
return_obj.parameter_observables = \
Observables.from_obj(obj.Parameter_Observables)
return_obj.impact = Statement.from_obj(obj.Impact)
return_obj.cost = Statement.from_obj(obj.Cost)
return_obj.efficacy = Statement.from_obj(obj.Efficacy)
return_obj.information_source = InformationSource.from_obj(obj.Information_Source)
return_obj.handling = Marking.from_obj(obj.Handling)
return_obj.related_coas = \
RelatedCOAs.from_obj(obj.Related_COAs)
return_obj.related_packages = \
RelatedPackageRefs.from_obj(obj.Related_Packages)
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.timestamp = obj.get_timestamp()
if isinstance(obj, cls._binding_class): # CourseOfActionType properties
return_obj.version = obj.get_version() or cls._version
return_obj.title = obj.get_Title()
return_obj.stage = VocabString.from_obj(obj.get_Stage())
return_obj.type_ = VocabString.from_obj(obj.get_Type())
return_obj.description = StructuredText.from_obj(obj.get_Description())
return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
return_obj.objective = Objective.from_obj(obj.get_Objective())
return_obj.parameter_observables = \
Observables.from_obj(obj.get_Parameter_Observables())
return_obj.impact = Statement.from_obj(obj.get_Impact())
return_obj.cost = Statement.from_obj(obj.get_Cost())
return_obj.efficacy = Statement.from_obj(obj.get_Efficacy())
return_obj.information_source = InformationSource.from_obj(obj.get_Information_Source())
return_obj.handling = Marking.from_obj(obj.get_Handling())
return_obj.related_coas = \
RelatedCOAs.from_obj(obj.get_Related_COAs())
return_obj.related_packages = \
RelatedPackageRefs.from_obj(obj.get_Related_Packages())
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.timestamp = obj.get_timestamp()
if isinstance(obj,
cls._binding_class): # CourseOfActionType properties
return_obj.version = obj.get_version() or cls._version
return_obj.title = obj.get_Title()
return_obj.stage = VocabString.from_obj(obj.get_Stage())
return_obj.type_ = VocabString.from_obj(obj.get_Type())
return_obj.description = StructuredText.from_obj(
obj.get_Description())
return_obj.short_description = StructuredText.from_obj(
obj.get_Short_Description())
return_obj.objective = Objective.from_obj(obj.get_Objective())
return_obj.parameter_observables = \
Observables.from_obj(obj.get_Parameter_Observables())
return_obj.impact = Statement.from_obj(obj.get_Impact())
return_obj.cost = Statement.from_obj(obj.get_Cost())
return_obj.efficacy = Statement.from_obj(obj.get_Efficacy())
return_obj.information_source = InformationSource.from_obj(
obj.get_Information_Source())
return_obj.handling = Marking.from_obj(obj.get_Handling())
return_obj.related_coas = \
RelatedCOAs.from_obj(obj.get_Related_COAs())
return_obj.related_packages = \
RelatedPackageRefs.from_obj(obj.get_Related_Packages())
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.timestamp = obj.timestamp
if isinstance(obj, cls._binding_class): # TTPType properties
return_obj.version = obj.version
return_obj.title = obj.Title
return_obj.description = StructuredText.from_obj(obj.Description)
return_obj.short_description = StructuredText.from_obj(obj.Short_Description)
return_obj.behavior = Behavior.from_obj(obj.Behavior)
return_obj.related_ttps = RelatedTTPs.from_obj(obj.Related_TTPs)
return_obj.exploit_targets = ExploitTargets.from_obj(obj.Exploit_Targets)
return_obj.information_source = InformationSource.from_obj(obj.Information_Source)
return_obj.resources = Resource.from_obj(obj.Resources)
return_obj.victim_targeting = VictimTargeting.from_obj(obj.Victim_Targeting)
return_obj.handling = Marking.from_obj(obj.Handling)
if obj.Intended_Effect:
return_obj.intended_effects = [Statement.from_obj(x) for x in obj.Intended_Effect]
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
super(Indicator, cls).from_obj(obj, return_obj=return_obj)
if isinstance(obj, cls._binding_class):
return_obj.negate = obj.negate
return_obj.producer = InformationSource.from_obj(obj.Producer)
return_obj.confidence = Confidence.from_obj(obj.Confidence)
return_obj.sightings = Sightings.from_obj(obj.Sightings)
return_obj.composite_indicator_expression = CompositeIndicatorExpression.from_obj(obj.Composite_Indicator_Expression)
return_obj.kill_chain_phases = KillChainPhasesReference.from_obj(obj.Kill_Chain_Phases)
return_obj.related_indicators = RelatedIndicators.from_obj(obj.Related_Indicators)
return_obj.likely_impact = Statement.from_obj(obj.Likely_Impact)
return_obj.indicator_types = IndicatorTypes.from_obj(obj.Type)
return_obj.test_mechanisms = TestMechanisms.from_obj(obj.Test_Mechanisms)
return_obj.suggested_coas = SuggestedCOAs.from_obj(obj.Suggested_COAs)
return_obj.alternative_id = obj.Alternative_ID
return_obj.indicated_ttps = _IndicatedTTPs.from_obj(obj.Indicated_TTP)
return_obj.valid_time_positions = _ValidTimePositions.from_obj(obj.Valid_Time_Position)
return_obj.observable = Observable.from_obj(obj.Observable)
return_obj.related_campaigns = RelatedCampaignRefs.from_obj(obj.Related_Campaigns)
return_obj.related_packages = RelatedPackageRefs.from_obj(obj.Related_Packages)
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.timestamp = obj.timestamp
if isinstance(obj, cls._binding_class): # TTPType properties
return_obj.version = obj.version
return_obj.title = obj.Title
return_obj.description = StructuredText.from_obj(obj.Description)
return_obj.short_description = StructuredText.from_obj(
obj.Short_Description)
return_obj.behavior = Behavior.from_obj(obj.Behavior)
return_obj.related_ttps = RelatedTTPs.from_obj(obj.Related_TTPs)
return_obj.exploit_targets = ExploitTargets.from_obj(
obj.Exploit_Targets)
return_obj.information_source = InformationSource.from_obj(
obj.Information_Source)
return_obj.resources = Resource.from_obj(obj.Resources)
return_obj.victim_targeting = VictimTargeting.from_obj(
obj.Victim_Targeting)
return_obj.handling = Marking.from_obj(obj.Handling)
if obj.Intended_Effect:
return_obj.intended_effects = [
Statement.from_obj(x) for x in obj.Intended_Effect
]
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.timestamp = obj.get_timestamp() # not yet implemented
if isinstance(obj, cls._binding_class): # TTPType properties
return_obj.version = obj.get_version() or cls._version
return_obj.title = obj.get_Title()
return_obj.description = StructuredText.from_obj(obj.get_Description())
return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
return_obj.behavior = Behavior.from_obj(obj.get_Behavior())
return_obj.related_ttps = RelatedTTPs.from_obj(obj.get_Related_TTPs())
return_obj.information_source = InformationSource.from_obj(obj.get_Information_Source())
return_obj.resources = Resource.from_obj(obj.get_Resources())
return_obj.victim_targeting = VictimTargeting.from_obj(obj.get_Victim_Targeting())
if obj.get_Intended_Effect():
return_obj.intended_effects = [Statement.from_obj(x) for x in obj.get_Intended_Effect()]
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.timestamp = obj.get_timestamp()
if isinstance(obj, cls._binding_class):
return_obj.version = obj.get_version() or cls._version
return_obj.title = obj.get_Title()
return_obj.description = StructuredText.from_obj(obj.get_Description())
return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
return_obj.time = Time.from_obj(obj.get_Time())
if obj.get_Victim():
return_obj.victims = [Identity.from_obj(x) for x in obj.get_Victim()]
if obj.get_Categories():
return_obj.categories = [IncidentCategory.from_obj(x) for x in obj.get_Categories().get_Category()]
if obj.get_Intended_Effect():
return_obj.intended_effects = [Statement.from_obj(x) for x in obj.get_Intended_Effect()]
if obj.get_Affected_Assets():
return_obj.affected_assets = [AffectedAsset.from_obj(x) for x in obj.get_Affected_Assets().get_Affected_Asset()]
return_obj.attributed_threat_actors = AttributedThreatActors.from_obj(obj.get_Attributed_Threat_Actors())
return_obj.related_indicators = RelatedIndicators.from_obj(obj.get_Related_Indicators())
return_obj.related_observables = RelatedObservable.from_obj(obj.get_Related_Observables())
return_obj.leveraged_ttps = LeveragedTTPs.from_obj(obj.get_Leveraged_TTPs())
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.timestamp = obj.get_timestamp()
if isinstance(obj, cls._binding_class): # TTPType properties
return_obj.version = obj.get_version() or cls._version
return_obj.title = obj.get_Title()
return_obj.description = StructuredText.from_obj(
obj.get_Description())
return_obj.short_description = StructuredText.from_obj(
obj.get_Short_Description())
return_obj.behavior = Behavior.from_obj(obj.get_Behavior())
return_obj.related_ttps = RelatedTTPs.from_obj(
obj.get_Related_TTPs())
return_obj.exploit_targets = ExploitTargets.from_obj(
obj.get_Exploit_Targets())
return_obj.information_source = InformationSource.from_obj(
obj.get_Information_Source())
return_obj.resources = Resource.from_obj(obj.get_Resources())
return_obj.victim_targeting = VictimTargeting.from_obj(
obj.get_Victim_Targeting())
if obj.get_Intended_Effect():
return_obj.intended_effects = [
Statement.from_obj(x) for x in obj.get_Intended_Effect()
]
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.timestamp = obj.get_timestamp()
if isinstance(obj, cls._binding_class): # ThreatActorType properties
return_obj.version = obj.get_version() if obj.get_version(
) else cls._version
return_obj.title = obj.get_Title()
return_obj.description = StructuredText.from_obj(
obj.get_Description())
return_obj.short_description = StructuredText.from_obj(
obj.get_Short_Description())
return_obj.identity = Identity.from_obj(obj.get_Identity())
return_obj.types = [Statement.from_obj(x) for x in obj.get_Type()]
return_obj.motivations = [
Statement.from_obj(x) for x in obj.get_Motivation()
]
return_obj.sophistications = [
Statement.from_obj(x) for x in obj.get_Sophistication()
]
return_obj.intended_effects = [
Statement.from_obj(x) for x in obj.get_Intended_Effect()
]
return_obj.planning_and_operational_supports = [
Statement.from_obj(x)
for x in obj.get_Planning_And_Operational_Support()
]
return_obj.observed_ttps = ObservedTTPs.from_obj(
obj.get_Observed_TTPs())
return_obj.associated_campaigns = AssociatedCampaigns.from_obj(
obj.get_Associated_Campaigns())
return_obj.associated_actors = AssociatedActors.from_obj(
obj.get_Associated_Actors())
return_obj.handling = Marking.from_obj(obj.get_Handling())
return_obj.confidence = Confidence.from_obj(obj.get_Confidence())
return_obj.information_source = InformationSource.from_obj(
obj.get_Information_Source())
return_obj.related_packages = RelatedPackageRefs.from_obj(
obj.get_Related_Packages())
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.timestamp = obj.timestamp
if isinstance(obj, cls._binding_class): # ThreatActorType properties
return_obj.version = obj.version
return_obj.title = obj.Title
return_obj.description = StructuredText.from_obj(obj.Description)
return_obj.short_description = StructuredText.from_obj(
obj.Short_Description)
return_obj.identity = Identity.from_obj(obj.Identity)
return_obj.types = [Statement.from_obj(x) for x in obj.Type]
return_obj.motivations = [
Statement.from_obj(x) for x in obj.Motivation
]
return_obj.sophistications = [
Statement.from_obj(x) for x in obj.Sophistication
]
return_obj.intended_effects = [
Statement.from_obj(x) for x in obj.Intended_Effect
]
return_obj.planning_and_operational_supports = [
Statement.from_obj(x)
for x in obj.Planning_And_Operational_Support
]
return_obj.observed_ttps = ObservedTTPs.from_obj(obj.Observed_TTPs)
return_obj.associated_campaigns = AssociatedCampaigns.from_obj(
obj.Associated_Campaigns)
return_obj.associated_actors = AssociatedActors.from_obj(
obj.Associated_Actors)
return_obj.handling = Marking.from_obj(obj.Handling)
return_obj.confidence = Confidence.from_obj(obj.Confidence)
return_obj.information_source = InformationSource.from_obj(
obj.Information_Source)
return_obj.related_packages = RelatedPackageRefs.from_obj(
obj.Related_Packages)
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.timestamp = obj.timestamp
if isinstance(obj, cls._binding_class):
return_obj.version = obj.version
return_obj.title = obj.Title
return_obj.description = StructuredText.from_obj(obj.Description)
return_obj.short_description = StructuredText.from_obj(obj.Short_Description)
return_obj.time = Time.from_obj(obj.Time)
if obj.Victim:
return_obj.victims = [Identity.from_obj(x) for x in obj.Victim]
if obj.Categories:
return_obj.categories = [IncidentCategory.from_obj(x) for x in obj.Categories.Category]
if obj.Intended_Effect:
return_obj.intended_effects = [Statement.from_obj(x) for x in obj.Intended_Effect]
if obj.Affected_Assets:
return_obj.affected_assets = [AffectedAsset.from_obj(x) for x in obj.Affected_Assets.Affected_Asset]
if obj.Discovery_Method:
return_obj.discovery_methods = [DiscoveryMethod.from_obj(x) for x in obj.Discovery_Method]
if obj.Reporter:
return_obj.reporter = InformationSource.from_obj(obj.Reporter)
if obj.Responder:
return_obj.responders = [InformationSource.from_obj(x) for x in obj.Responder]
if obj.Coordinator:
return_obj.coordinators = [InformationSource.from_obj(x) for x in obj.Coordinator]
if obj.External_ID:
return_obj.external_ids = [ExternalID.from_obj(x) for x in obj.External_ID]
if obj.Impact_Assessment:
return_obj.impact_assessment = ImpactAssessment.from_obj(obj.Impact_Assessment)
if obj.Information_Source:
return_obj.information_source = InformationSource.from_obj(obj.Information_Source)
if obj.Security_Compromise:
return_obj.security_compromise = SecurityCompromise.from_obj(obj.Security_Compromise)
return_obj.coa_taken = [COATaken.from_obj(x) for x in obj.COA_Taken]
return_obj.confidence = Confidence.from_obj(obj.Confidence)
return_obj.attributed_threat_actors = AttributedThreatActors.from_obj(obj.Attributed_Threat_Actors)
return_obj.related_indicators = RelatedIndicators.from_obj(obj.Related_Indicators)
return_obj.related_observables = RelatedObservables.from_obj(obj.Related_Observables)
return_obj.leveraged_ttps = LeveragedTTPs.from_obj(obj.Leveraged_TTPs)
return_obj.related_incidents = RelatedIncidents.from_obj(obj.Related_Incidents)
return_obj.status = VocabString.from_obj(obj.Status)
return_obj.handling = Marking.from_obj(obj.Handling)
return_obj.history = History.from_obj(obj.History)
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.timestamp = obj.timestamp
if isinstance(obj, cls._binding_class):
return_obj.version = obj.version
return_obj.title = obj.Title
return_obj.description = StructuredText.from_obj(obj.Description)
return_obj.short_description = StructuredText.from_obj(obj.Short_Description)
return_obj.time = Time.from_obj(obj.Time)
if obj.Victim:
return_obj.victims = [Identity.from_obj(x) for x in obj.Victim]
if obj.Categories:
return_obj.categories = [IncidentCategory.from_obj(x) for x in obj.Categories.Category]
if obj.Intended_Effect:
return_obj.intended_effects = [Statement.from_obj(x) for x in obj.Intended_Effect]
if obj.Affected_Assets:
return_obj.affected_assets = [AffectedAsset.from_obj(x) for x in obj.Affected_Assets.Affected_Asset]
if obj.Discovery_Method:
return_obj.discovery_methods = [DiscoveryMethod.from_obj(x) for x in obj.Discovery_Method]
if obj.Reporter:
return_obj.reporter = InformationSource.from_obj(obj.Reporter)
if obj.Responder:
return_obj.responders = [InformationSource.from_obj(x) for x in obj.Responder]
if obj.Coordinator:
return_obj.coordinators = [InformationSource.from_obj(x) for x in obj.Coordinator]
if obj.External_ID:
return_obj.external_ids = [ExternalID.from_obj(x) for x in obj.External_ID]
if obj.Impact_Assessment:
return_obj.impact_assessment = ImpactAssessment.from_obj(obj.Impact_Assessment)
if obj.Information_Source:
return_obj.information_source = InformationSource.from_obj(obj.Information_Source)
if obj.Security_Compromise:
return_obj.security_compromise = SecurityCompromise.from_obj(obj.Security_Compromise)
return_obj.coa_taken = [COATaken.from_obj(x) for x in obj.COA_Taken]
return_obj.confidence = Confidence.from_obj(obj.Confidence)
return_obj.attributed_threat_actors = AttributedThreatActors.from_obj(obj.Attributed_Threat_Actors)
return_obj.related_indicators = RelatedIndicators.from_obj(obj.Related_Indicators)
return_obj.related_observables = RelatedObservables.from_obj(obj.Related_Observables)
return_obj.leveraged_ttps = LeveragedTTPs.from_obj(obj.Leveraged_TTPs)
return_obj.related_incidents = RelatedIncidents.from_obj(obj.Related_Incidents)
return_obj.status = VocabString.from_obj(obj.Status)
return_obj.handling = Marking.from_obj(obj.Handling)
return_obj.history = History.from_obj(obj.History)
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.timestamp = obj.get_timestamp()
if isinstance(obj, cls._binding_class):
return_obj.version = obj.get_version() or cls._version
return_obj.title = obj.get_Title()
return_obj.description = StructuredText.from_obj(obj.get_Description())
return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
return_obj.time = Time.from_obj(obj.get_Time())
if obj.get_Victim():
return_obj.victims = [Identity.from_obj(x) for x in obj.get_Victim()]
if obj.get_Categories():
return_obj.categories = [IncidentCategory.from_obj(x) for x in obj.get_Categories().get_Category()]
if obj.get_Intended_Effect():
return_obj.intended_effects = [Statement.from_obj(x) for x in obj.get_Intended_Effect()]
if obj.get_Affected_Assets():
return_obj.affected_assets = [AffectedAsset.from_obj(x) for x in obj.get_Affected_Assets().get_Affected_Asset()]
if obj.get_Discovery_Method():
return_obj.discovery_methods = [DiscoveryMethod.from_obj(x) for x in obj.get_Discovery_Method()]
if obj.get_Reporter():
return_obj.reporter = InformationSource.from_obj(obj.get_Reporter())
if obj.get_Responder():
return_obj.responders = [InformationSource.from_obj(x) for x in obj.get_Responder()]
if obj.get_Coordinator():
return_obj.coordinators = [InformationSource.from_obj(x) for x in obj.get_Coordinator()]
if obj.get_External_ID():
return_obj.external_ids = [ExternalID.from_obj(x) for x in obj.get_External_ID()]
if obj.get_Impact_Assessment():
return_obj.impact_assessment = ImpactAssessment.from_obj(obj.get_Impact_Assessment())
if obj.get_Information_Source():
return_obj.information_source = InformationSource.from_obj(obj.get_Information_Source())
if obj.get_Security_Compromise():
return_obj.security_compromise = SecurityCompromise.from_obj(obj.get_Security_Compromise())
return_obj.coa_taken = [COATaken.from_obj(x) for x in obj.get_COA_Taken()]
return_obj.confidence = Confidence.from_obj(obj.get_Confidence())
return_obj.attributed_threat_actors = AttributedThreatActors.from_obj(obj.get_Attributed_Threat_Actors())
return_obj.related_indicators = RelatedIndicators.from_obj(obj.get_Related_Indicators())
return_obj.related_observables = RelatedObservables.from_obj(obj.get_Related_Observables())
return_obj.leveraged_ttps = LeveragedTTPs.from_obj(obj.get_Leveraged_TTPs())
return_obj.related_incidents = RelatedIncidents.from_obj(obj.get_Related_Incidents())
return_obj.status = VocabString.from_obj(obj.get_Status())
return_obj.handling = Marking.from_obj(obj.get_Handling())
return_obj.history = History.from_obj(obj.get_History())
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
from stix.extensions.test_mechanism.snort_test_mechanism import SnortTestMechanism
if not return_obj:
klass = _BaseTestMechanism.lookup_class(obj.xml_type)
return_obj = klass.from_obj(obj)
else:
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.efficacy = Statement.from_obj(obj.get_Efficacy())
return_obj.producer = InformationSource.from_obj(obj.get_Producer())
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
from stix.extensions.test_mechanism.snort_test_mechanism import SnortTestMechanism
from stix.extensions.test_mechanism.open_ioc_2010_test_mechanism import OpenIOCTestMechanism
from stix.extensions.test_mechanism.yara_test_mechanism import YaraTestMechanism
if not return_obj:
klass = _BaseTestMechanism.lookup_class(obj.xml_type)
return_obj = klass.from_obj(obj)
else:
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.efficacy = Statement.from_obj(obj.Efficacy)
return_obj.producer = InformationSource.from_obj(obj.Producer)
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
from stix.extensions.test_mechanism.snort_test_mechanism import SnortTestMechanism
from stix.extensions.test_mechanism.open_ioc_2010_test_mechanism import OpenIOCTestMechanism
if not return_obj:
klass = _BaseTestMechanism.lookup_class(obj.xml_type)
return_obj = klass.from_obj(obj)
else:
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.efficacy = Statement.from_obj(obj.get_Efficacy())
return_obj.producer = InformationSource.from_obj(
obj.get_Producer())
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.timestamp = obj.get_timestamp()
if isinstance(obj, cls._binding_class):
return_obj.title = obj.get_Title()
return_obj.description = StructuredText.from_obj(obj.get_Description())
return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
return_obj.producer = InformationSource.from_obj(obj.get_Producer())
return_obj.confidence = Confidence.from_obj(obj.get_Confidence())
return_obj.sightings = Sightings.from_obj(obj.get_Sightings())
return_obj.composite_indicator_expression = CompositeIndicatorExpression.from_obj(obj.get_Composite_Indicator_Expression())
return_obj.handling = Marking.from_obj(obj.get_Handling())
return_obj.kill_chain_phases = KillChainPhasesReference.from_obj(obj.get_Kill_Chain_Phases())
return_obj.related_indicators = RelatedIndicators.from_obj(obj.get_Related_Indicators())
return_obj.likely_impact = Statement.from_obj(obj.get_Likely_Impact())
if obj.get_version():
return_obj.version = obj.get_version()
if obj.get_Type():
for indicator_type in obj.get_Type():
return_obj.add_indicator_type(VocabString.from_obj(indicator_type))
if obj.get_Observable():
observable_obj = obj.get_Observable()
observable = Observable.from_obj(observable_obj)
return_obj.observables.append(observable)
if obj.get_Indicated_TTP():
return_obj.indicated_ttps = [RelatedTTP.from_obj(x) for x in obj.get_Indicated_TTP()]
if obj.get_Test_Mechanisms():
return_obj.test_mechanisms = [_BaseTestMechanism.from_obj(x) for x in obj.get_Test_Mechanisms().get_Test_Mechanism()]
if obj.get_Suggested_COAs():
return_obj.suggested_coas = SuggestedCOAs.from_obj(obj.get_Suggested_COAs())
if obj.get_Alternative_ID():
return_obj.alternative_id = obj.get_Alternative_ID()
if obj.get_Valid_Time_Position():
return_obj.valid_time_positions = [ValidTime.from_obj(x) for x in obj.get_Valid_Time_Position()]
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
import stix.extensions.test_mechanism.snort_test_mechanism # noqa
import stix.extensions.test_mechanism.open_ioc_2010_test_mechanism # noqa
import stix.extensions.test_mechanism.yara_test_mechanism # noqa
import stix.extensions.test_mechanism.generic_test_mechanism # noqa
if not return_obj:
klass = stix.lookup_extension(obj)
return_obj = klass.from_obj(obj)
else:
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.efficacy = Statement.from_obj(obj.Efficacy)
return_obj.producer = InformationSource.from_obj(obj.Producer)
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
import stix.extensions.test_mechanism.snort_test_mechanism # noqa
import stix.extensions.test_mechanism.open_ioc_2010_test_mechanism # noqa
import stix.extensions.test_mechanism.yara_test_mechanism # noqa
import stix.extensions.test_mechanism.generic_test_mechanism # noqa
if not return_obj:
klass = stix.lookup_extension(obj)
return_obj = klass.from_obj(obj)
else:
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.efficacy = Statement.from_obj(obj.Efficacy)
return_obj.producer = InformationSource.from_obj(obj.Producer)
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.timestamp = obj.get_timestamp()
if isinstance(obj, cls._binding_class):
return_obj.version = obj.get_version() or cls._version
return_obj.title = obj.get_Title()
return_obj.description = StructuredText.from_obj(
obj.get_Description())
return_obj.short_description = \
StructuredText.from_obj(obj.get_Short_Description())
return_obj.names = Names.from_obj(obj.get_Names())
return_obj.intended_effects = \
[Statement.from_obj(x) for x in obj.get_Intended_Effect()]
return_obj.status = VocabString.from_obj(obj.get_Status())
return_obj.related_ttps = RelatedTTPs.from_obj(
obj.get_Related_TTPs())
return_obj.related_incidents = \
RelatedIncidents.from_obj(obj.get_Related_Incidents())
return_obj.related_indicators = \
RelatedIndicators.from_obj(obj.get_Related_Indicators())
return_obj.attribution = \
[Attribution.from_obj(x) for x in obj.get_Attribution()]
return_obj.associated_campaigns = \
AssociatedCampaigns.from_obj(obj.get_Associated_Campaigns())
return_obj.confidence = Confidence.from_obj(obj.get_Confidence())
return_obj.activity = \
[Activity.from_obj(x) for x in obj.get_Activity()]
return_obj.information_source = \
InformationSource.from_obj(obj.get_Information_Source())
return_obj.handling = Marking.from_obj(obj.get_Handling())
return_obj.related_packages = \
RelatedPackageRefs.from_obj(obj.get_Related_Packages())
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.timestamp = obj.timestamp
if isinstance(obj, cls._binding_class):
return_obj.version = obj.version
return_obj.title = obj.Title
return_obj.description = StructuredText.from_obj(obj.Description)
return_obj.short_description = \
StructuredText.from_obj(obj.Short_Description)
return_obj.names = Names.from_obj(obj.Names)
return_obj.intended_effects = \
[Statement.from_obj(x) for x in obj.Intended_Effect]
return_obj.status = VocabString.from_obj(obj.Status)
return_obj.related_ttps = RelatedTTPs.from_obj(obj.Related_TTPs)
return_obj.related_incidents = \
RelatedIncidents.from_obj(obj.Related_Incidents)
return_obj.related_indicators = \
RelatedIndicators.from_obj(obj.Related_Indicators)
return_obj.attribution = \
[Attribution.from_obj(x) for x in obj.Attribution]
return_obj.associated_campaigns = \
AssociatedCampaigns.from_obj(obj.Associated_Campaigns)
return_obj.confidence = Confidence.from_obj(obj.Confidence)
return_obj.activity = \
[Activity.from_obj(x) for x in obj.Activity]
return_obj.information_source = \
InformationSource.from_obj(obj.Information_Source)
return_obj.handling = Marking.from_obj(obj.Handling)
return_obj.related_packages = \
RelatedPackageRefs.from_obj(obj.Related_Packages)
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.timestamp = obj.timestamp
if isinstance(obj, cls._binding_class):
return_obj.version = obj.version
return_obj.title = obj.Title
return_obj.description = StructuredText.from_obj(obj.Description)
return_obj.short_description = \
StructuredText.from_obj(obj.Short_Description)
return_obj.names = Names.from_obj(obj.Names)
return_obj.intended_effects = \
[Statement.from_obj(x) for x in obj.Intended_Effect]
return_obj.status = VocabString.from_obj(obj.Status)
return_obj.related_ttps = RelatedTTPs.from_obj(obj.Related_TTPs)
return_obj.related_incidents = \
RelatedIncidents.from_obj(obj.Related_Incidents)
return_obj.related_indicators = \
RelatedIndicators.from_obj(obj.Related_Indicators)
return_obj.attribution = \
[Attribution.from_obj(x) for x in obj.Attribution]
return_obj.associated_campaigns = \
AssociatedCampaigns.from_obj(obj.Associated_Campaigns)
return_obj.confidence = Confidence.from_obj(obj.Confidence)
return_obj.activity = \
[Activity.from_obj(x) for x in obj.Activity]
return_obj.information_source = \
InformationSource.from_obj(obj.Information_Source)
return_obj.handling = Marking.from_obj(obj.Handling)
return_obj.related_packages = \
RelatedPackageRefs.from_obj(obj.Related_Packages)
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.timestamp = obj.get_timestamp()
if isinstance(obj, cls._binding_class):
return_obj.version = obj.get_version() or cls._version
return_obj.title = obj.get_Title()
return_obj.description = StructuredText.from_obj(obj.get_Description())
return_obj.short_description = \
StructuredText.from_obj(obj.get_Short_Description())
return_obj.names = Names.from_obj(obj.get_Names())
return_obj.intended_effect = \
[Statement.from_obj(x) for x in obj.get_Intended_Effect()]
return_obj.status = VocabString.from_obj(obj.get_Status())
return_obj.related_ttps = RelatedTTPs.from_obj(obj.get_Related_TTPs())
return_obj.related_incidents = \
RelatedIncidents.from_obj(obj.get_Related_Incidents())
return_obj.related_indicators = \
RelatedIndicators.from_obj(obj.get_Related_Indicators())
return_obj.attribution = \
[Attribution.from_obj(x) for x in obj.get_Attribution()]
return_obj.associated_campaigns = \
AssociatedCampaigns.from_obj(obj.get_Associated_Campaigns())
return_obj.confidence = Confidence.from_obj(obj.get_Confidence())
return_obj.activity = \
[Activity.from_obj(x) for x in obj.get_Activity()]
return_obj.information_source = \
InformationSource.from_obj(obj.get_Information_Source())
return_obj.handling = Marking.from_obj(obj.get_Handling())
return_obj.related_packages = \
RelatedPackageRefs.from_obj(obj.get_Related_Packages())
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
super(Indicator, cls).from_obj(obj, return_obj=return_obj)
if isinstance(obj, cls._binding_class):
return_obj.negate = obj.negate
return_obj.producer = InformationSource.from_obj(obj.Producer)
return_obj.confidence = Confidence.from_obj(obj.Confidence)
return_obj.sightings = Sightings.from_obj(obj.Sightings)
return_obj.composite_indicator_expression = CompositeIndicatorExpression.from_obj(
obj.Composite_Indicator_Expression)
return_obj.handling = Marking.from_obj(obj.Handling)
return_obj.kill_chain_phases = KillChainPhasesReference.from_obj(
obj.Kill_Chain_Phases)
return_obj.related_indicators = RelatedIndicators.from_obj(
obj.Related_Indicators)
return_obj.likely_impact = Statement.from_obj(obj.Likely_Impact)
return_obj.indicator_types = IndicatorTypes.from_obj(obj.Type)
return_obj.test_mechanisms = TestMechanisms.from_obj(
obj.Test_Mechanisms)
return_obj.suggested_coas = SuggestedCOAs.from_obj(
obj.Suggested_COAs)
return_obj.alternative_id = obj.Alternative_ID
return_obj.indicated_ttps = _IndicatedTTPs.from_obj(
obj.Indicated_TTP)
return_obj.valid_time_positions = _ValidTimePositions.from_obj(
obj.Valid_Time_Position)
return_obj.observable = Observable.from_obj(obj.Observable)
return_obj.related_campaigns = RelatedCampaignRefs.from_obj(
obj.Related_Campaigns)
return_obj.related_packages = RelatedPackageRefs.from_obj(
obj.Related_Packages)
return return_obj