Beispiel #1
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None

        if not return_obj:
            return_obj = cls()

        super(CourseOfAction, cls).from_obj(obj, return_obj=return_obj)

        if isinstance(obj,
                      cls._binding_class):  # CourseOfActionType properties
            return_obj.title = obj.Title
            return_obj.stage = VocabString.from_obj(obj.Stage)
            return_obj.type_ = VocabString.from_obj(obj.Type)
            return_obj.objective = Objective.from_obj(obj.Objective)
            return_obj.parameter_observables = \
                Observables.from_obj(obj.Parameter_Observables)
            return_obj.impact = Statement.from_obj(obj.Impact)
            return_obj.cost = Statement.from_obj(obj.Cost)
            return_obj.efficacy = Statement.from_obj(obj.Efficacy)
            return_obj.related_coas = \
                RelatedCOAs.from_obj(obj.Related_COAs)
            return_obj.related_packages = \
                related.RelatedPackageRefs.from_obj(obj.Related_Packages)
            return_obj.structured_coa = \
                _BaseStructuredCOA.from_obj(obj.Structured_COA)

        return return_obj
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.get_id()
        return_obj.idref = obj.get_idref()
        return_obj.timestamp = obj.get_timestamp()
        if isinstance(obj, cls._binding_class): # ThreatActorType properties
            return_obj.version = obj.get_version() if obj.get_version() else cls._version
            return_obj.title = obj.get_Title()
            return_obj.description = StructuredText.from_obj(obj.get_Description())
            return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
            return_obj.identity = Identity.from_obj(obj.get_Identity())
            return_obj.types = [Statement.from_obj(x) for x in obj.get_Type()]
            return_obj.motivations = [Statement.from_obj(x) for x in obj.get_Motivation()]
            return_obj.sophistications = [Statement.from_obj(x) for x in obj.get_Sophistication()]
            return_obj.intended_effects = [Statement.from_obj(x) for x in obj.get_Intended_Effect()]
            return_obj.planning_and_operational_supports = [Statement.from_obj(x) for x in obj.get_Planning_And_Operational_Support()]
            return_obj.observed_ttps = ObservedTTPs.from_obj(obj.get_Observed_TTPs())
            return_obj.associated_campaigns = AssociatedCampaigns.from_obj(obj.get_Associated_Campaigns())
            return_obj.associated_actors = AssociatedActors.from_obj(obj.get_Associated_Actors())
            return_obj.handling = Marking.from_obj(obj.get_Handling())
            return_obj.confidence = Confidence.from_obj(obj.get_Confidence())
            return_obj.information_source = InformationSource.from_obj(obj.get_Information_Source())
            return_obj.related_packages = RelatedPackageRefs.from_obj(obj.get_Related_Packages())

        return return_obj
Beispiel #3
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.id
        return_obj.idref = obj.idref
        return_obj.timestamp = obj.timestamp

        if isinstance(obj, cls._binding_class): # CourseOfActionType properties
            return_obj.version = obj.version
            return_obj.title = obj.Title
            return_obj.stage = VocabString.from_obj(obj.Stage)
            return_obj.type_ = VocabString.from_obj(obj.Type)
            return_obj.description = StructuredText.from_obj(obj.Description)
            return_obj.short_description = StructuredText.from_obj(obj.Short_Description)
            return_obj.objective = Objective.from_obj(obj.Objective)
            return_obj.parameter_observables = \
                    Observables.from_obj(obj.Parameter_Observables)
            return_obj.impact = Statement.from_obj(obj.Impact)
            return_obj.cost = Statement.from_obj(obj.Cost)
            return_obj.efficacy = Statement.from_obj(obj.Efficacy)
            return_obj.information_source = InformationSource.from_obj(obj.Information_Source)
            return_obj.handling = Marking.from_obj(obj.Handling)
            return_obj.related_coas = \
                    RelatedCOAs.from_obj(obj.Related_COAs)
            return_obj.related_packages = \
                    RelatedPackageRefs.from_obj(obj.Related_Packages)

        return return_obj
Beispiel #4
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.id
        return_obj.idref = obj.idref
        return_obj.timestamp = obj.timestamp
        if isinstance(obj, cls._binding_class): # ThreatActorType properties
            return_obj.version = obj.version
            return_obj.title = obj.Title
            return_obj.description = StructuredText.from_obj(obj.Description)
            return_obj.short_description = StructuredText.from_obj(obj.Short_Description)
            return_obj.identity = Identity.from_obj(obj.Identity)
            return_obj.types = [Statement.from_obj(x) for x in obj.Type]
            return_obj.motivations = [Statement.from_obj(x) for x in obj.Motivation]
            return_obj.sophistications = [Statement.from_obj(x) for x in obj.Sophistication]
            return_obj.intended_effects = [Statement.from_obj(x) for x in obj.Intended_Effect]
            return_obj.planning_and_operational_supports = [Statement.from_obj(x) for x in obj.Planning_And_Operational_Support]
            return_obj.observed_ttps = ObservedTTPs.from_obj(obj.Observed_TTPs)
            return_obj.associated_campaigns = AssociatedCampaigns.from_obj(obj.Associated_Campaigns)
            return_obj.associated_actors = AssociatedActors.from_obj(obj.Associated_Actors)
            return_obj.handling = Marking.from_obj(obj.Handling)
            return_obj.confidence = Confidence.from_obj(obj.Confidence)
            return_obj.information_source = InformationSource.from_obj(obj.Information_Source)
            return_obj.related_packages = RelatedPackageRefs.from_obj(obj.Related_Packages)

        return return_obj
Beispiel #5
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None

        if not return_obj:
            return_obj = cls()

        super(CourseOfAction, cls).from_obj(obj, return_obj=return_obj)

        if isinstance(obj, cls._binding_class):  # CourseOfActionType properties
            return_obj.title = obj.Title
            return_obj.stage = VocabString.from_obj(obj.Stage)
            return_obj.type_ = VocabString.from_obj(obj.Type)
            return_obj.objective = Objective.from_obj(obj.Objective)
            return_obj.parameter_observables = \
                Observables.from_obj(obj.Parameter_Observables)
            return_obj.impact = Statement.from_obj(obj.Impact)
            return_obj.cost = Statement.from_obj(obj.Cost)
            return_obj.efficacy = Statement.from_obj(obj.Efficacy)
            return_obj.related_coas = \
                RelatedCOAs.from_obj(obj.Related_COAs)
            return_obj.related_packages = \
                related.RelatedPackageRefs.from_obj(obj.Related_Packages)
            return_obj.structured_coa = \
                _BaseStructuredCOA.from_obj(obj.Structured_COA)

        return return_obj
Beispiel #6
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.id
        return_obj.idref = obj.idref
        return_obj.timestamp = obj.timestamp

        if isinstance(obj, cls._binding_class): # CourseOfActionType properties
            return_obj.version = obj.version
            return_obj.title = obj.Title
            return_obj.stage = VocabString.from_obj(obj.Stage)
            return_obj.type_ = VocabString.from_obj(obj.Type)
            return_obj.description = StructuredText.from_obj(obj.Description)
            return_obj.short_description = StructuredText.from_obj(obj.Short_Description)
            return_obj.objective = Objective.from_obj(obj.Objective)
            return_obj.parameter_observables = \
                    Observables.from_obj(obj.Parameter_Observables)
            return_obj.impact = Statement.from_obj(obj.Impact)
            return_obj.cost = Statement.from_obj(obj.Cost)
            return_obj.efficacy = Statement.from_obj(obj.Efficacy)
            return_obj.information_source = InformationSource.from_obj(obj.Information_Source)
            return_obj.handling = Marking.from_obj(obj.Handling)
            return_obj.related_coas = \
                    RelatedCOAs.from_obj(obj.Related_COAs)
            return_obj.related_packages = \
                    RelatedPackageRefs.from_obj(obj.Related_Packages)

        return return_obj
Beispiel #7
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.get_id()
        return_obj.idref = obj.get_idref()
        return_obj.timestamp = obj.get_timestamp()

        if isinstance(obj, cls._binding_class): # CourseOfActionType properties
            return_obj.version = obj.get_version() or cls._version
            return_obj.title = obj.get_Title()
            return_obj.stage = VocabString.from_obj(obj.get_Stage())
            return_obj.type_ = VocabString.from_obj(obj.get_Type())
            return_obj.description = StructuredText.from_obj(obj.get_Description())
            return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
            return_obj.objective = Objective.from_obj(obj.get_Objective())
            return_obj.parameter_observables = \
                    Observables.from_obj(obj.get_Parameter_Observables())
            return_obj.impact = Statement.from_obj(obj.get_Impact())
            return_obj.cost = Statement.from_obj(obj.get_Cost())
            return_obj.efficacy = Statement.from_obj(obj.get_Efficacy())
            return_obj.information_source = InformationSource.from_obj(obj.get_Information_Source())
            return_obj.handling = Marking.from_obj(obj.get_Handling())
            return_obj.related_coas = \
                    RelatedCOAs.from_obj(obj.get_Related_COAs())
            return_obj.related_packages = \
                    RelatedPackageRefs.from_obj(obj.get_Related_Packages())

        return return_obj
Beispiel #8
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.get_id()
        return_obj.idref = obj.get_idref()
        return_obj.timestamp = obj.get_timestamp()

        if isinstance(obj,
                      cls._binding_class):  # CourseOfActionType properties
            return_obj.version = obj.get_version() or cls._version
            return_obj.title = obj.get_Title()
            return_obj.stage = VocabString.from_obj(obj.get_Stage())
            return_obj.type_ = VocabString.from_obj(obj.get_Type())
            return_obj.description = StructuredText.from_obj(
                obj.get_Description())
            return_obj.short_description = StructuredText.from_obj(
                obj.get_Short_Description())
            return_obj.objective = Objective.from_obj(obj.get_Objective())
            return_obj.parameter_observables = \
                    Observables.from_obj(obj.get_Parameter_Observables())
            return_obj.impact = Statement.from_obj(obj.get_Impact())
            return_obj.cost = Statement.from_obj(obj.get_Cost())
            return_obj.efficacy = Statement.from_obj(obj.get_Efficacy())
            return_obj.information_source = InformationSource.from_obj(
                obj.get_Information_Source())
            return_obj.handling = Marking.from_obj(obj.get_Handling())
            return_obj.related_coas = \
                    RelatedCOAs.from_obj(obj.get_Related_COAs())
            return_obj.related_packages = \
                    RelatedPackageRefs.from_obj(obj.get_Related_Packages())

        return return_obj
Beispiel #9
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.id
        return_obj.idref = obj.idref
        return_obj.timestamp = obj.timestamp

        if isinstance(obj, cls._binding_class): # TTPType properties
            return_obj.version = obj.version
            return_obj.title = obj.Title
            return_obj.description = StructuredText.from_obj(obj.Description)
            return_obj.short_description = StructuredText.from_obj(obj.Short_Description)
            return_obj.behavior = Behavior.from_obj(obj.Behavior)
            return_obj.related_ttps = RelatedTTPs.from_obj(obj.Related_TTPs)
            return_obj.exploit_targets = ExploitTargets.from_obj(obj.Exploit_Targets)
            return_obj.information_source = InformationSource.from_obj(obj.Information_Source)
            return_obj.resources = Resource.from_obj(obj.Resources)
            return_obj.victim_targeting = VictimTargeting.from_obj(obj.Victim_Targeting)
            return_obj.handling = Marking.from_obj(obj.Handling)

            if obj.Intended_Effect:
                return_obj.intended_effects = [Statement.from_obj(x) for x in obj.Intended_Effect]

        return return_obj
Beispiel #10
0
    def from_obj(cls, obj, return_obj=None):        
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        super(Indicator, cls).from_obj(obj, return_obj=return_obj)

        if isinstance(obj, cls._binding_class):
            return_obj.negate = obj.negate
            return_obj.producer = InformationSource.from_obj(obj.Producer)
            return_obj.confidence = Confidence.from_obj(obj.Confidence)
            return_obj.sightings = Sightings.from_obj(obj.Sightings)
            return_obj.composite_indicator_expression = CompositeIndicatorExpression.from_obj(obj.Composite_Indicator_Expression)
            return_obj.kill_chain_phases = KillChainPhasesReference.from_obj(obj.Kill_Chain_Phases)
            return_obj.related_indicators = RelatedIndicators.from_obj(obj.Related_Indicators)
            return_obj.likely_impact = Statement.from_obj(obj.Likely_Impact)
            return_obj.indicator_types = IndicatorTypes.from_obj(obj.Type)
            return_obj.test_mechanisms = TestMechanisms.from_obj(obj.Test_Mechanisms)
            return_obj.suggested_coas = SuggestedCOAs.from_obj(obj.Suggested_COAs)
            return_obj.alternative_id = obj.Alternative_ID
            return_obj.indicated_ttps = _IndicatedTTPs.from_obj(obj.Indicated_TTP)
            return_obj.valid_time_positions = _ValidTimePositions.from_obj(obj.Valid_Time_Position)
            return_obj.observable = Observable.from_obj(obj.Observable)
            return_obj.related_campaigns = RelatedCampaignRefs.from_obj(obj.Related_Campaigns)
            return_obj.related_packages = RelatedPackageRefs.from_obj(obj.Related_Packages)
            
        return return_obj
Beispiel #11
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.id
        return_obj.idref = obj.idref
        return_obj.timestamp = obj.timestamp

        if isinstance(obj, cls._binding_class):  # TTPType properties
            return_obj.version = obj.version
            return_obj.title = obj.Title
            return_obj.description = StructuredText.from_obj(obj.Description)
            return_obj.short_description = StructuredText.from_obj(
                obj.Short_Description)
            return_obj.behavior = Behavior.from_obj(obj.Behavior)
            return_obj.related_ttps = RelatedTTPs.from_obj(obj.Related_TTPs)
            return_obj.exploit_targets = ExploitTargets.from_obj(
                obj.Exploit_Targets)
            return_obj.information_source = InformationSource.from_obj(
                obj.Information_Source)
            return_obj.resources = Resource.from_obj(obj.Resources)
            return_obj.victim_targeting = VictimTargeting.from_obj(
                obj.Victim_Targeting)
            return_obj.handling = Marking.from_obj(obj.Handling)

            if obj.Intended_Effect:
                return_obj.intended_effects = [
                    Statement.from_obj(x) for x in obj.Intended_Effect
                ]

        return return_obj
Beispiel #12
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.get_id()
        return_obj.idref = obj.get_idref()
        return_obj.timestamp = obj.get_timestamp() # not yet implemented

        if isinstance(obj, cls._binding_class): # TTPType properties
            return_obj.version = obj.get_version() or cls._version
            return_obj.title = obj.get_Title()
            return_obj.description = StructuredText.from_obj(obj.get_Description())
            return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
            return_obj.behavior = Behavior.from_obj(obj.get_Behavior())
            return_obj.related_ttps = RelatedTTPs.from_obj(obj.get_Related_TTPs())
            return_obj.information_source = InformationSource.from_obj(obj.get_Information_Source())
            return_obj.resources = Resource.from_obj(obj.get_Resources())
            return_obj.victim_targeting = VictimTargeting.from_obj(obj.get_Victim_Targeting())

            if obj.get_Intended_Effect():
                return_obj.intended_effects = [Statement.from_obj(x) for x in obj.get_Intended_Effect()]

        return return_obj
Beispiel #13
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.get_id()
        return_obj.idref = obj.get_idref()
        return_obj.timestamp = obj.get_timestamp()
        
        if isinstance(obj, cls._binding_class):
            return_obj.version = obj.get_version() or cls._version
            return_obj.title = obj.get_Title()
            return_obj.description = StructuredText.from_obj(obj.get_Description())
            return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
            return_obj.time = Time.from_obj(obj.get_Time())
    
            if obj.get_Victim():
                return_obj.victims = [Identity.from_obj(x) for x in obj.get_Victim()]
            if obj.get_Categories():
                return_obj.categories = [IncidentCategory.from_obj(x) for x in obj.get_Categories().get_Category()]
            if obj.get_Intended_Effect():
                return_obj.intended_effects = [Statement.from_obj(x) for x in obj.get_Intended_Effect()]
            if obj.get_Affected_Assets():
                return_obj.affected_assets = [AffectedAsset.from_obj(x) for x in obj.get_Affected_Assets().get_Affected_Asset()]
    
            return_obj.attributed_threat_actors = AttributedThreatActors.from_obj(obj.get_Attributed_Threat_Actors())
            return_obj.related_indicators = RelatedIndicators.from_obj(obj.get_Related_Indicators())
            return_obj.related_observables = RelatedObservable.from_obj(obj.get_Related_Observables())
            return_obj.leveraged_ttps = LeveragedTTPs.from_obj(obj.get_Leveraged_TTPs())

        return return_obj
Beispiel #14
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.get_id()
        return_obj.idref = obj.get_idref()
        return_obj.timestamp = obj.get_timestamp()

        if isinstance(obj, cls._binding_class):  # TTPType properties
            return_obj.version = obj.get_version() or cls._version
            return_obj.title = obj.get_Title()
            return_obj.description = StructuredText.from_obj(
                obj.get_Description())
            return_obj.short_description = StructuredText.from_obj(
                obj.get_Short_Description())
            return_obj.behavior = Behavior.from_obj(obj.get_Behavior())
            return_obj.related_ttps = RelatedTTPs.from_obj(
                obj.get_Related_TTPs())
            return_obj.exploit_targets = ExploitTargets.from_obj(
                obj.get_Exploit_Targets())
            return_obj.information_source = InformationSource.from_obj(
                obj.get_Information_Source())
            return_obj.resources = Resource.from_obj(obj.get_Resources())
            return_obj.victim_targeting = VictimTargeting.from_obj(
                obj.get_Victim_Targeting())

            if obj.get_Intended_Effect():
                return_obj.intended_effects = [
                    Statement.from_obj(x) for x in obj.get_Intended_Effect()
                ]

        return return_obj
Beispiel #15
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.get_id()
        return_obj.idref = obj.get_idref()
        return_obj.timestamp = obj.get_timestamp()
        if isinstance(obj, cls._binding_class):  # ThreatActorType properties
            return_obj.version = obj.get_version() if obj.get_version(
            ) else cls._version
            return_obj.title = obj.get_Title()
            return_obj.description = StructuredText.from_obj(
                obj.get_Description())
            return_obj.short_description = StructuredText.from_obj(
                obj.get_Short_Description())
            return_obj.identity = Identity.from_obj(obj.get_Identity())
            return_obj.types = [Statement.from_obj(x) for x in obj.get_Type()]
            return_obj.motivations = [
                Statement.from_obj(x) for x in obj.get_Motivation()
            ]
            return_obj.sophistications = [
                Statement.from_obj(x) for x in obj.get_Sophistication()
            ]
            return_obj.intended_effects = [
                Statement.from_obj(x) for x in obj.get_Intended_Effect()
            ]
            return_obj.planning_and_operational_supports = [
                Statement.from_obj(x)
                for x in obj.get_Planning_And_Operational_Support()
            ]
            return_obj.observed_ttps = ObservedTTPs.from_obj(
                obj.get_Observed_TTPs())
            return_obj.associated_campaigns = AssociatedCampaigns.from_obj(
                obj.get_Associated_Campaigns())
            return_obj.associated_actors = AssociatedActors.from_obj(
                obj.get_Associated_Actors())
            return_obj.handling = Marking.from_obj(obj.get_Handling())
            return_obj.confidence = Confidence.from_obj(obj.get_Confidence())
            return_obj.information_source = InformationSource.from_obj(
                obj.get_Information_Source())
            return_obj.related_packages = RelatedPackageRefs.from_obj(
                obj.get_Related_Packages())

        return return_obj
Beispiel #16
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.id
        return_obj.idref = obj.idref
        return_obj.timestamp = obj.timestamp
        if isinstance(obj, cls._binding_class):  # ThreatActorType properties
            return_obj.version = obj.version
            return_obj.title = obj.Title
            return_obj.description = StructuredText.from_obj(obj.Description)
            return_obj.short_description = StructuredText.from_obj(
                obj.Short_Description)
            return_obj.identity = Identity.from_obj(obj.Identity)
            return_obj.types = [Statement.from_obj(x) for x in obj.Type]
            return_obj.motivations = [
                Statement.from_obj(x) for x in obj.Motivation
            ]
            return_obj.sophistications = [
                Statement.from_obj(x) for x in obj.Sophistication
            ]
            return_obj.intended_effects = [
                Statement.from_obj(x) for x in obj.Intended_Effect
            ]
            return_obj.planning_and_operational_supports = [
                Statement.from_obj(x)
                for x in obj.Planning_And_Operational_Support
            ]
            return_obj.observed_ttps = ObservedTTPs.from_obj(obj.Observed_TTPs)
            return_obj.associated_campaigns = AssociatedCampaigns.from_obj(
                obj.Associated_Campaigns)
            return_obj.associated_actors = AssociatedActors.from_obj(
                obj.Associated_Actors)
            return_obj.handling = Marking.from_obj(obj.Handling)
            return_obj.confidence = Confidence.from_obj(obj.Confidence)
            return_obj.information_source = InformationSource.from_obj(
                obj.Information_Source)
            return_obj.related_packages = RelatedPackageRefs.from_obj(
                obj.Related_Packages)

        return return_obj
Beispiel #17
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.id
        return_obj.idref = obj.idref
        return_obj.timestamp = obj.timestamp
        
        if isinstance(obj, cls._binding_class):
            return_obj.version = obj.version
            return_obj.title = obj.Title
            return_obj.description = StructuredText.from_obj(obj.Description)
            return_obj.short_description = StructuredText.from_obj(obj.Short_Description)
            return_obj.time = Time.from_obj(obj.Time)
    
            if obj.Victim:
                return_obj.victims = [Identity.from_obj(x) for x in obj.Victim]
            if obj.Categories:
                return_obj.categories = [IncidentCategory.from_obj(x) for x in obj.Categories.Category]
            if obj.Intended_Effect:
                return_obj.intended_effects = [Statement.from_obj(x) for x in obj.Intended_Effect]
            if obj.Affected_Assets:
                return_obj.affected_assets = [AffectedAsset.from_obj(x) for x in obj.Affected_Assets.Affected_Asset]
            if obj.Discovery_Method:
                return_obj.discovery_methods = [DiscoveryMethod.from_obj(x) for x in obj.Discovery_Method]
            if obj.Reporter:
                return_obj.reporter = InformationSource.from_obj(obj.Reporter)
            if obj.Responder:
                return_obj.responders = [InformationSource.from_obj(x) for x in obj.Responder]
            if obj.Coordinator:
                return_obj.coordinators = [InformationSource.from_obj(x) for x in obj.Coordinator]
            if obj.External_ID:
                return_obj.external_ids = [ExternalID.from_obj(x) for x in obj.External_ID]
            if obj.Impact_Assessment:
                return_obj.impact_assessment = ImpactAssessment.from_obj(obj.Impact_Assessment)
            if obj.Information_Source:
                return_obj.information_source = InformationSource.from_obj(obj.Information_Source)
            if obj.Security_Compromise:
                return_obj.security_compromise = SecurityCompromise.from_obj(obj.Security_Compromise)
            
            return_obj.coa_taken = [COATaken.from_obj(x) for x in obj.COA_Taken]
            return_obj.confidence = Confidence.from_obj(obj.Confidence)
            return_obj.attributed_threat_actors = AttributedThreatActors.from_obj(obj.Attributed_Threat_Actors)
            return_obj.related_indicators = RelatedIndicators.from_obj(obj.Related_Indicators)
            return_obj.related_observables = RelatedObservables.from_obj(obj.Related_Observables)
            return_obj.leveraged_ttps = LeveragedTTPs.from_obj(obj.Leveraged_TTPs)
            return_obj.related_incidents = RelatedIncidents.from_obj(obj.Related_Incidents)
            return_obj.status = VocabString.from_obj(obj.Status)
            return_obj.handling = Marking.from_obj(obj.Handling)
            return_obj.history = History.from_obj(obj.History)
            
        return return_obj
Beispiel #18
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.id
        return_obj.idref = obj.idref
        return_obj.timestamp = obj.timestamp
        
        if isinstance(obj, cls._binding_class):
            return_obj.version = obj.version
            return_obj.title = obj.Title
            return_obj.description = StructuredText.from_obj(obj.Description)
            return_obj.short_description = StructuredText.from_obj(obj.Short_Description)
            return_obj.time = Time.from_obj(obj.Time)
    
            if obj.Victim:
                return_obj.victims = [Identity.from_obj(x) for x in obj.Victim]
            if obj.Categories:
                return_obj.categories = [IncidentCategory.from_obj(x) for x in obj.Categories.Category]
            if obj.Intended_Effect:
                return_obj.intended_effects = [Statement.from_obj(x) for x in obj.Intended_Effect]
            if obj.Affected_Assets:
                return_obj.affected_assets = [AffectedAsset.from_obj(x) for x in obj.Affected_Assets.Affected_Asset]
            if obj.Discovery_Method:
                return_obj.discovery_methods = [DiscoveryMethod.from_obj(x) for x in obj.Discovery_Method]
            if obj.Reporter:
                return_obj.reporter = InformationSource.from_obj(obj.Reporter)
            if obj.Responder:
                return_obj.responders = [InformationSource.from_obj(x) for x in obj.Responder]
            if obj.Coordinator:
                return_obj.coordinators = [InformationSource.from_obj(x) for x in obj.Coordinator]
            if obj.External_ID:
                return_obj.external_ids = [ExternalID.from_obj(x) for x in obj.External_ID]
            if obj.Impact_Assessment:
                return_obj.impact_assessment = ImpactAssessment.from_obj(obj.Impact_Assessment)
            if obj.Information_Source:
                return_obj.information_source = InformationSource.from_obj(obj.Information_Source)
            if obj.Security_Compromise:
                return_obj.security_compromise = SecurityCompromise.from_obj(obj.Security_Compromise)
            
            return_obj.coa_taken = [COATaken.from_obj(x) for x in obj.COA_Taken]
            return_obj.confidence = Confidence.from_obj(obj.Confidence)
            return_obj.attributed_threat_actors = AttributedThreatActors.from_obj(obj.Attributed_Threat_Actors)
            return_obj.related_indicators = RelatedIndicators.from_obj(obj.Related_Indicators)
            return_obj.related_observables = RelatedObservables.from_obj(obj.Related_Observables)
            return_obj.leveraged_ttps = LeveragedTTPs.from_obj(obj.Leveraged_TTPs)
            return_obj.related_incidents = RelatedIncidents.from_obj(obj.Related_Incidents)
            return_obj.status = VocabString.from_obj(obj.Status)
            return_obj.handling = Marking.from_obj(obj.Handling)
            return_obj.history = History.from_obj(obj.History)
            
        return return_obj
Beispiel #19
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.get_id()
        return_obj.idref = obj.get_idref()
        return_obj.timestamp = obj.get_timestamp()
        
        if isinstance(obj, cls._binding_class):
            return_obj.version = obj.get_version() or cls._version
            return_obj.title = obj.get_Title()
            return_obj.description = StructuredText.from_obj(obj.get_Description())
            return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
            return_obj.time = Time.from_obj(obj.get_Time())
    
            if obj.get_Victim():
                return_obj.victims = [Identity.from_obj(x) for x in obj.get_Victim()]
            if obj.get_Categories():
                return_obj.categories = [IncidentCategory.from_obj(x) for x in obj.get_Categories().get_Category()]
            if obj.get_Intended_Effect():
                return_obj.intended_effects = [Statement.from_obj(x) for x in obj.get_Intended_Effect()]
            if obj.get_Affected_Assets():
                return_obj.affected_assets = [AffectedAsset.from_obj(x) for x in obj.get_Affected_Assets().get_Affected_Asset()]
            if obj.get_Discovery_Method():
                return_obj.discovery_methods = [DiscoveryMethod.from_obj(x) for x in obj.get_Discovery_Method()]
            if obj.get_Reporter():
                return_obj.reporter = InformationSource.from_obj(obj.get_Reporter())
            if obj.get_Responder():
                return_obj.responders = [InformationSource.from_obj(x) for x in obj.get_Responder()]
            if obj.get_Coordinator():
                return_obj.coordinators = [InformationSource.from_obj(x) for x in obj.get_Coordinator()]
            if obj.get_External_ID():
                return_obj.external_ids = [ExternalID.from_obj(x) for x in obj.get_External_ID()]
            if obj.get_Impact_Assessment():
                return_obj.impact_assessment = ImpactAssessment.from_obj(obj.get_Impact_Assessment())
            if obj.get_Information_Source():
                return_obj.information_source = InformationSource.from_obj(obj.get_Information_Source())
            if obj.get_Security_Compromise():
                return_obj.security_compromise = SecurityCompromise.from_obj(obj.get_Security_Compromise())
            
            return_obj.coa_taken = [COATaken.from_obj(x) for x in obj.get_COA_Taken()]
            return_obj.confidence = Confidence.from_obj(obj.get_Confidence())
            return_obj.attributed_threat_actors = AttributedThreatActors.from_obj(obj.get_Attributed_Threat_Actors())
            return_obj.related_indicators = RelatedIndicators.from_obj(obj.get_Related_Indicators())
            return_obj.related_observables = RelatedObservables.from_obj(obj.get_Related_Observables())
            return_obj.leveraged_ttps = LeveragedTTPs.from_obj(obj.get_Leveraged_TTPs())
            return_obj.related_incidents = RelatedIncidents.from_obj(obj.get_Related_Incidents())
            return_obj.status = VocabString.from_obj(obj.get_Status())
            return_obj.handling = Marking.from_obj(obj.get_Handling())
            return_obj.history = History.from_obj(obj.get_History())
            
        return return_obj
 def from_obj(cls, obj, return_obj=None):
     if not obj:
         return None
     
     from stix.extensions.test_mechanism.snort_test_mechanism import SnortTestMechanism
     
     if not return_obj:
         klass = _BaseTestMechanism.lookup_class(obj.xml_type)
         return_obj = klass.from_obj(obj)
     else:
         return_obj.id_ = obj.get_id()
         return_obj.idref = obj.get_idref()
         return_obj.efficacy = Statement.from_obj(obj.get_Efficacy())
         return_obj.producer = InformationSource.from_obj(obj.get_Producer())
     
     return return_obj
 def from_obj(cls, obj, return_obj=None):
     if not obj:
         return None
     
     from stix.extensions.test_mechanism.snort_test_mechanism import SnortTestMechanism
     from stix.extensions.test_mechanism.open_ioc_2010_test_mechanism import OpenIOCTestMechanism
     from stix.extensions.test_mechanism.yara_test_mechanism import YaraTestMechanism
     
     if not return_obj:
         klass = _BaseTestMechanism.lookup_class(obj.xml_type)
         return_obj = klass.from_obj(obj)
     else:
         return_obj.id_ = obj.id
         return_obj.idref = obj.idref
         return_obj.efficacy = Statement.from_obj(obj.Efficacy)
         return_obj.producer = InformationSource.from_obj(obj.Producer)
     
     return return_obj
Beispiel #22
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None

        from stix.extensions.test_mechanism.snort_test_mechanism import SnortTestMechanism
        from stix.extensions.test_mechanism.open_ioc_2010_test_mechanism import OpenIOCTestMechanism

        if not return_obj:
            klass = _BaseTestMechanism.lookup_class(obj.xml_type)
            return_obj = klass.from_obj(obj)
        else:
            return_obj.id_ = obj.get_id()
            return_obj.idref = obj.get_idref()
            return_obj.efficacy = Statement.from_obj(obj.get_Efficacy())
            return_obj.producer = InformationSource.from_obj(
                obj.get_Producer())

        return return_obj
Beispiel #23
0
    def from_obj(cls, obj, return_obj=None):        
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_              = obj.get_id()
        return_obj.idref            = obj.get_idref()
        return_obj.timestamp        = obj.get_timestamp()
        
        if isinstance(obj, cls._binding_class):
            return_obj.title            = obj.get_Title()
            return_obj.description      = StructuredText.from_obj(obj.get_Description())
            return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
            return_obj.producer         = InformationSource.from_obj(obj.get_Producer())
            return_obj.confidence       = Confidence.from_obj(obj.get_Confidence())
            return_obj.sightings        = Sightings.from_obj(obj.get_Sightings())
            return_obj.composite_indicator_expression = CompositeIndicatorExpression.from_obj(obj.get_Composite_Indicator_Expression())
            return_obj.handling = Marking.from_obj(obj.get_Handling())
            return_obj.kill_chain_phases = KillChainPhasesReference.from_obj(obj.get_Kill_Chain_Phases())
            return_obj.related_indicators = RelatedIndicators.from_obj(obj.get_Related_Indicators())
            return_obj.likely_impact = Statement.from_obj(obj.get_Likely_Impact())
            
            if obj.get_version():
                return_obj.version = obj.get_version()
            if obj.get_Type():
                for indicator_type in obj.get_Type():
                    return_obj.add_indicator_type(VocabString.from_obj(indicator_type)) 
            if obj.get_Observable():
                observable_obj = obj.get_Observable()
                observable = Observable.from_obj(observable_obj)
                return_obj.observables.append(observable)
            if obj.get_Indicated_TTP():
                return_obj.indicated_ttps = [RelatedTTP.from_obj(x) for x in obj.get_Indicated_TTP()]
            if obj.get_Test_Mechanisms():
                return_obj.test_mechanisms = [_BaseTestMechanism.from_obj(x) for x in obj.get_Test_Mechanisms().get_Test_Mechanism()]
            if obj.get_Suggested_COAs():
                return_obj.suggested_coas = SuggestedCOAs.from_obj(obj.get_Suggested_COAs())
            if obj.get_Alternative_ID():
                return_obj.alternative_id = obj.get_Alternative_ID()
            if obj.get_Valid_Time_Position():
                return_obj.valid_time_positions = [ValidTime.from_obj(x) for x in obj.get_Valid_Time_Position()]    
            
        return return_obj
Beispiel #24
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None

        import stix.extensions.test_mechanism.snort_test_mechanism  # noqa
        import stix.extensions.test_mechanism.open_ioc_2010_test_mechanism  # noqa
        import stix.extensions.test_mechanism.yara_test_mechanism  # noqa
        import stix.extensions.test_mechanism.generic_test_mechanism  # noqa

        if not return_obj:
            klass = stix.lookup_extension(obj)
            return_obj = klass.from_obj(obj)
        else:
            return_obj.id_ = obj.id
            return_obj.idref = obj.idref
            return_obj.efficacy = Statement.from_obj(obj.Efficacy)
            return_obj.producer = InformationSource.from_obj(obj.Producer)

        return return_obj
 def from_obj(cls, obj, return_obj=None):
     if not obj:
         return None
     
     import stix.extensions.test_mechanism.snort_test_mechanism  # noqa
     import stix.extensions.test_mechanism.open_ioc_2010_test_mechanism  # noqa
     import stix.extensions.test_mechanism.yara_test_mechanism  # noqa
     import stix.extensions.test_mechanism.generic_test_mechanism  # noqa
     
     if not return_obj:
         klass = stix.lookup_extension(obj)
         return_obj = klass.from_obj(obj)
     else:
         return_obj.id_ = obj.id
         return_obj.idref = obj.idref
         return_obj.efficacy = Statement.from_obj(obj.Efficacy)
         return_obj.producer = InformationSource.from_obj(obj.Producer)
     
     return return_obj
Beispiel #26
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.get_id()
        return_obj.idref = obj.get_idref()
        return_obj.timestamp = obj.get_timestamp()

        if isinstance(obj, cls._binding_class):
            return_obj.version = obj.get_version() or cls._version
            return_obj.title = obj.get_Title()
            return_obj.description = StructuredText.from_obj(
                obj.get_Description())
            return_obj.short_description = \
                    StructuredText.from_obj(obj.get_Short_Description())
            return_obj.names = Names.from_obj(obj.get_Names())
            return_obj.intended_effects = \
                    [Statement.from_obj(x) for x in obj.get_Intended_Effect()]
            return_obj.status = VocabString.from_obj(obj.get_Status())
            return_obj.related_ttps = RelatedTTPs.from_obj(
                obj.get_Related_TTPs())
            return_obj.related_incidents = \
                    RelatedIncidents.from_obj(obj.get_Related_Incidents())
            return_obj.related_indicators = \
                    RelatedIndicators.from_obj(obj.get_Related_Indicators())
            return_obj.attribution = \
                    [Attribution.from_obj(x) for x in obj.get_Attribution()]
            return_obj.associated_campaigns = \
                    AssociatedCampaigns.from_obj(obj.get_Associated_Campaigns())
            return_obj.confidence = Confidence.from_obj(obj.get_Confidence())
            return_obj.activity = \
                    [Activity.from_obj(x) for x in obj.get_Activity()]
            return_obj.information_source = \
                    InformationSource.from_obj(obj.get_Information_Source())
            return_obj.handling = Marking.from_obj(obj.get_Handling())
            return_obj.related_packages = \
                    RelatedPackageRefs.from_obj(obj.get_Related_Packages())

        return return_obj
Beispiel #27
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.id
        return_obj.idref = obj.idref
        return_obj.timestamp = obj.timestamp
        
        if isinstance(obj, cls._binding_class):
            return_obj.version = obj.version
            return_obj.title = obj.Title
            return_obj.description = StructuredText.from_obj(obj.Description)
            return_obj.short_description = \
                    StructuredText.from_obj(obj.Short_Description)
            return_obj.names = Names.from_obj(obj.Names)
            return_obj.intended_effects = \
                    [Statement.from_obj(x) for x in obj.Intended_Effect]
            return_obj.status = VocabString.from_obj(obj.Status)
            return_obj.related_ttps = RelatedTTPs.from_obj(obj.Related_TTPs)
            return_obj.related_incidents = \
                    RelatedIncidents.from_obj(obj.Related_Incidents)
            return_obj.related_indicators = \
                    RelatedIndicators.from_obj(obj.Related_Indicators)
            return_obj.attribution = \
                    [Attribution.from_obj(x) for x in obj.Attribution]
            return_obj.associated_campaigns = \
                    AssociatedCampaigns.from_obj(obj.Associated_Campaigns)
            return_obj.confidence = Confidence.from_obj(obj.Confidence)
            return_obj.activity = \
                    [Activity.from_obj(x) for x in obj.Activity]
            return_obj.information_source = \
                    InformationSource.from_obj(obj.Information_Source)
            return_obj.handling = Marking.from_obj(obj.Handling)
            return_obj.related_packages = \
                    RelatedPackageRefs.from_obj(obj.Related_Packages)

        return return_obj
Beispiel #28
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.id
        return_obj.idref = obj.idref
        return_obj.timestamp = obj.timestamp
        
        if isinstance(obj, cls._binding_class):
            return_obj.version = obj.version
            return_obj.title = obj.Title
            return_obj.description = StructuredText.from_obj(obj.Description)
            return_obj.short_description = \
                    StructuredText.from_obj(obj.Short_Description)
            return_obj.names = Names.from_obj(obj.Names)
            return_obj.intended_effects = \
                    [Statement.from_obj(x) for x in obj.Intended_Effect]
            return_obj.status = VocabString.from_obj(obj.Status)
            return_obj.related_ttps = RelatedTTPs.from_obj(obj.Related_TTPs)
            return_obj.related_incidents = \
                    RelatedIncidents.from_obj(obj.Related_Incidents)
            return_obj.related_indicators = \
                    RelatedIndicators.from_obj(obj.Related_Indicators)
            return_obj.attribution = \
                    [Attribution.from_obj(x) for x in obj.Attribution]
            return_obj.associated_campaigns = \
                    AssociatedCampaigns.from_obj(obj.Associated_Campaigns)
            return_obj.confidence = Confidence.from_obj(obj.Confidence)
            return_obj.activity = \
                    [Activity.from_obj(x) for x in obj.Activity]
            return_obj.information_source = \
                    InformationSource.from_obj(obj.Information_Source)
            return_obj.handling = Marking.from_obj(obj.Handling)
            return_obj.related_packages = \
                    RelatedPackageRefs.from_obj(obj.Related_Packages)

        return return_obj
Beispiel #29
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        return_obj.id_ = obj.get_id()
        return_obj.idref = obj.get_idref()
        return_obj.timestamp = obj.get_timestamp()
        
        if isinstance(obj, cls._binding_class):
            return_obj.version = obj.get_version() or cls._version
            return_obj.title = obj.get_Title()
            return_obj.description = StructuredText.from_obj(obj.get_Description())
            return_obj.short_description = \
                    StructuredText.from_obj(obj.get_Short_Description())
            return_obj.names = Names.from_obj(obj.get_Names())
            return_obj.intended_effect = \
                    [Statement.from_obj(x) for x in obj.get_Intended_Effect()]
            return_obj.status = VocabString.from_obj(obj.get_Status())
            return_obj.related_ttps = RelatedTTPs.from_obj(obj.get_Related_TTPs())
            return_obj.related_incidents = \
                    RelatedIncidents.from_obj(obj.get_Related_Incidents())
            return_obj.related_indicators = \
                    RelatedIndicators.from_obj(obj.get_Related_Indicators())
            return_obj.attribution = \
                    [Attribution.from_obj(x) for x in obj.get_Attribution()]
            return_obj.associated_campaigns = \
                    AssociatedCampaigns.from_obj(obj.get_Associated_Campaigns())
            return_obj.confidence = Confidence.from_obj(obj.get_Confidence())
            return_obj.activity = \
                    [Activity.from_obj(x) for x in obj.get_Activity()]
            return_obj.information_source = \
                    InformationSource.from_obj(obj.get_Information_Source())
            return_obj.handling = Marking.from_obj(obj.get_Handling())
            return_obj.related_packages = \
                    RelatedPackageRefs.from_obj(obj.get_Related_Packages())

        return return_obj
Beispiel #30
0
    def from_obj(cls, obj, return_obj=None):
        if not obj:
            return None
        if not return_obj:
            return_obj = cls()

        super(Indicator, cls).from_obj(obj, return_obj=return_obj)

        if isinstance(obj, cls._binding_class):
            return_obj.negate = obj.negate
            return_obj.producer = InformationSource.from_obj(obj.Producer)
            return_obj.confidence = Confidence.from_obj(obj.Confidence)
            return_obj.sightings = Sightings.from_obj(obj.Sightings)
            return_obj.composite_indicator_expression = CompositeIndicatorExpression.from_obj(
                obj.Composite_Indicator_Expression)
            return_obj.handling = Marking.from_obj(obj.Handling)
            return_obj.kill_chain_phases = KillChainPhasesReference.from_obj(
                obj.Kill_Chain_Phases)
            return_obj.related_indicators = RelatedIndicators.from_obj(
                obj.Related_Indicators)
            return_obj.likely_impact = Statement.from_obj(obj.Likely_Impact)
            return_obj.indicator_types = IndicatorTypes.from_obj(obj.Type)
            return_obj.test_mechanisms = TestMechanisms.from_obj(
                obj.Test_Mechanisms)
            return_obj.suggested_coas = SuggestedCOAs.from_obj(
                obj.Suggested_COAs)
            return_obj.alternative_id = obj.Alternative_ID
            return_obj.indicated_ttps = _IndicatedTTPs.from_obj(
                obj.Indicated_TTP)
            return_obj.valid_time_positions = _ValidTimePositions.from_obj(
                obj.Valid_Time_Position)
            return_obj.observable = Observable.from_obj(obj.Observable)
            return_obj.related_campaigns = RelatedCampaignRefs.from_obj(
                obj.Related_Campaigns)
            return_obj.related_packages = RelatedPackageRefs.from_obj(
                obj.Related_Packages)

        return return_obj