class SomeSCO(stix2.v21._Observable): _type = "some-sco" _properties = OrderedDict(( ('type', TypeProperty(_type, spec_version='2.1')), ('id', IDProperty(_type, spec_version='2.1')), ( 'extensions', ExtensionsProperty( spec_version='2.1', enclosing_type=_type, ), ), ('string', StringProperty()), ('int', IntegerProperty()), ('float', FloatProperty()), ('bool', BooleanProperty()), ('list', ListProperty(IntegerProperty())), ('dict', DictionaryProperty(spec_version="2.1")), )) _id_contributing_properties = [ 'string', 'int', 'float', 'bool', 'list', 'dict', ]
def test_string_property(): prop = StringProperty() assert prop.clean('foobar') assert prop.clean(1) assert prop.clean([1, 2, 3])
@pytest.mark.parametrize("value", [ 2, -1, 3.14, False, ]) def test_integer_property_valid(value): int_prop = IntegerProperty() assert int_prop.clean(value) is not None @pytest.mark.parametrize("value", [ "something", StringProperty(), ]) def test_integer_property_invalid(value): int_prop = IntegerProperty() with pytest.raises(ValueError): int_prop.clean(value) @pytest.mark.parametrize("value", [ 2, -1, 3.14, False, ]) def test_float_property_valid(value): int_prop = FloatProperty()
class TestObj(stix2.base._STIXBase): _type = "test" _properties = { "foo": StringProperty(), }
@CustomObject('x-mitre-tactic', [ ('name', properties.StringProperty(required=True)), ('description', properties.StringProperty(required=True)), ('x_mitre_shortname', properties.StringProperty(required=True)) ]) class Tactic(object): def __init__(self, x_mitre_shortname=None, **kwargs): if x_mitre_shortname and x_mitre_shortname not in ["strategic-planning", "objective-planning", "develop-people", "develop-networks", "microtargeting", "develop-content", "channel-selection", "pump-priming", "exposure", "go-physical", "persistence", "measure-effectiveness"]: raise ValueError("'%s' is not a recognized AMITT Tactic." % x_mitre_shortname) @CustomObject('x-amitt-narrative', [ ('name', StringProperty(required=True)), ('description', StringProperty()), ('aliases', ListProperty(StringProperty)), ('first_seen', TimestampProperty()), ('last_seen', TimestampProperty()), ('objective', StringProperty()), ('external_references', ListProperty(ExternalReference)), ('object_marking_refs', ListProperty(ReferenceProperty(valid_types='marking-definition', spec_version='2.0'))), ('granular_markings', ListProperty(GranularMarking)) ]) class Narrative(object): def __init__(self, **kwargs): if True: pass @CustomObject('x-amitt-incident', [
def create_observable_domain_name( properties: ObservableProperties) -> DomainName: """Create an observable representing a domain name.""" return DomainName( value=properties.value, object_marking_refs=properties.object_markings, custom_properties=_get_custom_properties(properties), ) @CustomObservable( "x-opencti-hostname", [ ("value", StringProperty(required=True)), ("spec_version", StringProperty(fixed="2.1")), ( "object_marking_refs", ListProperty( ReferenceProperty(valid_types="marking-definition", spec_version="2.1")), ), ], ["value"], ) class Hostname: """Hostname observable.""" pass
import pytz import feeds.extractor.common as fec from stix2.properties import StringProperty, ReferenceProperty, ListProperty from stix2.v21.bundle import Bundle from stix2.v21.sdo import Report, CustomObject, Vulnerability, ThreatActor, Indicator from stix2.v21.common import LanguageContent, GranularMarking from stip.common.stip_stix2 import _get_stip_identname # S-TIP オブジェクトに格納する固定値 STIP_IDENTITY_CLASS = 'organization' STIP_NAME = 'Fujitsu System Integration Laboratories.' # S-TIP SNS 用カスタムオブジェクト @CustomObject('x-stip-sns', [ ('post_type', StringProperty(required=True)), ('name', StringProperty(required=True)), ('description', StringProperty(required=True)), ('created_by_ref', ReferenceProperty(type='identity')), ('lang', StringProperty()), ('granular_markings', ListProperty(GranularMarking)), ]) class StipSns(object): pass # stix2_titles と stix2_contents から language_content の contents に格納する辞書を作成する def _get_language_contents(stix2_titles, stix2_contents): contents = {} for stix2_title in stix2_titles: language = stix2_title['language']
class SubObj(stix2.base._STIXBase): _type = "sub-object" _properties = OrderedDict((('value', StringProperty()), ))
import stip.common.const as const from stix2.properties import StringProperty, ReferenceProperty, ListProperty, DictionaryProperty from stix2.v21.bundle import Bundle from stix2.v21.sdo import Report, CustomObject, Vulnerability, ThreatActor, Indicator, Identity from stix2.v21.common import GranularMarking # S-TIP SNS 用カスタムオブジェクト @CustomObject(const.STIP_STIX2_X_STIP_SNS_TYPE, [ ('name', StringProperty(required=True)), ('description', StringProperty(required=True)), ('created_by_ref', ReferenceProperty(valid_types='identity')), ('lang', StringProperty()), ('granular_markings', ListProperty(GranularMarking)), (const.STIP_STIX2_PROP_TYPE, StringProperty(required=True)), (const.STIP_STIX2_PROP_AUTHOR, DictionaryProperty(required=True)), (const.STIP_STIX2_PROP_POST, DictionaryProperty()), (const.STIP_STIX2_PROP_ATTACHMENTS, ListProperty(DictionaryProperty)), (const.STIP_STIX2_PROP_BUNDLE_ID, StringProperty()), (const.STIP_STIX2_PROP_BUNDLE_VERSION, StringProperty()), (const.STIP_STIX2_PROP_ATTACHMENT, DictionaryProperty()), (const.STIP_STIX2_PROP_TAGS, ListProperty(StringProperty)), (const.STIP_STIX2_PROP_INDICATORS, ListProperty(StringProperty)), (const.STIP_STIX2_PROP_IDENTITY, StringProperty(required=True)), (const.STIP_STIX2_PROP_TOOL, DictionaryProperty(required=True)), ]) class StipSns(object): pass
import stip.common.const as const from stix2.properties import StringProperty, ReferenceProperty, ListProperty, DictionaryProperty from stix2.v21.bundle import Bundle from stix2.v21.sdo import Report, CustomObject, Vulnerability, ThreatActor, Indicator, Identity from stix2.v21.common import GranularMarking # S-TIP SNS 用カスタムオブジェクト @CustomObject(const.STIP_STIX2_X_STIP_SNS_TYPE, [ ('name', StringProperty(required=True)), ('description', StringProperty(required=True)), ('created_by_ref', ReferenceProperty(valid_types='identity')), ('lang', StringProperty()), ('granular_markings', ListProperty(GranularMarking)), (const.STIP_STIX2_PROP_TYPE, StringProperty(required=True)), (const.STIP_STIX2_PROP_AUTHOR, DictionaryProperty(required=True)), (const.STIP_STIX2_PROP_POST, DictionaryProperty()), (const.STIP_STIX2_PROP_ATTACHMENT_REFS, ListProperty(DictionaryProperty)), (const.STIP_STIX2_PROP_OBJECT_REF, StringProperty()), (const.STIP_STIX2_PROP_OBJCET_REF_VERSION, StringProperty()), (const.STIP_STIX2_PROP_ATTACHMENT, DictionaryProperty()), (const.STIP_STIX2_PROP_TAGS, ListProperty(StringProperty)), (const.STIP_STIX2_PROP_INDICATORS, ListProperty(StringProperty)), (const.STIP_STIX2_PROP_IDENTITY, StringProperty(required=True)), (const.STIP_STIX2_PROP_TOOL, DictionaryProperty(required=True)), ]) class StipSns(object): pass