def from_obj(analysis_obj):
if not analysis_obj:
return None
analysis_ = Analysis(None)
analysis_.id = analysis_obj.get_id()
analysis_.method = analysis_obj.get_method()
analysis_.type = analysis_obj.get_type()
analysis_.ordinal_position = analysis_obj.get_ordinal_position()
analysis_.complete_datetime = analysis_obj.get_complete_datetime()
analysis_.start_datetime = analysis_obj.get_start_datetime()
analysis_.lastupdate_datetime = analysis_obj.get_lastupdate_datetime()
analysis_.source = Source.from_obj(analysis_obj.get_Source())
analysis_.analysts = Personnel.from_obj(analysis_obj.get_Analysts())
analysis_.summary = StructuredText.from_obj(analysis_obj.get_Summary())
analysis_.comments = CommentList.from_obj(analysis_obj.get_Comments())
if analysis_obj.get_Findings_Bundle_Reference():
analysis_.findings_bundle_reference = [
BundleReference.from_obj(x) for x in analysis_obj.get_Findings_Bundle_Reference()
]
analysis_.tools = ToolList.from_obj(analysis_obj.get_Tools())
analysis_.dynamic_analysis_metadata = DynamicAnalysisMetadata.from_obj(
analysis_obj.get_Dynamic_Analysis_Metadata()
)
analysis_.analysis_environment = AnalysisEnvironment.from_obj(analysis_obj.get_Analysis_Environment())
analysis_.report = StructuredText.from_obj(analysis_obj.get_Report())
return analysis_
def from_obj(platform_specification_obj):
if not platform_specification_obj:
return None
platform_specification_ = PlatformSpecification()
platform_specification_.description = StructuredText.from_obj(platform_specification_obj.get_Description())
platform_specification_.identifiers = [PlatformIdentifier.from_obj(x) for x in platform_specification_obj.get_Identifier()]
return platform_specification_
def from_obj(observable_obj):
if not observable_obj:
return None
from cybox.core import PatternFidelity
obs = Observable()
obs.id_ = observable_obj.id
obs.title = observable_obj.Title
obs.description = StructuredText.from_obj(observable_obj.Description)
obs.object_ = Object.from_obj(observable_obj.Object)
obs.event = Event.from_obj(observable_obj.Event)
obs.observable_composition = ObservableComposition.from_obj(
observable_obj.Observable_Composition)
obs.idref = observable_obj.idref
obs.sighting_count = observable_obj.sighting_count
if observable_obj.Observable_Source:
obs.observable_source = [
MeasureSource.from_obj(x)
for x in observable_obj.Observable_Source
]
obs.keywords = Keywords.from_obj(observable_obj.Keywords)
obs.pattern_fidelity = PatternFidelity.from_obj(
observable_obj.Pattern_Fidelity)
return obs
def from_obj(platform_specification_obj):
if not platform_specification_obj:
return None
platform_specification_ = PlatformSpecification()
platform_specification_.description = StructuredText.from_obj(platform_specification_obj.Description)
platform_specification_.identifiers = [PlatformIdentifier.from_obj(x) for x in platform_specification_obj.Identifier]
return platform_specification_
def from_obj(comment_obj):
if not comment_obj:
return None
comment_ = StructuredText.from_obj(comment_obj, Comment())
comment_.author = comment_obj.get_author()
comment_.timestamp = comment_obj.get_timestamp()
comment_.observation_name = comment_obj.get_observation_name()
return comment_
def from_obj(observable_obj):
if not observable_obj:
return None
obs = Observable()
obs.id_ = observable_obj.get_id()
obs.title = observable_obj.get_Title()
obs.description = StructuredText.from_obj(observable_obj.get_Description())
obs.object_ = Object.from_obj(observable_obj.get_Object())
obs.observable_composition = ObservableComposition.from_obj(observable_obj.get_Observable_Composition())
obs.idref = observable_obj.get_idref()
return obs
def from_obj(measure_source_obj):
if not measure_source_obj:
return None
measure_source_ = MeasureSource()
measure_source_.class_ = measure_source_obj.get_class()
measure_source_.source_type = measure_source_obj.get_source_type()
measure_source_.name = measure_source_obj.get_name()
measure_source_.information_source_type = VocabString.from_obj(measure_source_obj.get_Information_Source_Type())
measure_source_.tool_type = VocabString.from_obj(measure_source_obj.get_Tool_Type())
measure_source_.description = StructuredText.from_obj(measure_source_obj.get_Description())
measure_source_.contributors = Personnel.from_obj(measure_source_obj.get_Contributors())
measure_source_.time = Time.from_obj(measure_source_obj.get_Time())
measure_source_.tools = ToolInformationList.from_obj(measure_source_obj.get_Tools())
measure_source_.platform = None #TODO: add support
measure_source_.system = ObjectProperties.from_obj(measure_source_obj.get_System())
measure_source_.instance = ObjectProperties.from_obj(measure_source_obj.get_Instance())
return measure_source_
def from_obj(observable_obj):
if not observable_obj:
return None
obs = Observable()
obs.id_ = observable_obj.get_id()
obs.title = observable_obj.get_Title()
obs.description = StructuredText.from_obj(observable_obj.get_Description())
obs.object_ = Object.from_obj(observable_obj.get_Object())
obs.event = Event.from_obj(observable_obj.get_Event())
obs.observable_composition = ObservableComposition.from_obj(observable_obj.get_Observable_Composition())
obs.idref = observable_obj.get_idref()
obs.sighting_count = observable_obj.get_sighting_count()
if observable_obj.get_Observable_Source():
obs.observable_source = [MeasureSource.from_obj(x) for x in observable_obj.get_Observable_Source()]
return obs
def from_obj(toolinfo_obj, toolinfo=None):
if not toolinfo_obj:
return None
if not toolinfo:
toolinfo = ToolInformation()
toolinfo.id_ = toolinfo_obj.id
toolinfo.idref = toolinfo_obj.idref
toolinfo.name = toolinfo_obj.Name
toolinfo.type_ = [VocabString.from_obj(x) for x in toolinfo_obj.Type]
toolinfo.description = StructuredText.from_obj(toolinfo_obj.Description)
toolinfo.vendor = toolinfo_obj.Vendor
toolinfo.version = toolinfo_obj.Version
toolinfo.service_pack = toolinfo_obj.Service_Pack
toolinfo.tool_hashes = HashList.from_obj(toolinfo_obj.Tool_Hashes)
return toolinfo
def from_obj(toolinfo_obj, tool_class = None):
if not toolinfo_obj:
return None
if not tool_class:
toolinfo = ToolInformation()
else:
toolinfo = tool_class
toolinfo.id_ = toolinfo_obj.get_id()
toolinfo.idref = toolinfo_obj.get_idref()
toolinfo.name = toolinfo_obj.get_Name()
toolinfo.type_ = [ToolType.from_obj(x) for x in toolinfo_obj.get_Type()]
toolinfo.description = StructuredText.from_obj(toolinfo_obj.get_Description())
toolinfo.vendor = toolinfo_obj.get_Vendor()
toolinfo.version = toolinfo_obj.get_Version()
toolinfo.service_pack = toolinfo_obj.get_Service_Pack()
toolinfo.tool_hashes = HashList.from_obj(toolinfo_obj.get_Tool_Hashes())
return toolinfo
def from_obj(toolinfo_obj, toolinfo=None):
if not toolinfo_obj:
return None
if not toolinfo:
toolinfo = ToolInformation()
toolinfo.id_ = toolinfo_obj.id
toolinfo.idref = toolinfo_obj.idref
toolinfo.name = toolinfo_obj.Name
toolinfo.type_ = [VocabString.from_obj(x) for x in toolinfo_obj.Type]
toolinfo.description = StructuredText.from_obj(
toolinfo_obj.Description)
toolinfo.vendor = toolinfo_obj.Vendor
toolinfo.version = toolinfo_obj.Version
toolinfo.service_pack = toolinfo_obj.Service_Pack
toolinfo.tool_hashes = HashList.from_obj(toolinfo_obj.Tool_Hashes)
return toolinfo
def from_obj(observable_obj):
if not observable_obj:
return None
from cybox.core import PatternFidelity
obs = Observable()
obs.id_ = observable_obj.id
obs.title = observable_obj.Title
obs.description = StructuredText.from_obj(observable_obj.Description)
obs.object_ = Object.from_obj(observable_obj.Object)
obs.event = Event.from_obj(observable_obj.Event)
obs.observable_composition = ObservableComposition.from_obj(observable_obj.Observable_Composition)
obs.idref = observable_obj.idref
obs.sighting_count = observable_obj.sighting_count
if observable_obj.Observable_Source:
obs.observable_source = [MeasureSource.from_obj(x) for x in observable_obj.Observable_Source]
obs.keywords = Keywords.from_obj(observable_obj.Keywords)
obs.pattern_fidelity = PatternFidelity.from_obj(observable_obj.Pattern_Fidelity)
return obs
def from_obj(action_obj, action_cls = None):
if not action_obj:
return None
if action_cls == None:
action_cls = Action()
action_ = action_cls
action_.id = action_obj.get_id()
action_.idref = action_obj.get_idref()
action_.ordinal_position = action_obj.get_ordinal_position()
action_.action_status = action_obj.get_action_status()
action_.context = action_obj.get_context()
action_.timestamp = action_obj.get_timestamp()
action_.type = VocabString.from_obj(action_obj.get_Type())
action_.name = VocabString.from_obj(action_obj.get_Name())
action_.description = StructuredText.from_obj(action_obj.get_Description())
if action_obj.get_Action_Arguments() is not None: action_.action_arguments = ActionArguments.from_obj(action_obj.get_Action_Arguments())
action_.discovery_method = MeasureSource.from_obj(action_obj.get_Discovery_Method())
if action_obj.get_Associated_Objects() is not None : action_.associated_objects = AssociatedObjects.from_obj(action_obj.get_Associated_Objects())
if action_obj.get_Relationships() is not None : action_.relationships = ActionRelationships.from_obj(action_obj.get_Relationships())
#action_.frequency = Frequency.from_dict(action_dict.get('frequency')) #TODO: add support
if action_obj.get_Action_Aliases() is not None :
action_.action_aliases = action_obj.get_Action_Aliases().get_Action_Alias()
return action_
def from_obj(toolinfo_obj, tool_class=None):
if not toolinfo_obj:
return None
if not tool_class:
toolinfo = ToolInformation()
else:
toolinfo = tool_class
toolinfo.id_ = toolinfo_obj.get_id()
toolinfo.idref = toolinfo_obj.get_idref()
toolinfo.name = toolinfo_obj.get_Name()
toolinfo.type_ = [
ToolType.from_obj(x) for x in toolinfo_obj.get_Type()
]
toolinfo.description = StructuredText.from_obj(
toolinfo_obj.get_Description())
toolinfo.vendor = toolinfo_obj.get_Vendor()
toolinfo.version = toolinfo_obj.get_Version()
toolinfo.service_pack = toolinfo_obj.get_Service_Pack()
toolinfo.tool_hashes = HashList.from_obj(
toolinfo_obj.get_Tool_Hashes())
return toolinfo
