def from_dict(cls, dict_repr, return_obj=None): if not return_obj: return_obj = cls() return_obj.id_ = dict_repr.get('id') return_obj.idref = dict_repr.get('idref') return_obj.timestamp = dict_repr.get('timestamp') return_obj.version = dict_repr.get('version', cls._version) return_obj.stix_header = STIXHeader.from_dict( dict_repr.get('stix_header')) return_obj.campaigns = Campaigns.from_dict(dict_repr.get('campaigns')) return_obj.courses_of_action = CoursesOfAction.from_dict( dict_repr.get('courses_of_action')) return_obj.exploit_targets = ExploitTargets.from_dict( dict_repr.get('exploit_targets')) return_obj.indicators = Indicators.from_dict( dict_repr.get('indicators')) return_obj.observables = Observables.from_dict( dict_repr.get('observables')) return_obj.incidents = Incidents.from_dict(dict_repr.get('incidents')) return_obj.threat_actors = ThreatActors.from_dict( dict_repr.get('threat_actors')) return_obj.ttps = TTPs.from_dict(dict_repr.get('ttps')) return_obj.related_packages = RelatedPackages.from_dict( dict_repr.get('related_packages')) return return_obj
def from_dict(cls, dict_repr, return_obj=None): if not dict_repr: return None if not return_obj: return_obj = cls() return_obj.id_ = dict_repr.get('id') return_obj.idref = dict_repr.get('idref') return_obj.timestamp = dict_repr.get('timestamp') return_obj.version = dict_repr.get('version', cls._version) return_obj.title = dict_repr.get('title') return_obj.stage = VocabString.from_dict(dict_repr.get('stage')) return_obj.type_ = VocabString.from_dict(dict_repr.get('type')) return_obj.description = StructuredText.from_dict( dict_repr.get('description')) return_obj.short_description = StructuredText.from_dict( dict_repr.get('short_description')) return_obj.objective = Objective.from_dict(dict_repr.get('objective')) return_obj.parameter_observables = \ Observables.from_dict(dict_repr.get('parameter_observables')) return_obj.impact = Statement.from_dict(dict_repr.get('impact')) return_obj.cost = Statement.from_dict(dict_repr.get('cost')) return_obj.efficacy = Statement.from_dict(dict_repr.get('efficacy')) return_obj.information_source = InformationSource.from_dict( dict_repr.get('information_source')) return_obj.handling = Marking.from_dict(dict_repr.get('handling')) return_obj.related_coas = \ RelatedCOAs.from_dict(dict_repr.get('related_coas')) return_obj.related_packages = \ RelatedPackageRefs.from_dict(dict_repr.get('related_packages')) return return_obj
def from_dict(cls, dict_repr, return_obj=None): if not dict_repr: return None if not return_obj: return_obj = cls() super(CourseOfAction, cls).from_dict(dict_repr, return_obj=return_obj) get = dict_repr.get return_obj.stage = VocabString.from_dict(get('stage')) return_obj.type_ = VocabString.from_dict(get('type')) return_obj.objective = Objective.from_dict(get('objective')) return_obj.parameter_observables = \ Observables.from_dict(get('parameter_observables')) return_obj.impact = Statement.from_dict(get('impact')) return_obj.cost = Statement.from_dict(get('cost')) return_obj.efficacy = Statement.from_dict(get('efficacy')) return_obj.related_coas = \ RelatedCOAs.from_dict(get('related_coas')) return_obj.related_packages = \ related.RelatedPackageRefs.from_dict(get('related_packages')) return_obj.structured_coa = \ _BaseStructuredCOA.from_dict(get('structured_coa')) return return_obj
def from_dict(cls, dict_repr, return_obj=None): if not dict_repr: return None if not return_obj: return_obj = cls() return_obj.id_ = dict_repr.get('id') return_obj.idref = dict_repr.get('idref') return_obj.timestamp = dict_repr.get('timestamp') return_obj.version = dict_repr.get('version') return_obj.title = dict_repr.get('title') return_obj.stage = VocabString.from_dict(dict_repr.get('stage')) return_obj.type_ = VocabString.from_dict(dict_repr.get('type')) return_obj.description = StructuredText.from_dict(dict_repr.get('description')) return_obj.short_description = StructuredText.from_dict(dict_repr.get('short_description')) return_obj.objective = Objective.from_dict(dict_repr.get('objective')) return_obj.parameter_observables = \ Observables.from_dict(dict_repr.get('parameter_observables')) return_obj.impact = Statement.from_dict(dict_repr.get('impact')) return_obj.cost = Statement.from_dict(dict_repr.get('cost')) return_obj.efficacy = Statement.from_dict(dict_repr.get('efficacy')) return_obj.information_source = InformationSource.from_dict(dict_repr.get('information_source')) return_obj.handling = Marking.from_dict(dict_repr.get('handling')) return_obj.related_coas = \ RelatedCOAs.from_dict(dict_repr.get('related_coas')) return_obj.related_packages = \ RelatedPackageRefs.from_dict(dict_repr.get('related_packages')) return return_obj
def from_dict(cls, dict_repr, return_obj=None): if not dict_repr: return None if not return_obj: return_obj = cls() return_obj.identity = Identity.from_dict(dict_repr.get('identity')) return_obj.targeted_systems = [VocabString.from_dict(x) for x in dict_repr.get('targeted_systems', [])] return_obj.targeted_information = [VocabString.from_dict(x) for x in dict_repr.get('targeted_information', [])] return_obj.targeted_technical_details = Observables.from_dict(dict_repr.get('targeted_technical_details')) return return_obj
def main(): fn = 'se_07.xml' print "parsing input xml document..." observables_obj = cybox_core_binding.parse(fn) # build a binding object observables = Observables.from_obj(observables_obj) # build an api object from binding observables_dict = observables.to_dict() # create dictionary from api object pprint(observables_dict) print "building xml from dictionary..." observables_two = Observables.from_dict(observables_dict) # create copy api object from dictionary xml = observables_two.to_xml() # generate xml from copied api object print xml
def from_dict(cls, dict_repr, return_obj=None): if not dict_repr: return None if not return_obj: return_obj = cls() get = dict_repr.get return_obj.identity = Identity.from_dict(get('identity')) return_obj.targeted_systems = TargetedSystems.from_dict(get('targeted_systems')) return_obj.targeted_information = TargetedInformation.from_dict(get('targeted_information')) return_obj.targeted_technical_details = Observables.from_dict(get('targeted_technical_details')) return return_obj
def from_dict(cls, dict_repr, return_obj=None): if not dict_repr: return None if not return_obj: return_obj = cls() return_obj.id_ = dict_repr.get('id') return_obj.title = dict_repr.get('title') return_obj.description = StructuredText.from_dict(dict_repr.get('description')) return_obj.short_description = StructuredText.from_dict(dict_repr.get('short_description')) return_obj.types = [VocabString.from_dict(x) for x in dict_repr.get('types', [])] return_obj.observable_characterization = Observables.from_dict(dict_repr.get('observable_characterization')) return return_obj
def from_dict(cls, dict_repr, return_obj=None): if not dict_repr: return None if not return_obj: return_obj = cls() return_obj.id_ = dict_repr.get('id') return_obj.title = dict_repr.get('title') return_obj.description = StructuredText.from_dict(dict_repr.get('description')) return_obj.short_description = StructuredText.from_dict(dict_repr.get('short_description')) return_obj.types = [AttackerInfrastructureType.from_dict(x) for x in dict_repr.get('types', [])] return_obj.observable_characterization = Observables.from_dict(dict_repr.get('observable_characterization')) return return_obj
def from_dict(cls, d, return_obj=None): if not d: return None if not return_obj: return_obj = cls() return_obj.type_ = AssetType.from_dict(d.get('type')) return_obj.description = StructuredText.from_dict(d.get('description')) return_obj.business_function_or_role = StructuredText.from_dict(d.get('business_function_or_role')) return_obj.ownership_class = OwnershipClass.from_dict(d.get('ownership_class')) return_obj.management_class = ManagementClass.from_dict(d.get('management_class')) return_obj.location_class = LocationClass.from_dict(d.get('location_class')) #return_obj.location = Location.from_dict(d.get('location')) return_obj.nature_of_security_effect = [PropertyAffected.from_dict(x) for x in d.get('nature_of_security_effect')] return_obj.structured_description = Observables.from_dict(d.get('structured_description')) return return_obj
def from_dict(cls, d, return_obj=None): if not d: return None if not return_obj: return_obj = cls() get = d.get return_obj.type_ = AssetType.from_dict(get('type')) return_obj.description = StructuredText.from_dict(get('description')) return_obj.business_function_or_role = StructuredText.from_dict(get('business_function_or_role')) return_obj.ownership_class = VocabString.from_dict(get('ownership_class')) return_obj.management_class = VocabString.from_dict(get('management_class')) return_obj.location_class = VocabString.from_dict(get('location_class')) # return_obj.location = Location.from_dict(get('location')) return_obj.nature_of_security_effect = NatureOfSecurityEffect.from_dict(get('nature_of_security_effect')) return_obj.structured_description = Observables.from_dict(get('structured_description')) return return_obj
def from_dict(cls, dict_repr, return_obj=None): if not dict_repr: return None if not return_obj: return_obj = cls() get = dict_repr.get return_obj.identity = Identity.from_dict(get('identity')) return_obj.targeted_systems = TargetedSystems.from_dict( get('targeted_systems')) return_obj.targeted_information = TargetedInformation.from_dict( get('targeted_information')) return_obj.targeted_technical_details = Observables.from_dict( get('targeted_technical_details')) return return_obj
def from_dict(cls, d, return_obj=None): if not d: return None if not return_obj: return_obj = cls() get = d.get return_obj.type_ = AssetType.from_dict(get('type')) return_obj.descriptions = StructuredTextList.from_dict(get('description')) return_obj.business_functions_or_roles = StructuredTextList.from_dict(get('business_function_or_role')) return_obj.ownership_class = VocabString.from_dict(get('ownership_class')) return_obj.management_class = VocabString.from_dict(get('management_class')) return_obj.location_class = VocabString.from_dict(get('location_class')) # return_obj.location = Location.from_dict(get('location')) return_obj.nature_of_security_effect = NatureOfSecurityEffect.from_dict(get('nature_of_security_effect')) return_obj.structured_description = Observables.from_dict(get('structured_description')) return return_obj
def test_list_behavior(self): obs = Observables.from_dict(self._full_dict) self.assertEqual(1, len(obs)) self.assertTrue(obs[0] is not None) self.assertRaises(IndexError, obs.__getitem__, 1) self.assertEqual("example.txt", obs[0].object_.properties.file_name) self.assertEqual(self._full_dict, obs.to_dict()) # When calling to_list, only the observables themselves are returned. self.assertEqual(self._full_dict['observables'], obs.to_list()) # Even when using append, an Address automatically gets wrapped in an # Object and an Observable. obs.append(Address("*****@*****.**", Address.CAT_EMAIL)) self.assertEqual(2, len(obs)) self.assertEqual(Observable, type(obs[1])) self.assertEqual(Address.CAT_EMAIL, obs[1].object_.properties.category)
def from_dict(cls, dict_repr, return_obj=None): if not return_obj: return_obj = cls() return_obj.id_ = dict_repr.get('id', None) return_obj.idref_ = dict_repr.get('idref', None) return_obj.version = dict_repr.get('version', None) header_dict = dict_repr.get('stix_header', None) return_obj.stix_header = STIXHeader.from_dict(header_dict) indicators = dict_repr.get('indicators', []) for indicator_dict in indicators: return_obj.add_indicator(Indicator.from_dict(indicator_dict)) observables_dict = dict_repr.get('observables') return_obj.observables = Observables.from_dict(observables_dict) return return_obj
def from_dict(cls, dict_repr, return_obj=None): if not return_obj: return_obj = cls() return_obj.id_ = dict_repr.get('id') return_obj.idref = dict_repr.get('idref') return_obj.timestamp = dict_repr.get('timestamp') return_obj.version = dict_repr.get('version', cls._version) return_obj.stix_header = STIXHeader.from_dict(dict_repr.get('stix_header')) return_obj.campaigns = Campaigns.from_dict(dict_repr.get('campaigns')) return_obj.courses_of_action = CoursesOfAction.from_dict(dict_repr.get('courses_of_action')) return_obj.exploit_targets = ExploitTargets.from_dict(dict_repr.get('exploit_targets')) return_obj.indicators = Indicators.from_dict(dict_repr.get('indicators')) return_obj.observables = Observables.from_dict(dict_repr.get('observables')) return_obj.incidents = Incidents.from_dict(dict_repr.get('incidents')) return_obj.threat_actors = ThreatActors.from_dict(dict_repr.get('threat_actors')) return_obj.ttps = TTPs.from_dict(dict_repr.get('ttps')) return_obj.related_packages = RelatedPackages.from_dict(dict_repr.get('related_packages')) return return_obj
def from_dict(cls, d, return_obj=None): if not d: return None if not return_obj: return_obj = cls() return_obj.type_ = AssetType.from_dict(d.get('type')) return_obj.description = StructuredText.from_dict(d.get('description')) return_obj.business_function_or_role = StructuredText.from_dict( d.get('business_function_or_role')) return_obj.ownership_class = OwnershipClass.from_dict( d.get('ownership_class')) return_obj.management_class = ManagementClass.from_dict( d.get('management_class')) return_obj.location_class = LocationClass.from_dict( d.get('location_class')) #return_obj.location = Location.from_dict(d.get('location')) return_obj.nature_of_security_effect = [ PropertyAffected.from_dict(x) for x in d.get('nature_of_security_effect') ] return_obj.structured_description = Observables.from_dict( d.get('structured_description')) return return_obj