def main():
'''Build a CybOX Observables document and write it to stdout'''
domain = api.create_domain_name_observable('www.example.com')
url = api.create_url_observable('http://www.example.com')
ipv4 = api.create_ipv4_observable('127.0.0.1')
email = api.create_email_address_observable('*****@*****.**')
file_ = api.create_file_hash_observable('foo.bar','94f93e00fd122466d68a6ae3b8c7f908')
observables_doc = Observables([
domain,
ipv4,
url,
email,
file_,
])
observables_doc.to_obj().export(sys.stdout, 0)
pprint(observables_doc.to_dict())
def export_cybox():
filename = asksaveasfilename(title="Save As", filetypes=[("xml file",".xml"),("All files",".*")])
observables_doc = None
if filename:
observables = []
for t in tags:
indicators = []
myhighlights = text.tag_ranges(t)
mystart = 0
for h in myhighlights:
if mystart == 0:
mystart = h
else:
mystop = h
value = text.get(mystart,mystop).replace('[.]','.').replace('[@]','@')
if t == 'md5':
value = value.upper()
if value not in indicators:
observable = cybox_api.create_file_hash_observable('', value, 'MD5')
observables.append(observable)
indicators.append(value)
elif t == 'ipv4':
if not value in indicators:
observable = cybox_api.create_ipv4_observable(value)
observables.append(observable)
indicators.append(value)
elif t == 'domain':
if not value in indicators:
observable = cybox_api.create_domain_name_observable(value)
observables.append(observable)
indicators.append(value)
elif t == 'url':
if not value in indicators:
observable = cybox_api.create_url_observable(value)
observables.append(observable)
indicators.append(value)
elif t == 'email':
if not value in indicators:
observable = cybox_api.create_email_address_observable(value)
observables.append(observable)
indicators.append(value)
mystart = 0
# end if
# end for
# end for
if len(observables) > 0:
observables_doc = cybox_api.create_observables_document(observables)
if len(filename) - filename.find('.xml') != 4:
filename = "%s.xml" % filename #add .xml extension if missing
# end if
f = open(filename, "wb")
observables_doc.export(f, 0)
f.close()
def export_cybox():
filename = asksaveasfilename(title="Save As",
filetypes=[("xml file", ".xml"),
("All files", ".*")])
observables_doc = None
if filename:
observables = []
for t in tags:
indicators = []
myhighlights = text.tag_ranges(t)
mystart = 0
for h in myhighlights:
if mystart == 0:
mystart = h
else:
mystop = h
value = text.get(mystart,
mystop).replace('[.]',
'.').replace('[@]', '@')
if t == 'md5':
value = value.upper()
if value not in indicators:
observable = cybox_api.create_file_hash_observable(
'', value, 'MD5')
observables.append(observable)
indicators.append(value)
elif t == 'ipv4':
if not value in indicators:
observable = cybox_api.create_ipv4_observable(
value)
observables.append(observable)
indicators.append(value)
elif t == 'domain':
if not value in indicators:
observable = cybox_api.create_domain_name_observable(
value)
observables.append(observable)
indicators.append(value)
elif t == 'url':
if not value in indicators:
observable = cybox_api.create_url_observable(value)
observables.append(observable)
indicators.append(value)
elif t == 'email':
if not value in indicators:
observable = cybox_api.create_email_address_observable(
value)
observables.append(observable)
indicators.append(value)
mystart = 0
# end if
# end for
# end for
if len(observables) > 0:
observables_doc = cybox_api.create_observables_document(
observables)
if len(filename) - filename.find('.xml') != 4:
filename = "%s.xml" % filename #add .xml extension if missing
# end if
f = open(filename, "wb")
observables_doc.export(f, 0)
f.close()