def BundleManage(mode):
if (mode == "import"):
if not (isProjectActive()):
tk.messagebox.showwarning("Error", "You are not into a project. Please Load or Create a project in order to import the Bundle Objects into it otherwise you could use the extract function.")
return
bundle=tk.filedialog.askopenfilename(initialdir="/", title="Please select a STIX2 Bundle file.",
filetypes=[("json files (STIX2)", "*.json")])
if bundle:
try:
stix2bundle = stix2.parse(filetoitem(bundle))
type = stix2bundle.get("type")
if not (type=="bundle"):
tk.messagebox.showwarning("Error", "Selected STIX2 object is not a Bundle.")
return
else:
if (mode=="import"):
for o in stix2bundle.get("objects"):
itemtofile(o)
tk.messagebox.showinfo("Success", "Selected Bundle was successfully imported into current project.")
else:#mode=="extract"
dest = tk.filedialog.askdirectory(initialdir="/",
title="Please select a folder to extract the Bundle to.")
if dest:
backupcwd = os.getcwd()
InitNewEnvironment(dest)
for o in stix2bundle.get("objects"):
itemtofile(o)
os.chdir(backupcwd)
tk.messagebox.showinfo("Success", "Selected Bundle was successfully extracted to the selected directory.")
except:
tk.messagebox.showwarning("Error", "This does not seem to be a valid STIX2 object. Import failed.")
def relationship_maker(source, type, target):
relationship = stix2.Relationship(source, type, target)
itemtofile(relationship)
return relationship
def vulnerability_maker(**kwargs):
vulnerability = stix2.Vulnerability(**kwargs)
flag = itemtofile(vulnerability)
return flag, vulnerability
def tool_maker(**kwargs):
tool = stix2.Tool(**kwargs)
flag = itemtofile(tool)
return flag, tool
def threat_actor_maker(**kwargs):
threat_actor = stix2.ThreatActor(**kwargs)
flag = itemtofile(threat_actor)
return flag, threat_actor
def report_maker(**kwargs):
report = stix2.Report(**kwargs)
flag = itemtofile(report)
return flag, report
def observed_data_maker(**kwargs):
observed_data = stix2.ObservedData(**kwargs)
flag = itemtofile(observed_data)
return flag, observed_data
def malware_maker(**kwargs):
malware = stix2.Malware(**kwargs)
flag = itemtofile(malware)
return flag, malware
def intrusion_set_maker(**kwargs):
intrusion_set = stix2.IntrusionSet(**kwargs)
flag = itemtofile(intrusion_set)
return flag, intrusion_set
def indicator_maker(**kwargs):
indicator = stix2.Indicator(**kwargs)
flag = itemtofile(indicator)
return flag, indicator
def identity_maker(**kwargs):
identity = stix2.Identity(**kwargs)
flag = itemtofile(identity)
return flag, identity
def course_of_action_maker(**kwargs):
coa = stix2.CourseOfAction(**kwargs)
flag = itemtofile(coa)
return flag, coa
def campaign_maker(**kwargs):
campaign = stix2.Campaign(**kwargs)
flag = itemtofile(campaign)
return flag, campaign
def attack_pattern_maker(**kwargs):
attack_pattern = stix2.AttackPattern(**kwargs)
flag = itemtofile(attack_pattern)
return flag, attack_pattern
def sighting_maker(**kwargs):
sighting = stix2.Sighting(**kwargs)
flag = itemtofile(sighting)
return flag, sighting
def marking_definition_maker(**kwargs):
marking_definition = stix2.MarkingDefinition(**kwargs)
flag = itemtofile(marking_definition)
return flag, marking_definition