class SomeSCO(stix2.v21._Observable):
_type = "some-sco"
_properties = OrderedDict((
('type', TypeProperty(_type, spec_version='2.1')),
('id', IDProperty(_type, spec_version='2.1')),
(
'extensions',
ExtensionsProperty(
spec_version='2.1',
enclosing_type=_type,
),
),
('string', StringProperty()),
('int', IntegerProperty()),
('float', FloatProperty()),
('bool', BooleanProperty()),
('list', ListProperty(IntegerProperty())),
('dict', DictionaryProperty(spec_version="2.1")),
))
_id_contributing_properties = [
'string',
'int',
'float',
'bool',
'list',
'dict',
]
def test_string_property():
prop = StringProperty()
assert prop.clean('foobar')
assert prop.clean(1)
assert prop.clean([1, 2, 3])
@pytest.mark.parametrize("value", [
2,
-1,
3.14,
False,
])
def test_integer_property_valid(value):
int_prop = IntegerProperty()
assert int_prop.clean(value) is not None
@pytest.mark.parametrize("value", [
"something",
StringProperty(),
])
def test_integer_property_invalid(value):
int_prop = IntegerProperty()
with pytest.raises(ValueError):
int_prop.clean(value)
@pytest.mark.parametrize("value", [
2,
-1,
3.14,
False,
])
def test_float_property_valid(value):
int_prop = FloatProperty()
class TestObj(stix2.base._STIXBase):
_type = "test"
_properties = {
"foo": StringProperty(),
}
@CustomObject('x-mitre-tactic', [
('name', properties.StringProperty(required=True)),
('description', properties.StringProperty(required=True)),
('x_mitre_shortname', properties.StringProperty(required=True))
])
class Tactic(object):
def __init__(self, x_mitre_shortname=None, **kwargs):
if x_mitre_shortname and x_mitre_shortname not in ["strategic-planning", "objective-planning", "develop-people",
"develop-networks", "microtargeting", "develop-content",
"channel-selection", "pump-priming", "exposure", "go-physical",
"persistence", "measure-effectiveness"]:
raise ValueError("'%s' is not a recognized AMITT Tactic." % x_mitre_shortname)
@CustomObject('x-amitt-narrative', [
('name', StringProperty(required=True)),
('description', StringProperty()),
('aliases', ListProperty(StringProperty)),
('first_seen', TimestampProperty()),
('last_seen', TimestampProperty()),
('objective', StringProperty()),
('external_references', ListProperty(ExternalReference)),
('object_marking_refs', ListProperty(ReferenceProperty(valid_types='marking-definition', spec_version='2.0'))),
('granular_markings', ListProperty(GranularMarking))
])
class Narrative(object):
def __init__(self, **kwargs):
if True:
pass
@CustomObject('x-amitt-incident', [
def create_observable_domain_name(
properties: ObservableProperties) -> DomainName:
"""Create an observable representing a domain name."""
return DomainName(
value=properties.value,
object_marking_refs=properties.object_markings,
custom_properties=_get_custom_properties(properties),
)
@CustomObservable(
"x-opencti-hostname",
[
("value", StringProperty(required=True)),
("spec_version", StringProperty(fixed="2.1")),
(
"object_marking_refs",
ListProperty(
ReferenceProperty(valid_types="marking-definition",
spec_version="2.1")),
),
],
["value"],
)
class Hostname:
"""Hostname observable."""
pass
import pytz
import feeds.extractor.common as fec
from stix2.properties import StringProperty, ReferenceProperty, ListProperty
from stix2.v21.bundle import Bundle
from stix2.v21.sdo import Report, CustomObject, Vulnerability, ThreatActor, Indicator
from stix2.v21.common import LanguageContent, GranularMarking
from stip.common.stip_stix2 import _get_stip_identname
# S-TIP オブジェクトに格納する固定値
STIP_IDENTITY_CLASS = 'organization'
STIP_NAME = 'Fujitsu System Integration Laboratories.'
# S-TIP SNS 用カスタムオブジェクト
@CustomObject('x-stip-sns', [
('post_type', StringProperty(required=True)),
('name', StringProperty(required=True)),
('description', StringProperty(required=True)),
('created_by_ref', ReferenceProperty(type='identity')),
('lang', StringProperty()),
('granular_markings', ListProperty(GranularMarking)),
])
class StipSns(object):
pass
# stix2_titles と stix2_contents から language_content の contents に格納する辞書を作成する
def _get_language_contents(stix2_titles, stix2_contents):
contents = {}
for stix2_title in stix2_titles:
language = stix2_title['language']
class SubObj(stix2.base._STIXBase):
_type = "sub-object"
_properties = OrderedDict((('value', StringProperty()), ))
import stip.common.const as const
from stix2.properties import StringProperty, ReferenceProperty, ListProperty, DictionaryProperty
from stix2.v21.bundle import Bundle
from stix2.v21.sdo import Report, CustomObject, Vulnerability, ThreatActor, Indicator, Identity
from stix2.v21.common import GranularMarking
# S-TIP SNS 用カスタムオブジェクト
@CustomObject(const.STIP_STIX2_X_STIP_SNS_TYPE, [
('name', StringProperty(required=True)),
('description', StringProperty(required=True)),
('created_by_ref', ReferenceProperty(valid_types='identity')),
('lang', StringProperty()),
('granular_markings', ListProperty(GranularMarking)),
(const.STIP_STIX2_PROP_TYPE, StringProperty(required=True)),
(const.STIP_STIX2_PROP_AUTHOR, DictionaryProperty(required=True)),
(const.STIP_STIX2_PROP_POST, DictionaryProperty()),
(const.STIP_STIX2_PROP_ATTACHMENTS, ListProperty(DictionaryProperty)),
(const.STIP_STIX2_PROP_BUNDLE_ID, StringProperty()),
(const.STIP_STIX2_PROP_BUNDLE_VERSION, StringProperty()),
(const.STIP_STIX2_PROP_ATTACHMENT, DictionaryProperty()),
(const.STIP_STIX2_PROP_TAGS, ListProperty(StringProperty)),
(const.STIP_STIX2_PROP_INDICATORS, ListProperty(StringProperty)),
(const.STIP_STIX2_PROP_IDENTITY, StringProperty(required=True)),
(const.STIP_STIX2_PROP_TOOL, DictionaryProperty(required=True)),
])
class StipSns(object):
pass
import stip.common.const as const
from stix2.properties import StringProperty, ReferenceProperty, ListProperty, DictionaryProperty
from stix2.v21.bundle import Bundle
from stix2.v21.sdo import Report, CustomObject, Vulnerability, ThreatActor, Indicator, Identity
from stix2.v21.common import GranularMarking
# S-TIP SNS 用カスタムオブジェクト
@CustomObject(const.STIP_STIX2_X_STIP_SNS_TYPE, [
('name', StringProperty(required=True)),
('description', StringProperty(required=True)),
('created_by_ref', ReferenceProperty(valid_types='identity')),
('lang', StringProperty()),
('granular_markings', ListProperty(GranularMarking)),
(const.STIP_STIX2_PROP_TYPE, StringProperty(required=True)),
(const.STIP_STIX2_PROP_AUTHOR, DictionaryProperty(required=True)),
(const.STIP_STIX2_PROP_POST, DictionaryProperty()),
(const.STIP_STIX2_PROP_ATTACHMENT_REFS, ListProperty(DictionaryProperty)),
(const.STIP_STIX2_PROP_OBJECT_REF, StringProperty()),
(const.STIP_STIX2_PROP_OBJCET_REF_VERSION, StringProperty()),
(const.STIP_STIX2_PROP_ATTACHMENT, DictionaryProperty()),
(const.STIP_STIX2_PROP_TAGS, ListProperty(StringProperty)),
(const.STIP_STIX2_PROP_INDICATORS, ListProperty(StringProperty)),
(const.STIP_STIX2_PROP_IDENTITY, StringProperty(required=True)),
(const.STIP_STIX2_PROP_TOOL, DictionaryProperty(required=True)),
])
class StipSns(object):
pass
