forked from MAECProject/gfi-sandbox-to-maec
Generate MAEC XML from GFI Sandbox XML output
License
chazlever/gfi-sandbox-to-maec
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
****************************************************
GFI Sandbox XML -> MAEC XML Converter Script
Copyright (c) 2015 - The MITRE Corporation
****************************************************
BY USING THE GFI SANDBOX TO MAEC SCRIPT, YOU SIGNIFY YOUR ACCEPTANCE OF THE TERMS AND
CONDITIONS OF USE. IF YOU DO NOT AGREE TO THESE TERMS, DO NOT USE THE SCRIPT.
For more information, please refer to the LICENSE.txt file.
#################################################################
#Generates MAEC Output from a GFI Sandbox v4 XML file #
#Compatible with MAEC Schema v4.1 & CybOX v2.1 #
# #
#v0.24 - BETA #
#Updated 10/13/2014 #
# #
#################################################################
# MAEC - http://maec.mitre.org #
# ThreatTrack (GFI) Sandbox - ################
# http://www.threattracksecurity.com/enterprise-security/sandbox-software.aspx #
################################################################################
--------------------------------------------------------------------------------
--Included Files----------------------------------------------------------------
README: this file.
gfisandbox_to_maec.py: the GFI Sandbox XML to MAEC XML Python converter script.
gfi_sandbox.py: the GFI Sandbox Python bindings which the script imports.
gfi_parser.py: the GFI parser class.
\gfi: the GFI parser classes which the script imports.
LICENSE.txt: the terms of use for this script.
--------------------------------------------------------------------------------
--Dependencies------------------------------------------------------------------
This code has been developed and tested under Python 2.7.x and so may not
be compatible with Python 3.x.
There are three dependencies for this script:
1) The Python lxml library >= v3.2.x, http://lxml.de/
1) The python-maec library >= v4.1.0.0, https://pypi.python.org/pypi/maec
2) The python-cybox library >= v2.1.0.0, https://pypi.python.org/pypi/cybox
--------------------------------------------------------------------------------
--Usage Notes-------------------------------------------------------------------
The command-line syntax for the script is:
python gfisandbox_to_maec.py <special argument> <gfisandbox file OR directory>
<maec output file OR directory>
Special arguments are as follows (all are optional):
-v or --verbose : verbose error mode (prints tracebacks of any errors during execution).
-dd or --deduplicate : deduplicate the MAEC output (Objects only).
-n or --normalize : normalize the MAEC output (Objects only).
-dr or --dereference : dereference the MAEC output (Objects only).
Thus, a sample command-line would look like:
python gfisandbox_to_maec.py -dd -n gfi_out.xml gfi_maec_out.xml
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
About
Generate MAEC XML from GFI Sandbox XML output
Resources
License
Stars
Watchers
Forks
Packages 0
No packages published
Languages
- Python 100.0%