def test_email_attachment(self):
test_file = os.path.join(os.path.dirname(__file__), "data",
"iocbucket_9c2a7a3b3c8ea33d8e05ad2f0557cd56b5828a51_mhadi.ioc")
stix_pkg = translate.to_stix(test_file)
observable = stix_pkg.indicators[0].observable.observable_composition.observables[7]
self.assertEquals(observable.object_.related_objects[0].relationship, "Contains")
def test_email_attachment(self):
test_file = os.path.join(os.path.dirname(__file__), "data",
"iocbucket_9c2a7a3b3c8ea33d8e05ad2f0557cd56b5828a51_mhadi.ioc")
stix_pkg = translate.to_stix(test_file)
observable = stix_pkg.indicators[0].observable.observable_composition.observables[7]
self.assertEqual(observable.object_.related_objects[0].relationship, "Contains")
def _get_stix_package(ioc_xml):
if ioc_xml is not None and len(ioc_xml) > 0:
ns = namespaces.Namespace("http://openioc.org/openioc", "openioc", "")
idgen.set_id_namespace(ns)
stix_obj = to_stix(BytesIO(ioc_xml))
stix_package = STIXPackage_v1.from_xml(etree.fromstring(stix_obj.to_xml()))
return stix_package
else:
raise RuntimeError('request body is empty.')
def main():
# Parse command line arguments
argparser = get_arg_parser()
args = argparser.parse_args()
# initialize logging
init_logging(args.verbose)
# Set the namespace to be used in the STIX Package
utils.set_id_namespace({"http://openioc.org/openioc":"openioc"})
# Create Observables from binding object
stix_package = translate.to_stix(args.infile)
# Write the STIXPackage to a output file
write_package(stix_package, outfn=args.outfile)
def main():
# Parse command line arguments
argparser = get_arg_parser()
args = argparser.parse_args()
# initialize logging
init_logging(args.verbose)
# Set the namespace to be used in the STIX Package
ns = namespaces.Namespace("http://openioc.org/openioc", "openioc", "")
idgen.set_id_namespace(ns)
# Create Observables from binding object
stix_package = translate.to_stix(args.infile)
# Write the STIXPackage to a output file
write_package(stix_package, outfn=args.outfile)
def ioc2stix():
try:
data_dir = os.path.abspath(
os.path.join(os.path.dirname(os.path.abspath(__file__)),
'../data'))
in_xml = read2str(data_dir + '/stuxnet.ioc.xml')
# Set the namespace to be used in the STIX Package
ns = namespaces.Namespace("http://openioc.org/openioc", "openioc", "")
idgen.set_id_namespace(ns)
stix_package = to_stix(BytesIO(in_xml))
# print stix_package.to_xml()
out_fname = './stuxnet.xml'
write2file(out_fname, stix_package.to_xml())
except:
print traceback.format_exc().decode('utf-8')