def from_dict(malware_subject_relationship_dict): if not malware_subject_relationship_dict: return None malware_subject_relationship_ = MalwareSubjectRelationship() malware_subject_relationship_.type = VocabString.from_dict(malware_subject_relationship_dict.get('type')) malware_subject_relationship_.malware_subject_references = [MalwareSubjectReference.from_dict(x) for x in malware_subject_relationship_dict.get('malware_subject_references', [])] return malware_subject_relationship_
def from_dict(capability_property_dict): if not capability_property_obj: return None capability_property_ = CapabilityProperty() capability_property_.name = VocabString.from_dict(capability_property_dict["name"]) capability_property_.value = String.from_dict(capability_property_dict["value"]) return capability_property_
def from_dict(mal_conf_param_dict): if not mal_conf_param_dict: return None mal_conf_param_ = MalwareConfigurationParameter() mal_conf_param_.name = VocabString.from_dict(mal_conf_param_dict['name']) if mal_conf_param_dict.get('value'): mal_conf_param_.value = mal_conf_param_dict['value'] return mal_conf_param_
def from_dict(capability_property_dict): if not capability_property_dict: return None capability_property_ = CapabilityProperty() capability_property_.name = VocabString.from_dict(capability_property_dict['name']) capability_property_.value = String.from_dict(capability_property_dict['value']) return capability_property_
def from_dict(action_argument_dict): if not action_argument_dict: return None action_argument_ = ActionArgument() action_argument_.argument_name = VocabString.from_dict(action_argument_dict.get('argument_name')) action_argument_.argument_value = action_argument_dict.get('argument_value') return action_argument_
def from_dict(action_relationship_dict): if not action_relationship_dict: return None action_relationship_ = ActionRelationship() action_relationship_.type = VocabString.from_dict(action_relationship_dict.get('type')) action_relationship_.action_references = [ActionReference.from_dict(x) for x in action_relationship_dict.get('action_reference', [])] return action_relationship_
def from_dict(action_relationship_dict): if not action_relationship_dict: return None action_relationship_ = ActionRelationship() action_relationship_.type = VocabString.from_dict(action_relationship_dict.get('type')) action_relationship_.action_references = [ActionReference.from_dict(x) for x in action_relationship_dict.get('action_reference')] return action_relationship_
def from_dict(mal_binary_obfusc_alg_dict): if not mal_binary_obfusc_alg_dict: return None mal_binary_obfusc_alg_ = MalwareConfigurationObfuscationAlgorithm() if mal_binary_obfusc_alg_dict['ordinal_position']: mal_binary_obfusc_alg_.ordinal_position = mal_binary_obfusc_alg_dict['ordinal_position'] if mal_binary_obfusc_alg_dict['key']: mal_binary_obfusc_alg_.key = mal_binary_obfusc_alg_dict['key'] mal_binary_obfusc_alg_.algorithm_name = VocabString.from_dict(mal_binary_obfusc_alg_dict['algorithm_name']) return mal_binary_obfusc_alg_
def from_dict(malware_entity_dict): if not malware_entity_dict: return None malware_entity_ = MalwareEntity() malware_entity_.type = VocabString.from_dict(malware_entity_dict.get('type')) malware_entity_.name = malware_entity_dict.get('name') malware_entity_.description = malware_entity_dict.get('description') return malware_entity_
def from_dict(measure_source_dict): if not measure_source_dict: return None measure_source_ = MeasureSource() measure_source_.class_ = measure_source_dict.get('class') measure_source_.source_type = measure_source_dict.get('source_type') measure_source_.name = measure_source_dict.get('name') measure_source_.information_source_type = VocabString.from_dict(measure_source_dict.get('information_source_type')) measure_source_.tool_type = VocabString.from_dict(measure_source_dict.get('tool_type')) measure_source_.description = StructuredText.from_dict(measure_source_dict.get('description')) measure_source_.contributors = Personnel.from_list(measure_source_dict.get('contributors')) measure_source_.time = Time.from_dict(measure_source_dict.get('time')) measure_source_.tools = ToolInformationList.from_list(measure_source_dict.get('tools')) measure_source_.platform = None #TODO: add support measure_source_.system = ObjectProperties.from_dict(measure_source_dict.get('system')) measure_source_.instance = ObjectProperties.from_dict(measure_source_dict.get('instance')) return measure_source_
def from_dict(capability_rel_dict): if not capability_rel_dict: return None capability_rel_ = CapabilityRelationship() capability_rel_.relationship_type = VocabString.from_dict(capability_rel_dict['relationship_type']) if capability_rel_dict['capability_reference']: capability_rel_.capability_reference = [CapabilityReference.from_dict(x) for x in capability_rel_dict['capability_reference']] return capability_rel_
def test_xsi_type_unicode(self): string = u"test\u2010value" vocab_dict = {"value": string, "condition": u"Equals", "xsi:type": u"some_xsi_type"} vocab_dict2 = cybox.test.round_trip_dict(VocabString, vocab_dict) self.assertEqual(vocab_dict, vocab_dict2) xml = VocabString.from_dict(vocab_dict).to_xml() string_utf8 = string.encode("utf-8") self.assertTrue(string_utf8 in xml)
def from_dict(grouping_relationship_dict): if not grouping_relationship_dict: return None grouping_relationship_ = GroupingRelationship() grouping_relationship_.type = VocabString.from_dict(grouping_relationship_dict.get('type')) grouping_relationship_.malware_family_name = grouping_relationship_dict.get('malware_family_name') grouping_relationship_.malware_toolkit_name = grouping_relationship_dict.get('malware_toolkit_name') grouping_relationship_.clustering_metadata = ClusteringMetadata.from_dict(grouping_relationship_dict.get('clustering_metadata')) return grouping_relationship_
def from_dict(capability_obj_rel_dict): if not capability_obj_rel_dict: return None capability_obj_rel_ = CapabilityRelationship() capability_obj_rel_.relationship_type = VocabString.from_dict(capability_obj_rel_dict["relationship_type"]) if capability_obj_rel_dict["objective_reference"]: capability_obj_rel_.objective_reference = [ CapabilityObjectiveReference.from_dict(x) for x in capability_obj_rel_dict["objective_reference"] ] return capability_obj_rel_
def from_dict(relobj_dict): if not relobj_dict: return None relobj = RelatedObject() Object.from_dict(relobj_dict, relobj) relobj.relationship = VocabString.from_dict(relobj_dict.get('relationship')) if relobj.idref: relobj._inline = True return relobj
def test_xsi_type_unicode(self): string = u("test\u2010value") vocab_dict = { 'value': string, 'condition': u("Equals"), 'xsi:type': u("some_xsi_type"), } vocab_dict2 = cybox.test.round_trip_dict(VocabString, vocab_dict) self.assertEqual(vocab_dict, vocab_dict2) xml = VocabString.from_dict(vocab_dict).to_xml() string_utf8 = string.encode("utf-8") self.assertTrue(string_utf8 in xml)
def from_dict(action_dict, action_cls = None): if not action_dict: return None if action_cls == None: action_cls = Action() action_ = action_cls action_.id = action_dict.get('id') action_.idref = action_dict.get('idref') action_.ordinal_position = action_dict.get('ordinal_position') action_.action_status = action_dict.get('action_status') action_.context = action_dict.get('context') action_.timestamp = action_dict.get('timestamp') action_.type = VocabString.from_dict(action_dict.get('type')) action_.name = VocabString.from_dict(action_dict.get('name')) action_.description = StructuredText.from_dict(action_dict.get('description')) action_.action_aliases = action_dict.get('action_aliases', []) action_.action_arguments = ActionArguments.from_list(action_dict.get('action_arguments', [])) action_.discovery_method = MeasureSource.from_dict(action_dict.get('discovery_method')) action_.associated_objects = AssociatedObjects.from_list(action_dict.get('associated_objects', [])) action_.relationships = ActionRelationships.from_list(action_dict.get('relationships', [])) #action_.frequency = Frequency.from_dict(action_dict.get('frequency')) #TODO: add support return action_
def from_dict(capability_objective_dict): if not capability_objective_dict: return None capability_objective_ = CapabilityObjective() if capability_objective_dict.get('id'): capability_objective_.id_ = capability_objective_dict.get('id') capability_objective_.name = VocabString.from_dict(capability_objective_dict.get('name')) capability_objective_.description = capability_objective_dict.get('description') if capability_objective_dict.get('property'): capability_objective_.property = [CapabilityProperty.from_dict(x) for x in capability_objective_dict.get('property')] if capability_objective_dict.get('behavior_reference'): capability_objective_.behavior_reference = [BehaviorReference.from_dict(x) for x in capability_objective_dict.get('behavior_reference')] if capability_objective_dict.get('relationship'): capability_objective_.relationship = [CapabilityObjectiveRelationship.from_dict(x) for x in capability_objective_dict.get('relationship')] return capability_objective_
def from_dict(candidate_indicator_dict): if not candidate_indicator_dict: return None candidate_indicator_ = CandidateIndicator() candidate_indicator_.id = candidate_indicator_dict.get('id') candidate_indicator_.creation_datetime = candidate_indicator_dict.get('creation_datetime') candidate_indicator_.version = candidate_indicator_dict.get('version') candidate_indicator_.importance = VocabString.from_dict(candidate_indicator_dict.get('importance')) candidate_indicator_.numeric_importance = candidate_indicator_dict.get('numeric_importance') candidate_indicator_.author = candidate_indicator_dict.get('author') candidate_indicator_.description = candidate_indicator_dict.get('description') candidate_indicator_.malware_entity = MalwareEntity.from_dict(candidate_indicator_dict.get('malware_entity')) candidate_indicator_.composition = CandidateIndicatorComposition.from_dict(candidate_indicator_dict.get('composition')) return candidate_indicator_
def from_dict(extracted_string_dict): if not extracted_string_dict: return None extracted_string_ = ExtractedString() extracted_string_.encoding = VocabString.from_dict(extracted_string_dict.get('encoding')) extracted_string_.string_value = String.from_dict(extracted_string_dict.get('string_value')) extracted_string_.byte_string_value = HexBinary.from_dict(extracted_string_dict.get('byte_string_value')) extracted_string_.hashes = HashList.from_list(extracted_string_dict.get('hashes')) extracted_string_.address = HexBinary.from_dict(extracted_string_dict.get('address')) extracted_string_.length = PositiveInteger.from_dict(extracted_string_dict.get('length')) extracted_string_.language = String.from_dict(extracted_string_dict.get('language')) extracted_string_.english_translation = String.from_dict(extracted_string_dict.get('english_translation')) return extracted_string_
def from_dict(malware_subject_dict): if not malware_subject_dict: return None malware_subject_ = MalwareSubject(None) malware_subject_.id = malware_subject_dict.get('id') malware_subject_.malware_instance_object_attributes = Object.from_dict(malware_subject_dict.get('malware_instance_object_attributes')) malware_subject_.minor_variants = MinorVariants.from_list(malware_subject_dict.get('minor_variants')) malware_subject_.configuration_details = MalwareConfigurationDetails.from_dict(malware_subject_dict.get('configuration_details')) malware_subject_.development_environment = MalwareDevelopmentEnvironment.from_dict(malware_subject_dict.get('development_environment')) malware_subject_.field_data = None #TODO: add support malware_subject_.analyses = Analyses.from_list(malware_subject_dict.get('analyses')) malware_subject_.findings_bundles = FindingsBundleList.from_dict(malware_subject_dict.get('findings_bundles')) malware_subject_.relationships = MalwareSubjectRelationshipList.from_list(malware_subject_dict.get('id')) if malware_subject_dict.get('label'): malware_subject_.label = [VocabString.from_dict(x) for x in malware_subject_dict.get('label')] if malware_subject_dict.get('compatible_platform'): malware_subject_.compatible_platform = [PlatformSpecification.from_dict(x) for x in malware_subject_dict.get('compatible_platform')] return malware_subject_
def from_dict(toolinfo_dict, toolinfo=None): if not toolinfo_dict: return None if not toolinfo: toolinfo = ToolInformation() toolinfo.id_ = toolinfo_dict.get('id') toolinfo.idref = toolinfo_dict.get('idref') toolinfo.name = toolinfo_dict.get('name') toolinfo.type_ = [VocabString.from_dict(x) for x in toolinfo_dict.get('type', [])] toolinfo.description = StructuredText.from_dict(toolinfo_dict.get('description')) toolinfo.vendor = toolinfo_dict.get('vendor') toolinfo.version = toolinfo_dict.get('version') toolinfo.service_pack = toolinfo_dict.get('service_pack') toolinfo.tool_hashes = HashList.from_list(toolinfo_dict.get('tool_hashes')) return toolinfo
def from_dict(capability_objective_dict): if not capability_objective_dict: return None capability_objective_ = CapabilityObjective() if capability_objective_dict.get("id"): capability_objective_.id_ = capability_objective_dict.get("id") capability_objective_.name = VocabString.from_dict(capability_objective_dict.get("name")) capability_objective_.description = capability_objective_dict.get("description") if capability_objective_dict.get("property"): capability_objective_.property = [ CapabilityProperty.from_dict(x) for x in capability_objective_dict.get("property") ] if capability_objective_dict.get("behavior_reference"): capability_objective_.behavior_reference = [ BehaviorReference.from_dict(x) for x in capability_objective_dict.get("behavior_reference") ] if capability_objective_dict.get("relationship"): capability_objective_.relationship = [ CapabilityObjectiveRelationship.from_dict(x) for x in capability_objective_dict.get("relationship") ] return capability_objective_
def from_dict(extracted_string_dict): if not extracted_string_dict: return None extracted_string_ = ExtractedString() extracted_string_.encoding = VocabString.from_dict( extracted_string_dict.get('encoding')) extracted_string_.string_value = String.from_dict( extracted_string_dict.get('string_value')) extracted_string_.byte_string_value = HexBinary.from_dict( extracted_string_dict.get('byte_string_value')) extracted_string_.hashes = HashList.from_list( extracted_string_dict.get('hashes')) extracted_string_.address = HexBinary.from_dict( extracted_string_dict.get('address')) extracted_string_.length = PositiveInteger.from_dict( extracted_string_dict.get('length')) extracted_string_.language = String.from_dict( extracted_string_dict.get('language')) extracted_string_.english_translation = String.from_dict( extracted_string_dict.get('english_translation')) return extracted_string_
def from_dict(toolinfo_dict, toolinfo=None): if not toolinfo_dict: return None if not toolinfo: toolinfo = ToolInformation() toolinfo.id_ = toolinfo_dict.get('id') toolinfo.idref = toolinfo_dict.get('idref') toolinfo.name = toolinfo_dict.get('name') toolinfo.type_ = [ VocabString.from_dict(x) for x in toolinfo_dict.get('type', []) ] toolinfo.description = StructuredText.from_dict( toolinfo_dict.get('description')) toolinfo.vendor = toolinfo_dict.get('vendor') toolinfo.version = toolinfo_dict.get('version') toolinfo.service_pack = toolinfo_dict.get('service_pack') toolinfo.tool_hashes = HashList.from_list( toolinfo_dict.get('tool_hashes')) return toolinfo
def from_dict(object_dict): if not object_dict: return None obj = Object.from_dict(object_dict, AssociatedObject()) obj.association_type_ = VocabString.from_dict(object_dict.get('association_type', None)) return obj