def test_maec_wrapped_in_stix(self): maec_package = Package.from_xml(self._maec_package)[0] stix_package = wrap_maec(maec_package) stix_ttp = stix_package.ttps[0] malware_instances = stix_ttp.behavior.malware_instances wrapped_maec_package = malware_instances[0].maec self.assertEqual(wrapped_maec_package.to_xml(include_namespaces=False,pretty=False), self._wrapped_maec_package)
def test_stix_ttp_malware_instances(self): maec_package = Package.from_xml(self._maec_package)[0] stix_package = wrap_maec(maec_package) stix_ttp = stix_package.ttps[0] malware_instances = stix_ttp.behavior.malware_instances self.assertEquals(len(malware_instances), 1)
def test_stix_ttp(self): maec_package = Package.from_xml(self._maec_package)[0] stix_package = wrap_maec(maec_package) self.assertEquals(len(stix_package.ttps), 1)
def test_negative_stix_indicators(self): maec_package = Package.from_xml(self._maec_package_negative)[0] extractor = IndicatorExtractor(maec_package) stix_package = extractor.extract() self.assertEquals(stix_package, None)
def test_positive_stix_indicators(self): maec_package = Package.from_xml(self._maec_package_positive)[0] extractor = IndicatorExtractor(maec_package) stix_package = extractor.extract() self.assertEquals(len(stix_package.indicators), 4)