def add_type(self, type_): if not type_: return elif isinstance(type_, VocabString): self._types.append(type_) else: self._types.append(AttackerInfrastructureType(value=type_))
def _fix_value(self, value): return AttackerInfrastructureType(value)
phase = KillChainPhase( name='Infect Machine', phase_id='example:TTP-7a0fb8e4-a778-4c79-9c7e-8747675da5f1') kc_phases = KillChainPhasesReference() kc_phases.append(KillChainPhaseReference(name=phase.name)) ttp.kill_chain_phases = kc_phases # TTP - Resource (Tool, Infrastructure, Personas) resource = Resource() tool = ToolInformation(title='malware.exe') tool.type_ = AttackerToolType('Malware') tool.description = 'Tool Description' tool.short_description = 'Tool Short Description' infrastructure = Infrastructure(title='Leveraged Domains') infrastructure.types = AttackerInfrastructureType('Domain Registration') infrastructure.description = 'Infrastructure Description' infrastructure.short_description = 'Infrastructure Short Description' domain = DomainName() domain.value = 'totally-not-malware.biz' observable = Observable(domain) infrastructure.observable_characterization = Observables( Observable(idref=observable.id_)) personas = Personas() personas.append(Identity(name='Stephen Golub')) resource = Resource(tools=Tools(tool), infrastructure=infrastructure, personas=personas) ttp.resources = resource