mirror of https://github.com/MISP/PyMISP
type-category association checking automated
parent
9e92072f88
commit
c269913ad3
|
@ -105,25 +105,19 @@ class PyMISP(object):
|
||||||
self.out_type = out_type
|
self.out_type = out_type
|
||||||
self.debug = debug
|
self.debug = debug
|
||||||
|
|
||||||
self.categories = ['Internal reference', 'Targeting data', 'Antivirus detection',
|
|
||||||
'Payload delivery', 'Payload installation', 'Artifacts dropped',
|
|
||||||
'Persistence mechanism', 'Network activity', 'Payload type',
|
|
||||||
'Attribution', 'External analysis', 'Other']
|
|
||||||
self.types = ['md5', 'sha1', 'sha256', 'ssdeep', 'filename', 'filename|md5', 'filename|sha1',
|
|
||||||
'filename|sha256', 'filename|ssdeep', 'ip-src', 'ip-dst', 'hostname', 'domain', 'url',
|
|
||||||
'user-agent', 'http-method', 'regkey', 'regkey|value', 'AS', 'snort',
|
|
||||||
'pattern-in-file', 'pattern-in-traffic', 'pattern-in-memory', 'named pipe',
|
|
||||||
'mutex', 'vulnerability', 'attachment', 'malware-sample', 'link', 'comment',
|
|
||||||
'text', 'email-src', 'email-dst', 'email-subject', 'email-attachment',
|
|
||||||
'yara', 'target-user', 'target-email', 'target-machine', 'target-org',
|
|
||||||
'target-location', 'target-external', 'other', 'threat-actor']
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
# Make sure the MISP instance is working and the URL is valid
|
# Make sure the MISP instance is working and the URL is valid
|
||||||
self.get_version()
|
self.get_version()
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
raise PyMISPError('Unable to connect to MISP ({}). Please make sure the API key and the URL are correct (http/https is required): {}'.format(self.root_url, e))
|
raise PyMISPError('Unable to connect to MISP ({}). Please make sure the API key and the URL are correct (http/https is required): {}'.format(self.root_url, e))
|
||||||
|
|
||||||
|
session = self.__prepare_session(out_type)
|
||||||
|
self.describe_types = session.get(self.root_url + 'attributes/describeTypes.json').json()
|
||||||
|
|
||||||
|
self.categories = self.describe_types['result']['categories']
|
||||||
|
self.types = self.describe_types['result']['types']
|
||||||
|
self.category_type_mapping = self.describe_types['result']['category_type_mappings']
|
||||||
|
|
||||||
def __prepare_session(self, force_out=None):
|
def __prepare_session(self, force_out=None):
|
||||||
"""
|
"""
|
||||||
Prepare the headers of the session
|
Prepare the headers of the session
|
||||||
|
@ -296,11 +290,14 @@ class PyMISP(object):
|
||||||
to_return = {}
|
to_return = {}
|
||||||
if category not in self.categories:
|
if category not in self.categories:
|
||||||
raise NewAttributeError('{} is invalid, category has to be in {}'.format(category, (', '.join(self.categories))))
|
raise NewAttributeError('{} is invalid, category has to be in {}'.format(category, (', '.join(self.categories))))
|
||||||
to_return['category'] = category
|
|
||||||
|
|
||||||
if type_value not in self.types:
|
if type_value not in self.types:
|
||||||
raise NewAttributeError('{} is invalid, type_value has to be in {}'.format(type_value, (', '.join(self.types))))
|
raise NewAttributeError('{} is invalid, type_value has to be in {}'.format(type_value, (', '.join(self.types))))
|
||||||
|
|
||||||
|
if type_value not in self.category_type_mapping[category]:
|
||||||
|
raise NewAttributeError('{} and {} is an invalid combinaison, type_value for this category has to be in {}'.format(type_value, category, (', '.join(self.category_type_mapping[category]))))
|
||||||
to_return['type'] = type_value
|
to_return['type'] = type_value
|
||||||
|
to_return['category'] = category
|
||||||
|
|
||||||
if to_ids not in [True, False]:
|
if to_ids not in [True, False]:
|
||||||
raise NewAttributeError('{} is invalid, to_ids has to be True or False'.format(to_ids))
|
raise NewAttributeError('{} is invalid, to_ids has to be True or False'.format(to_ids))
|
||||||
|
|
Loading…
Reference in New Issue