Merge branch 'parse-cyber-observables' into cyber-observables
commit
7c1fd1e7f0
|
@ -6,3 +6,8 @@
|
|||
args:
|
||||
- --max-line-length=160
|
||||
- id: check-merge-conflict
|
||||
|
||||
- repo: https://github.com/FalconSocial/pre-commit-python-sorter
|
||||
sha: 1.0.4
|
||||
hooks:
|
||||
- id: python-import-sorter
|
||||
|
|
|
@ -2,20 +2,20 @@
|
|||
|
||||
# flake8: noqa
|
||||
|
||||
from . import exceptions
|
||||
from .bundle import Bundle
|
||||
from .observables import Artifact, AutonomousSystem, Directory, DomainName, \
|
||||
EmailAddress, EmailMessage, File, IPv4Address, IPv6Address, MACAddress, \
|
||||
Mutex, NetworkTraffic, Process, Software, URL, UserAccount, WindowsRegistryKey, \
|
||||
X509Certificate
|
||||
from .other import ExternalReference, KillChainPhase, MarkingDefinition, \
|
||||
GranularMarking, StatementMarking, TLPMarking
|
||||
from .sdo import AttackPattern, Campaign, CourseOfAction, Identity, Indicator, \
|
||||
IntrusionSet, Malware, ObservedData, Report, ThreatActor, Tool, \
|
||||
Vulnerability
|
||||
from .observables import (URL, Artifact, AutonomousSystem, Directory,
|
||||
DomainName, EmailAddress, EmailMessage, File,
|
||||
IPv4Address, IPv6Address, MACAddress, Mutex,
|
||||
NetworkTraffic, Process, Software, UserAccount,
|
||||
WindowsRegistryKey, X509Certificate)
|
||||
from .other import (ExternalReference, GranularMarking, KillChainPhase,
|
||||
MarkingDefinition, StatementMarking, TLPMarking)
|
||||
from .sdo import (AttackPattern, Campaign, CourseOfAction, Identity, Indicator,
|
||||
IntrusionSet, Malware, ObservedData, Report, ThreatActor,
|
||||
Tool, Vulnerability)
|
||||
from .sro import Relationship, Sighting
|
||||
from .utils import get_dict
|
||||
from . import exceptions
|
||||
|
||||
|
||||
OBJ_MAP = {
|
||||
'attack-pattern': AttackPattern,
|
||||
|
|
|
@ -3,14 +3,12 @@
|
|||
import collections
|
||||
import copy
|
||||
import datetime as dt
|
||||
|
||||
import json
|
||||
|
||||
|
||||
from .exceptions import ExtraFieldsError, ImmutableError, InvalidObjRefError, \
|
||||
InvalidValueError, MissingFieldsError, RevokeError, \
|
||||
UnmodifiablePropertyError
|
||||
from .utils import format_datetime, get_timestamp, NOW, parse_into_datetime
|
||||
from .exceptions import (ExtraFieldsError, ImmutableError, InvalidObjRefError,
|
||||
InvalidValueError, MissingFieldsError, RevokeError,
|
||||
UnmodifiablePropertyError)
|
||||
from .utils import NOW, format_datetime, get_timestamp, parse_into_datetime
|
||||
|
||||
__all__ = ['STIXJSONEncoder', '_STIXBase']
|
||||
|
||||
|
|
|
@ -4,7 +4,7 @@ from .base import _STIXBase
|
|||
from .properties import (IDProperty, ListProperty, Property, ReferenceProperty,
|
||||
SelectorProperty, StringProperty, TimestampProperty,
|
||||
TypeProperty)
|
||||
from .utils import get_dict, NOW
|
||||
from .utils import NOW, get_dict
|
||||
|
||||
|
||||
class ExternalReference(_STIXBase):
|
||||
|
|
|
@ -5,12 +5,10 @@ import datetime as dt
|
|||
import inspect
|
||||
import re
|
||||
import uuid
|
||||
|
||||
from dateutil import parser
|
||||
import pytz
|
||||
from six import text_type
|
||||
|
||||
from .base import _STIXBase, Observable
|
||||
import pytz
|
||||
from dateutil import parser
|
||||
from .base import Observable, _STIXBase
|
||||
from .exceptions import DictionaryKeyError
|
||||
|
||||
|
||||
|
|
|
@ -5,8 +5,8 @@ import pytest
|
|||
|
||||
import stix2
|
||||
|
||||
from .constants import FAKE_TIME
|
||||
from .constants import INDICATOR_KWARGS, MALWARE_KWARGS, RELATIONSHIP_KWARGS
|
||||
from .constants import (FAKE_TIME, INDICATOR_KWARGS, MALWARE_KWARGS,
|
||||
RELATIONSHIP_KWARGS)
|
||||
|
||||
|
||||
# Inspired by: http://stackoverflow.com/a/24006251
|
||||
|
|
|
@ -2,10 +2,12 @@ import datetime as dt
|
|||
|
||||
import pytest
|
||||
import pytz
|
||||
|
||||
import stix2
|
||||
|
||||
from .constants import ATTACK_PATTERN_ID
|
||||
|
||||
|
||||
EXPECTED = """{
|
||||
"created": "2016-05-12T08:17:27Z",
|
||||
"description": "...",
|
||||
|
|
|
@ -2,6 +2,7 @@ import pytest
|
|||
|
||||
import stix2
|
||||
|
||||
|
||||
EXPECTED_BUNDLE = """{
|
||||
"id": "bundle--00000000-0000-0000-0000-000000000004",
|
||||
"objects": [
|
||||
|
|
|
@ -2,10 +2,12 @@ import datetime as dt
|
|||
|
||||
import pytest
|
||||
import pytz
|
||||
|
||||
import stix2
|
||||
|
||||
from .constants import CAMPAIGN_ID
|
||||
|
||||
|
||||
EXPECTED = """{
|
||||
"created": "2016-04-06T20:03:00Z",
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
|
|
|
@ -2,10 +2,12 @@ import datetime as dt
|
|||
|
||||
import pytest
|
||||
import pytz
|
||||
|
||||
import stix2
|
||||
|
||||
from .constants import COURSE_OF_ACTION_ID
|
||||
|
||||
|
||||
EXPECTED = """{
|
||||
"created": "2016-04-06T20:03:48Z",
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
|
|
|
@ -3,8 +3,10 @@
|
|||
import re
|
||||
|
||||
import pytest
|
||||
|
||||
import stix2
|
||||
|
||||
|
||||
VERIS = """{
|
||||
"external_id": "0001AA7F-C601-424A-B2B8-BE6C9F5164E7",
|
||||
"source_name": "veris",
|
||||
|
|
|
@ -2,10 +2,12 @@ import datetime as dt
|
|||
|
||||
import pytest
|
||||
import pytz
|
||||
|
||||
import stix2
|
||||
|
||||
from .constants import IDENTITY_ID
|
||||
|
||||
|
||||
EXPECTED = """{
|
||||
"created": "2015-12-21T19:59:11Z",
|
||||
"id": "identity--311b2d2d-f010-5473-83ec-1edf84858f4c",
|
||||
|
|
|
@ -3,10 +3,12 @@ import re
|
|||
|
||||
import pytest
|
||||
import pytz
|
||||
|
||||
import stix2
|
||||
|
||||
from .constants import FAKE_TIME, INDICATOR_ID, INDICATOR_KWARGS
|
||||
|
||||
|
||||
EXPECTED_INDICATOR = """{
|
||||
"created": "2017-01-01T00:00:01Z",
|
||||
"id": "indicator--01234567-89ab-cdef-0123-456789abcdef",
|
||||
|
|
|
@ -2,10 +2,12 @@ import datetime as dt
|
|||
|
||||
import pytest
|
||||
import pytz
|
||||
|
||||
import stix2
|
||||
|
||||
from .constants import INTRUSION_SET_ID
|
||||
|
||||
|
||||
EXPECTED = """{
|
||||
"aliases": [
|
||||
"Zookeeper"
|
||||
|
|
|
@ -4,6 +4,7 @@ import pytest
|
|||
|
||||
import stix2
|
||||
|
||||
|
||||
LMCO_RECON = """{
|
||||
"kill_chain_name": "lockheed-martin-cyber-kill-chain",
|
||||
"phase_name": "reconnaissance"
|
||||
|
|
|
@ -3,10 +3,12 @@ import re
|
|||
|
||||
import pytest
|
||||
import pytz
|
||||
|
||||
import stix2
|
||||
|
||||
from .constants import FAKE_TIME, MALWARE_ID, MALWARE_KWARGS
|
||||
|
||||
|
||||
EXPECTED_MALWARE = """{
|
||||
"created": "2016-05-12T08:17:27Z",
|
||||
"id": "malware--fedcba98-7654-3210-fedc-ba9876543210",
|
||||
|
|
|
@ -2,11 +2,13 @@ import datetime as dt
|
|||
|
||||
import pytest
|
||||
import pytz
|
||||
|
||||
import stix2
|
||||
from stix2.other import TLP_WHITE
|
||||
|
||||
from .constants import MARKING_DEFINITION_ID
|
||||
|
||||
|
||||
EXPECTED_TLP_MARKING_DEFINITION = """{
|
||||
"created": "2017-01-20T00:00:00Z",
|
||||
"definition": {
|
||||
|
|
|
@ -3,10 +3,12 @@ import re
|
|||
|
||||
import pytest
|
||||
import pytz
|
||||
|
||||
import stix2
|
||||
|
||||
from .constants import OBSERVED_DATA_ID
|
||||
from ..exceptions import InvalidValueError
|
||||
from .constants import OBSERVED_DATA_ID
|
||||
|
||||
|
||||
EXPECTED = """{
|
||||
"created": "2016-04-06T19:58:16Z",
|
||||
|
|
|
@ -4,9 +4,9 @@ from stix2.exceptions import DictionaryKeyError
|
|||
from stix2.observables import EmailMIMEComponent
|
||||
from stix2.properties import (BinaryProperty, BooleanProperty,
|
||||
DictionaryProperty, EmbeddedObjectProperty,
|
||||
HashesProperty, HexProperty,
|
||||
IDProperty, IntegerProperty, ListProperty,
|
||||
Property, ReferenceProperty, StringProperty,
|
||||
HashesProperty, HexProperty, IDProperty,
|
||||
IntegerProperty, ListProperty, Property,
|
||||
ReferenceProperty, StringProperty,
|
||||
TimestampProperty, TypeProperty)
|
||||
|
||||
from .constants import FAKE_TIME
|
||||
|
|
|
@ -5,8 +5,8 @@ import pytz
|
|||
|
||||
import stix2
|
||||
|
||||
from .constants import FAKE_TIME, INDICATOR_ID, MALWARE_ID, RELATIONSHIP_ID
|
||||
from .constants import RELATIONSHIP_KWARGS
|
||||
from .constants import (FAKE_TIME, INDICATOR_ID, MALWARE_ID, RELATIONSHIP_ID,
|
||||
RELATIONSHIP_KWARGS)
|
||||
|
||||
|
||||
EXPECTED_RELATIONSHIP = """{
|
||||
|
|
|
@ -2,10 +2,12 @@ import datetime as dt
|
|||
|
||||
import pytest
|
||||
import pytz
|
||||
|
||||
import stix2
|
||||
|
||||
from .constants import INDICATOR_KWARGS, REPORT_ID
|
||||
|
||||
|
||||
EXPECTED = """{
|
||||
"created": "2015-12-21T19:59:11Z",
|
||||
"created_by_ref": "identity--a463ffb3-1bd9-4d94-b02d-74e4f1658283",
|
||||
|
|
|
@ -2,10 +2,12 @@ import datetime as dt
|
|||
|
||||
import pytest
|
||||
import pytz
|
||||
|
||||
import stix2
|
||||
|
||||
from .constants import THREAT_ACTOR_ID
|
||||
|
||||
|
||||
EXPECTED = """{
|
||||
"created": "2016-04-06T20:03:48Z",
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
|
|
|
@ -2,10 +2,12 @@ import datetime as dt
|
|||
|
||||
import pytest
|
||||
import pytz
|
||||
|
||||
import stix2
|
||||
|
||||
from .constants import TOOL_ID
|
||||
|
||||
|
||||
EXPECTED = """{
|
||||
"created": "2016-04-06T20:03:48Z",
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
import pytest
|
||||
|
||||
import stix2
|
||||
|
||||
|
||||
|
|
|
@ -2,10 +2,12 @@ import datetime as dt
|
|||
|
||||
import pytest
|
||||
import pytz
|
||||
|
||||
import stix2
|
||||
|
||||
from .constants import VULNERABILITY_ID
|
||||
|
||||
|
||||
EXPECTED = """{
|
||||
"created": "2016-05-12T08:17:27Z",
|
||||
"external_references": [
|
||||
|
|
|
@ -3,8 +3,8 @@
|
|||
import datetime as dt
|
||||
import json
|
||||
|
||||
from dateutil import parser
|
||||
import pytz
|
||||
from dateutil import parser
|
||||
|
||||
# Sentinel value for fields that should be set to the current time.
|
||||
# We can't use the standard 'default' approach, since if there are multiple
|
||||
|
|
9
tox.ini
9
tox.ini
|
@ -1,5 +1,5 @@
|
|||
[tox]
|
||||
envlist = py26,py27,py33,py34,py35,py36,pycodestyle
|
||||
envlist = py26,py27,py33,py34,py35,py36,pycodestyle,isort-check
|
||||
|
||||
[testenv]
|
||||
deps =
|
||||
|
@ -18,11 +18,10 @@ passenv = CI TRAVIS TRAVIS_*
|
|||
[testenv:pycodestyle]
|
||||
deps =
|
||||
flake8
|
||||
flake8-import-order
|
||||
pycodestyle
|
||||
commands =
|
||||
pycodestyle ./stix2
|
||||
flake8 --max-line-length=160 --import-order-style='google'
|
||||
flake8 --max-line-length=160
|
||||
|
||||
[pycodestyle]
|
||||
ignore=
|
||||
|
@ -31,6 +30,10 @@ max-line-length=160
|
|||
[flake8]
|
||||
max-line-length=160
|
||||
|
||||
[testenv:isort-check]
|
||||
deps = isort
|
||||
commands = isort -ns __init__.py -c -rc stix2
|
||||
|
||||
[travis]
|
||||
python =
|
||||
2.6: py26
|
||||
|
|
Loading…
Reference in New Issue