Richard Piazza
6fa009e509
added object_paths
...
added more tests for pattern expressions
added "set" comparison expressions
implemented make_constant
fixed type name for EmailAddress
2017-07-18 20:30:02 +00:00
Richard Piazza
c1b07ef505
Introduce constant objects for literals in pattern expressions
...
fixed idioms
2017-07-18 20:26:46 +00:00
Richard Piazza
c8bcece6f6
added tests for expressions
...
fix __str__ methods
2017-07-18 20:26:46 +00:00
Richard Piazza
c0467da5f9
added classes for Pattern Expressions
2017-07-18 20:26:44 +00:00
clenk
e1330692c8
Move ObservableProperty, ExtensionsProperty, and Observable parsing code
...
into observables.py to prevent circular imports and fix #23 .
2017-07-14 15:10:12 -04:00
clenk
0c47936ee0
Create ObjectFactory class
...
currently only supports created_by_ref
2017-07-12 11:36:15 -04:00
clenk
6f680be8a6
Add stix2.__version__
2017-07-06 09:41:50 -04:00
clenk
1d3c59cc44
Move TLP constants up to stix2 namespace
2017-07-05 13:27:09 -04:00
clenk
fdbb6ff337
Add custom Cyber Observables
2017-06-14 09:36:35 -04:00
clenk
bcfb13f23c
Add custom STIX Object types
2017-06-12 16:22:16 -04:00
clenk
8f1ae4e6d3
Add custom properties via 'allow_custom'
...
Custom properties can be specified by passing them to a STIX object
constructor in the 'custom_properties' argument, or with the
'allow_custom' argument set to True, which will add any unrecognized
keyword arguments as properties on the object. The 'allow_custom'
argument can also be used with the parse() and parse_observable()
functions.
An error is now raised when attempting to parse objects without a 'type'
property, such as external references, kill chain phases, and granular
markings. The object which contains them is what should be parsed, not
these objects themselves.
2017-06-12 13:04:20 -04:00
clenk
9761c37f20
Replace 'field' with 'property' to be consistent
...
with the specification
2017-05-16 12:27:30 -04:00
Richard Piazza
6456e490cc
added rest of cyber observables extensions and embedded objects
...
set up EXT_MAPs
added FloatProperty
implemented ExtensionsProperty
2017-05-15 13:48:41 -04:00
clenk
0568a0e671
Add ExtensionsProperty and ArchiveExt
2017-05-12 11:22:23 -04:00
clenk
13245d28ce
Add EnumProperty, use it in WindowsRegistryValueType
2017-05-10 11:52:59 -04:00
clenk
bdd18be6c3
Switch to isort for checking import order
...
because it has a pre-commit hook
2017-05-09 15:10:53 -04:00
clenk
f4c813d84b
Merge branch 'parse-cyber-observables'
2017-05-09 12:39:17 -04:00
clenk
555c81d30f
Add EmailMessage and EmbeddedObjectProperty (for embedded object types
...
like EmailMIMEComponent)
2017-05-09 11:03:19 -04:00
Richard Piazza
125f57e297
added basic cyber observables
...
added some test cases
in Observable constructor permit no _valid_refs in kwargs
in Observable._check_property ensure that the prop_name is in the kwargs
2017-05-08 21:03:15 -04:00
clenk
04e3a72a7d
Add EmailAddress and ObjectReferenceProperty
2017-05-05 12:32:02 -04:00
clenk
1a75d830bb
Add Autonomous System
2017-05-03 18:19:30 -04:00
clenk
2c67b90638
Add Artifact type
2017-05-03 17:35:33 -04:00
clenk
fe4c4d78fc
Fix typos, add to Property class documentation, small performance
...
boosts, and let strings and booleans in a ListProperty be handled by
__call__().
2017-04-24 17:34:16 -04:00
clenk
76acd8c0c2
Merge branch 'master' into parsing
2017-04-19 15:22:36 -04:00
clenk
d06df8b9da
Fix parsing errors
...
- Typos in Attack Pattern tests
- Put MarkingDefinition, ExternalReference, and KillChainPhase together
in a file for objects that aren't SDOs or SROs
- Create utility function to return dictionary from string or
file-like object
- Put off testing parsing Cyber Observable Objects until a later commit
2017-04-19 14:32:56 -04:00
clenk
fabfbe20ec
Parse all SDOs and SROs
2017-04-19 09:22:08 -04:00
Greg Back
2aa1f5cedd
Add exception for invalid Property values.
2017-04-18 14:19:16 -05:00
clenk
bc8bdccece
Merge branch 'master' into parsing
2017-04-11 15:05:22 -04:00
clenk
168105603b
Parse dictionaries as well as strings and file-like objects
2017-04-10 10:42:07 -04:00
Richard Piazza
3c17c9259c
Add Sighting object and data markings
...
- Update ReferenceProperty to allow specifying a particular object type
- Update ListProperty and add SelectorProperty
- Add description to Relationship
2017-04-07 16:07:17 -05:00
clenk
5e4ca9e882
Add parsing of Malware objects
2017-04-05 17:12:44 -04:00
Greg Back
a0600b5ba4
Fix or ignore Flake8 warnings.
2017-03-22 08:05:59 -05:00
Greg Back
7ef6e20e9a
Add tests for kill chain phases.
2017-02-24 12:53:57 -06:00
Greg Back
805c15c397
Add tests for all SDOs
2017-02-24 11:56:55 -06:00
Greg Back
96e880b49b
Refactor library into separate files.
2017-02-10 15:35:02 -06:00
Greg Back
1a46a4b073
Add external references.
2017-02-02 10:58:46 -06:00
Greg Back
5d7ed643bd
Check for required args first, and check for them all at once.
...
This is necessary for versions of Python <3.6, where dictionaries are
unordered by default, meaning we can't ensure the order in which fields
are checked.
2017-02-02 10:17:13 -06:00
Greg Back
1ba064734b
Special handling for timestamp fields.
...
If a type has more than one timestamp field that should be automatically generated,
we want them to all be same, not vary by milliseconds.
2017-02-02 09:50:35 -06:00
Greg Back
675a29dbfb
Add support for required fields with no default values.
2017-02-02 08:53:46 -06:00
Greg Back
67c3311672
Handle ID fields in a generic way.
2017-02-02 08:33:36 -06:00
Greg Back
724774900d
Generic form of JSON serialization
2017-02-01 16:04:20 -06:00
Greg Back
2a1709a7de
Allow passing objects to Bundle as args
2017-02-01 14:57:07 -06:00
Greg Back
58fccd7f7d
Further refactoring bundle.
2017-02-01 14:52:18 -06:00
Greg Back
ce31356839
start of automated property checking.
2017-02-01 14:35:41 -06:00
Greg Back
b4eb6c1fd1
Refactor common ID check.
2017-02-01 13:44:57 -06:00
Greg Back
b5ab54b6a9
WIP: convert bundle to using kwargs.
2017-02-01 13:34:44 -06:00
Greg Back
8843e9b190
WIP: refactor common fields.
2017-02-01 13:27:24 -06:00
Greg Back
855ca929fa
Add initial Bundle implementation.
2017-01-18 16:58:25 -08:00
Greg Back
e4e75e459b
Update how fixtures work during testing.
2017-01-18 16:57:26 -08:00
Greg Back
4d9dcafbc6
Small fixups
2017-01-18 16:10:18 -08:00
Greg Back
742d9645d6
Allow shorter syntax for creating relationships.
2017-01-18 15:14:56 -08:00
Greg Back
fd548a5f41
Allow creating relationships from objects, not just IDs.
2017-01-18 15:14:22 -08:00
Greg Back
da75833400
Add Relationship class with required fields.
2017-01-18 10:59:28 -08:00
Greg Back
022f7c9166
Convert constructors to kwargs.
2017-01-17 17:25:40 -08:00
Greg Back
4eaa87660b
Pull out __str__ function
2017-01-17 16:58:17 -08:00
Greg Back
3e7adef792
Add Malware object with required fields.
2017-01-17 16:53:27 -08:00
Greg Back
ef0b80ad44
Allow attribute and key-based access. Make immutable.
2017-01-17 15:52:03 -08:00
Greg Back
eeec5a4ce3
Allow key-based access along with attribute access
2017-01-17 15:03:56 -08:00
Greg Back
31cebdd34a
Add tests for required fields.
2017-01-17 14:52:56 -08:00
Greg Back
ebf6513445
Check for valid IDs and types on indicators.
2017-01-17 14:46:00 -08:00
Greg Back
6761d1fdfc
Add required fields to Indicator.
2017-01-17 14:07:49 -08:00
Greg Back
2f8c2780c2
Initial tests for STIX 2
2017-01-17 12:37:47 -08:00
Greg Back
86585d229e
Initial package files.
2017-01-17 08:54:39 -08:00