Threat actors now get imported by stix

Hannah Ward 2016-08-12 10:06:53 +01:00
parent c106aa662b
commit 3f7cdad0c3
No known key found for this signature in database
GPG Key ID: BA89E572EE1B4C5F
1 changed files with 15 additions and 1 deletions

View File

@ -41,12 +41,26 @@ def handler(q=False):
if package.observables:
for obs in package.observables:
if package.threat_actors:
for ta in package.threat_actors:
return r
#Quick and dirty regex for IP addresses
ipre = re.compile("([0-9]{1,3}.){3}[0-9]{1,3}")
def buildActor(ta):
Extract the name
and comment of a
threat actor
r = {"values":[ta.title], "types":["threat-actor"]}
return r
def buildObservable(o):
Take a STIX observable