How to use the pymisp.tools.make_binary_objects function in pymisp
To help you get started, weāve selected a few pymisp examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
MISP / PyMISP / tests / test_offline.py View on Github 
def make_objects(self, path=None, pseudofile=None, filename=None):
to_return = {'objects': [], 'references': []}
if path:
fo, peo, seos = make_binary_objects(path)
else:
fo, peo, seos = make_binary_objects(pseudofile=pseudofile, filename=filename)
if seos:
for s in seos:
for a in s.attributes:
del a.uuid
to_return['objects'].append(s)
if s.ObjectReference:
to_return['references'] += s.ObjectReference
if peo:
for a in peo.attributes:
del a.uuid
to_return['objects'].append(peo)
if peo.ObjectReference:
to_return['references'] += peo.ObjectReferencedef test_add_event_with_attachment(self):
first = self.create_simple_event()
try:
first = self.user_misp_connector.add_event(first)
file_obj, bin_obj, sections = make_binary_objects('tests/viper-test-files/test_files/whoami.exe', standalone=False)
first.add_object(file_obj)
first.add_object(bin_obj)
for s in sections:
first.add_object(s)
self.assertEqual(len(first.objects[0].references), 1)
self.assertEqual(first.objects[0].references[0].relationship_type, 'includes')
first = self.user_misp_connector.update_event(first)
self.assertEqual(len(first.objects[0].references), 1)
self.assertEqual(first.objects[0].references[0].relationship_type, 'includes')
finally:
# Delete event
self.admin_misp_connector.delete_event(first)def make_objects(self, path=None, pseudofile=None, filename=None):
to_return = {'objects': [], 'references': []}
if path:
fo, peo, seos = make_binary_objects(path)
else:
fo, peo, seos = make_binary_objects(pseudofile=pseudofile, filename=filename)
if seos:
for s in seos:
for a in s.attributes:
del a.uuid
to_return['objects'].append(s)
if s.ObjectReference:
to_return['references'] += s.ObjectReference
if peo:
for a in peo.attributes:
del a.uuid
to_return['objects'].append(peo)
if peo.ObjectReference:def add_hashes(self):
if self.args.filename is None and self.args.md5 is None and self.args.sha1 is None and self.args.sha256 is None:
if not __sessions__.is_attached_file(True):
self.log('error', "Not attached to a file, please set the hashes manually.")
return False
file_obj, bin_obj, sections = make_binary_objects(filepath=__sessions__.current.file.path, standalone=False)
__sessions__.current.misp_event.event.add_object(file_obj)
if bin_obj:
__sessions__.current.misp_event.event.add_object(bin_obj)
for s in sections:
__sessions__.current.misp_event.event.add_object(s)
else:
if self.args.filename:
if self.args.md5:
__sessions__.current.misp_event.event.add_attribute('filename|md5', '{}|{}'.format(
self.args.filename, self.args.md5))
if self.args.sha1:
__sessions__.current.misp_event.event.add_attribute('filename|sha1', '{}|{}'.format(
self.args.filename, self.args.sha1))
if self.args.sha256:
__sessions__.current.misp_event.event.add_attribute('filename|sha256', '{}|{}'.format(
self.args.filename, self.args.sha256))def make_objects(path):
to_return = {'objects': [], 'references': []}
fo, peo, seos = make_binary_objects(path)
if seos:
for s in seos:
to_return['objects'].append(s)
if s.ObjectReference:
to_return['references'] += s.ObjectReference
if peo:
to_return['objects'].append(peo)
if peo.ObjectReference:
to_return['references'] += peo.ObjectReference
if fo:
to_return['objects'].append(fo)
if fo.ObjectReference:
to_return['references'] += fo.ObjectReferencedef _expand_local_sample(self, pseudofile, filename, refobj=None, default_attributes_parameters={}):
objs = []
hashes = []
# Just expand the event with every possible objects
fo, peo, seos = make_binary_objects(pseudofile=pseudofile, filename=filename,
standalone=False,
default_attributes_parameters=default_attributes_parameters)
fo.add_reference(refobj, 'derived-from')
hashes += [h.value for h in fo.get_attributes_by_relation('sha256')]
hashes += [h.value for h in fo.get_attributes_by_relation('sha1')]
hashes += [h.value for h in fo.get_attributes_by_relation('md5')]
if self.args.populate:
objs.append(fo)
if peo:
objs.append(peo)
if seos:
objs += seos
return objs, hashes
Popular pymisp functions
- pymisp.abstract.AbstractMISP
- pymisp.Distribution
- pymisp.exceptions.InvalidMISPObject
- pymisp.exceptions.PyMISPError
- pymisp.ExpandedPyMISP
- pymisp.MISPAttribute
- pymisp.MISPEvent
- pymisp.mispevent.MISPAttribute
- pymisp.mispevent.MISPEvent
- pymisp.mispevent.MISPFeed
- pymisp.mispevent.MISPOrganisation
- pymisp.mispevent.MISPShadowAttribute
- pymisp.MISPObject
- pymisp.MISPTag
- pymisp.PyMISP
- pymisp.tools.abstractgenerator.AbstractMISPObjectGenerator
- pymisp.tools.GenericObjectGenerator
- pymisp.tools.make_binary_objects
- pymisp.tools.reportlab_generator.convert_event_in_pdf_buffer
- pymisp.tools.reportlab_generator.register_value_to_file