-
Notifications
You must be signed in to change notification settings - Fork 89
Expand file tree
/
Copy pathvuln_affected_software.py
More file actions
50 lines (37 loc) · 1.3 KB
/
vuln_affected_software.py
File metadata and controls
50 lines (37 loc) · 1.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
#!/usr/bin/env python
# Copyright (c) 2015, The MITRE Corporation. All rights reserved.
# See LICENSE.txt for complete terms.
"""
File: vuln_affected_software.py
Description: Demonstrates the setting of the `affected_software` property
on the stix.exploit_target.vulnerability.Vulnerability class.
"""
# python-cybox
from cybox.core import Observable
from cybox.objects.product_object import Product
# python-stix
from stix.core import STIXPackage
from stix.exploit_target import ExploitTarget
from stix.exploit_target.vulnerability import Vulnerability
# Build a Product Object that characterizes our affected software
software = Product()
software.product = "Foobar"
software.version = "3.0"
software.edition = "GOTY"
# Wrap the Product Object in an Observable instance
observable = Observable(software)
# Attach the Product observable to the affected_sofware list of
# RelatedObservable instances. This wraps our Observable in a
# RelatedObservable layer.
vuln = Vulnerability()
vuln.affected_software.append(observable)
# Create the Exploit Target
et = ExploitTarget()
# Attach our Vulnerability to the Exploit Target
et.vulnerabilities.append(vuln)
# Build a STIX Package
package = STIXPackage()
# Attach the Exploit Target instance to the Package
package.exploit_targets.append(et)
# Print!
print package.to_xml()