psengine 2.0.4__py3-none-any.whl

psengine/stix2/simple_entity.py

@@ -0,0 +1,145 @@
+##################################### TERMS OF USE ###########################################
+# The following code is provided for demonstration purpose only, and should not be used      #
+# without independent verification. Recorded Future makes no representations or warranties,  #
+# express, implied, statutory, or otherwise, regarding any aspect of this code or of the     #
+# information it may retrieve, and provides it both strictly “as-is” and without assuming    #
+# responsibility for any information it may retrieve. Recorded Future shall not be liable    #
+# for, and you assume all risk of using, the foregoing. By using this code, Customer         #
+# represents that it is solely responsible for having all necessary licenses, permissions,   #
+# rights, and/or consents to connect to third party APIs, and that it is solely responsible  #
+# for having all necessary licenses, permissions, rights, and/or consents to any data        #
+# accessed from any third party API.                                                         #
+##############################################################################################
+
+import stix2
+
+from .base_stix_entity import BaseStixEntity
+from .constants import IDENTITY_TYPE_TO_CLASS
+from .util import generate_uuid
+
+
+class TTP(BaseStixEntity):
+    """Converts MITRE T codes to AttackPattern."""
+
+    def create_stix_object(self) -> None:
+        """Creates AttackPattern objects from object attributes."""
+        self.stix_obj = stix2.AttackPattern(
+            id=self._generate_id(),
+            name=self.name,
+            created_by_ref=self.author.id,
+            custom_properties={'x_mitre_id': self.name},
+        )
+
+    def _generate_id(self) -> str:
+        """Generates an ID."""
+        return 'attack-pattern--' + generate_uuid(name=self.name)
+
+
+class Identity(BaseStixEntity):
+    """Converts various RF entity types to a STIX2 Identity."""
+
+    def __init__(self, name: str, rf_type: str, author: str = None) -> None:
+        """Init Identity Class.
+
+        Args:
+            name (str): Name of the Identity
+            rf_type (str): Recorded Future type of the identity
+            author (str, optional): Recorded Future author object
+        """
+        self.rf_type = rf_type
+        super().__init__(name, author)
+
+    def create_stix_object(self) -> None:
+        """Creates STIX objects from object attributes."""
+        self.stix_obj = stix2.Identity(
+            id=self._generate_id(),
+            name=self.name,
+            identity_class=self.create_id_class(),
+            created_by_ref=self.author.id,
+        )
+
+    def create_id_class(self):
+        """Creates a STIX2 identity class."""
+        return IDENTITY_TYPE_TO_CLASS[self.rf_type]
+
+    def _generate_id(self) -> str:
+        """Generates an ID."""
+        return 'identity--' + generate_uuid(name=self.name, identity_class=self.rf_type)
+
+
+class ThreatActor(BaseStixEntity):
+    """Converts various RF Threat Actor Organization to a STIX2 Threat Actor."""
+
+    def create_stix_object(self) -> None:
+        """Creates STIX objects from object attributes."""
+        self.stix_obj = stix2.ThreatActor(
+            id=self._generate_id(),
+            name=self.name,
+            created_by_ref=self.author.id,
+        )
+
+    def _generate_id(self) -> str:
+        """Generates an ID."""
+        return 'threat-actor--' + generate_uuid(name=self.name)
+
+
+class IntrusionSet(BaseStixEntity):
+    """Converts Threat Actor to Intrusion Set SDO."""
+
+    def create_stix_object(self) -> None:
+        """Creates STIX objects from object attributes."""
+        self.stix_obj = stix2.IntrusionSet(
+            id=self._generate_id(),
+            name=self.name,
+            created_by_ref=self.author.id,
+        )
+
+    def _generate_id(self) -> str:
+        """Generates an ID."""
+        return 'intrusion-set--' + generate_uuid(name=self.name)
+
+
+class Malware(BaseStixEntity):
+    """Converts Malware to a Malware SDO."""
+
+    def create_stix_object(self) -> None:
+        """Creates STIX objects from object attributes."""
+        self.stix_obj = stix2.Malware(
+            id=self._generate_id(),
+            name=self.name,
+            is_family=False,
+            created_by_ref=self.author.id,
+        )
+
+    def _generate_id(self) -> str:
+        """Generates an ID."""
+        return 'malware--' + generate_uuid(name=self.name)
+
+
+class Vulnerability(BaseStixEntity):
+    """Converts a CyberVulnerability to a Vulnerability SDO."""
+
+    def __init__(self, name: str, description: str = None, author: str = None) -> None:
+        """Init Vulnerability Class.
+
+        Args:
+            name (str): Name of the Identity
+            description (str, optional): Vulnerability description
+            author (str, optional): Recorded Future author object
+
+        """
+        self.description = description
+        super().__init__(name, author)
+
+    def create_stix_object(self) -> None:
+        """Creates STIX objects from object attributes."""
+        self.stix_obj = stix2.Vulnerability(
+            id=self._generate_id(),
+            description=self.description,
+            name=self.name,
+            created_by_ref=self.author.id,
+        )
+
+    def _generate_id(self) -> str:
+        """Generates an ID."""
+        return 'vulnerability--' + generate_uuid(name=self.name)

psengine/stix2/util.py

@@ -0,0 +1,53 @@
+##################################### TERMS OF USE ###########################################
+# The following code is provided for demonstration purpose only, and should not be used      #
+# without independent verification. Recorded Future makes no representations or warranties,  #
+# express, implied, statutory, or otherwise, regarding any aspect of this code or of the     #
+# information it may retrieve, and provides it both strictly “as-is” and without assuming    #
+# responsibility for any information it may retrieve. Recorded Future shall not be liable    #
+# for, and you assume all risk of using, the foregoing. By using this code, Customer         #
+# represents that it is solely responsible for having all necessary licenses, permissions,   #
+# rights, and/or consents to connect to third party APIs, and that it is solely responsible  #
+# for having all necessary licenses, permissions, rights, and/or consents to any data        #
+# accessed from any third party API.                                                         #.
+##############################################################################################
+
+import uuid
+
+import stix2
+from stix2.canonicalization.Canonicalize import canonicalize
+
+from .constants import RF_IDENTITY_UUID, RF_NAMESPACE
+
+
+def generate_uuid(**kwargs: dict) -> str:
+    """Generated a unique UUID to be used as a STIX2 ID.
+
+    Args:
+        **kwargs (dict): a list of parameters to be hashed for the UUId.
+            Usually just {name:'somename'}, but could be more complex
+    """
+    data = {k: str(v) for k, v in kwargs.items()}
+    data = canonicalize(data, utf8=False)
+    return str(uuid.uuid5(uuid.UUID(RF_NAMESPACE), data))
+
+
+def create_rf_author() -> stix2.v21.Identity:
+    """Create the Recorded Future Author Identity.
+
+    Returns:
+        stix2.v21.Identity: Recorded Future, as an identity
+    """
+    name = 'Recorded Future'
+    id_class = 'organization'
+    return stix2.Identity(
+        name=name,
+        identity_class=id_class,
+        id=RF_IDENTITY_UUID,
+        description=(
+            'Recorded Future is the most comprehensive and independent threat'
+            ' intelligence cloud platform. We enable organizations to identify and mitigate'
+            ' threats across cyber, supply-chain, physical and fraud domains; and are trusted'
+            ' to get real-time, unbiased and actionable intelligence.'
+        ),
+        contact_information='support@recordedfuture.com',
+    )

psengine-2.0.4.dist-info/METADATA

@@ -0,0 +1,189 @@
+Metadata-Version: 2.4
+Name: psengine
+Version: 2.0.4
+Summary: psengine is a simple, yet elegant, library for rapid development of integrations with Recorded Future.
+Author-email: Moise Medici <moise.medici@recordedfuture.com>, Patrick Kinsella <patrick.kinsella@recordedfuture.com>, Ernest Bartosevic <ernest.bartosevic@recordedfuture.com>
+License-Expression: MIT
+Project-URL: Homepage, https://github.com/RecordedFuture-ProfessionalServices/psengine-py
+Project-URL: Changelog, https://github.com/RecordedFuture-ProfessionalServices/psengine-py/CHANGELOG.rst
+Keywords: API,Recorded Future,Cyber Security Engineering,Threat Intelligence
+Requires-Python: <3.14,>=3.9
+Description-Content-Type: text/x-rst
+License-File: LICENSE
+Requires-Dist: requests>=2.27.1
+Requires-Dist: jsonpath_ng<=1.6.1,>=1.5.3
+Requires-Dist: stix2~=3.0.1
+Requires-Dist: python-dateutil>=2.7.0
+Requires-Dist: more-itertools<=10.2.0,>=9.0.0
+Requires-Dist: pydantic<3.0.0,>=2.7
+Requires-Dist: pydantic-settings[toml]~=2.5.2
+Requires-Dist: markdown-strings==3.4.0
+Provides-Extra: dev
+Requires-Dist: tox==4.12.1; extra == "dev"
+Requires-Dist: build==1.0.3; extra == "dev"
+Requires-Dist: pytest==8.3.4; extra == "dev"
+Requires-Dist: pytest-cov==6.0.0; extra == "dev"
+Requires-Dist: pytest-mock==3.14.0; extra == "dev"
+Requires-Dist: pytest-random-order==1.1.1; extra == "dev"
+Requires-Dist: pytest-vcr==1.0.2; extra == "dev"
+Requires-Dist: pytest-watch==4.2.0; extra == "dev"
+Requires-Dist: requests==2.29.0; extra == "dev"
+Requires-Dist: ruff~=0.7.0; extra == "dev"
+Requires-Dist: wheel==0.37.1; extra == "dev"
+Requires-Dist: setuptools==61.0.0; extra == "dev"
+Requires-Dist: Sphinx==7.1.2; extra == "dev"
+Requires-Dist: sphinxcontrib-confluencebuilder==2.3.0; extra == "dev"
+Requires-Dist: atlassian-python-api==3.41.4; extra == "dev"
+Requires-Dist: sphinx_autodoc_typehints==1.25.2; extra == "dev"
+Requires-Dist: sphinxcontrib-napoleon; extra == "dev"
+Requires-Dist: typer==0.12.5; extra == "dev"
+Requires-Dist: cookiecutter==2.6.0; extra == "dev"
+Requires-Dist: tomlkit>=0.13.2; extra == "dev"
+Dynamic: license-file
+
+==================================================
+PSEngine
+==================================================
+**PSEngine** is a simple, yet elegant, library for rapid development of integrations with Recorded Future.
+
+
+.. code-block:: python
+
+    >>> from psengine.enrich import LookupMgr
+    >>> lookup_mgr = LookupMgr(rf_token='token')
+    >>> domain = lookup_mgr.lookup('cpejcogzznpudbsmaxxm.com', 'domain')
+    >>> domain
+    'EnrichedDomain: cpejcogzznpudbsmaxxm.com, Risk Score: 20, Last Seen: 2024-07-22 02:50:59PM'
+    >>> domain.entity
+    'cpejcogzznpudbsmaxxm.com'
+    >>> domain.content.risk
+    EntityRisk(criticality_label='Unusual', risk_string='4/52', score=20, rules=4...)
+    >>> domain.content.risk.score
+    20
+    >>> 
+    domain.content.risk.risk_summary
+    '4 of 52 Risk Rules currently observed.'
+
+
+PSEngine allows you to interact with the Recorded Future API extremely easily. There’s no need to manually build the URLs and query parameters - but nowadays, just use the modules dedicated to individual API endpoints!
+
+PSEngine is a Python package solely built and maintained by the Cyber Security Engineering team powering a number of high profile integrations, such as: Elasticsearch, QRadar, Anomali, Jira, TheHive, etc..
+
+
+Installation
+==================================================
+PSEngine is a Python package that can be installed using pip. To install PSengine, run the following command:
+
+.. code-block:: bash
+
+    $ pip install psengine git+https://github.com/RecordedFuture-ProfessionalServices/psengine.git@main
+
+
+PSEngine officially supports Python >= 3.9, < 3.14
+
+
+Supported Features & Best–Practices
+==================================================
+
+PSEngine is ready for the demands of building robust and reliable integrations.
+
+* Collective Insights
+* Analyst Notes
+* Classic & Playbook Alerts
+* Risklists
+* On demand IOC enrichment
+* List management
+* Detection Rules
+* Built in logging
+* Easy configuration management
+* Proxy support
+
+
+Quick Start
+==================================================
+Excited, to get started? 
+
+The section below will give you the basic building blocks to start building integrations with PSEngine.
+
+But first ensure that:
+
+- PSEngine is installed
+- PSEngine is up-to-date
+
+Let’s get started with some core concepts and practices.
+
+Config Management
+--------------------------------------------------
+The key requirement when building integrations with PSEngine is initializing `Config` as early as possible in your program,
+before initializing any PSEngine managers. This way `rf_token` `app_id` and `platform_id` you set will be used by every manager
+initialized after the Config.
+
+.. code-block:: python
+
+    >>> from psengine.config import Config, get_config
+    # Name & version of the integration itself
+    >>> APP_ID = 'example-app/1.0.0'
+    # Name & version of the tool this integrates with (Optional)
+    >>> PLATFORM_ID = 'PSE/1.0.0'
+    >>> Config.init(rf_token='your_token', app_id=APP_ID, platform_id=PLATFORM_ID)
+    >>> config = get_config()
+    >>> config.app_id
+    'example-app/1.0.0'
+
+The above will result in API calls made by the managers having the following headers set:
+
+- 'X-RFToken' Header will contain the Recorded Future API Token
+- 'User-Agent' Header will contain APP ID and Platform ID (if supplied) which is a Recorded Future requirement, which might look like this:
+
+    example-app/1.0.0 (macOS-14.1-arm64-arm-64bit) psengine-py/2.0.1 PSE/1.0.0
+    
+Authorization
+--------------------------------------------------
+In the example above we saw a token passed to the Config by the caller, but you can also omit the token during initialization and let
+Config retrieve it from the environment variable `RF_TOKEN`. Just ensure that the environment variable is set before running your program:
+
+    export RF_TOKEN=your_token
+
+Alternatively, if you want to set an rf_token separately for a single manager, you may pass it in the constructor:
+
+.. code-block:: python
+
+    >>> note_mgr = AnalystNoteMgr(rf_token='your_token')
+
+Logging
+--------------------------------------------------
+PSEngine also provides the capability for logging to console and files. If your program needs to show log output on the terminal and keep a .log file, just import and use psengine’s logger:
+
+.. code-block:: python
+
+    >>> from psengine.logger import RFLogger
+    >>> LOG = RFLogger().get_logger()
+    >>> LOG.info('Hello, world!')
+
+On the other hand, if your program’s log statements already have handlers setup, just log the normal way:
+
+.. code-block:: python
+
+    >>> import logging
+    >>> LOG = logging.getLogger(__name__)
+    >>> LOG.info('Hello, world!')
+
+In the second example, nothing is printed to terminal or file unless a handler is setup by another program running your code.
+
+Proxies
+--------------------------------------------------
+If your environment requires a proxy to access the internet, you can set the proxy in the Config:
+
+.. code-block:: python
+
+    >>> Config.init(
+            app_id=APP_ID,
+            platform_id=PLATFORM_ID,
+            http_proxy='http://proxy:8080',
+            https_proxy='http://proxy:8080',
+            client_ssl_verify=False,
+        )
+
+Examples
+--------------------------------------------------
+Please refer to `examples <examples>`_ for usage example of each module.

psengine-2.0.4.dist-info/RECORD

@@ -0,0 +1,115 @@
+psengine/__init__.py,sha256=-1iU4hixLTtVG9nKWuieGHxpcTxRknP7WpIwFgziMaU,1429
+psengine/_sdk_id.py,sha256=YmQ1Y2x0aGRVCZ0AnunxruP7KmSWiS93D-puB7Um0_I,1218
+psengine/_version.py,sha256=uj5AmvJ05gA6z3kL-bIjNnflYtRkjhQM9vBKLGo709w,1167
+psengine/base_http_client.py,sha256=_D35OPDxsOjx3it9r3AyqUon5jNYbssUeqT1FUC8gu4,10944
+psengine/common_models.py,sha256=jlD0rPgrq4jabesY4vCSSFCw9jCJqrz1NHZCi5T2TT0,3558
+psengine/constants.py,sha256=3FwCRdjykbIMldagOOnsWvugv34Nx6LMIJIfNROKIf8,2222
+psengine/endpoints.py,sha256=ciJ8ir9IPbTK4QCnCTph4nQYqBr_JciqPID6FD0B84Y,5450
+psengine/errors.py,sha256=j16R6ivhVzVHFzVZAPmN0SFHWatLoFovKsIGgBgyPNw,2001
+psengine/rf_client.py,sha256=kQhUnHAR40dOUxQzZKtJkKqL5pGXWDJ2Q0vOG2QWFVM,15766
+psengine/analyst_notes/__init__.py,sha256=qTLLjBepUyXbNMU3Lkv6JxJibEmWp4oNcdF5tAeoBXw,1620
+psengine/analyst_notes/constants.py,sha256=74bnXSAv-pSla-MW_znk8KS4U324WmyWft2pa9-XObo,1249
+psengine/analyst_notes/errors.py,sha256=AYosDKdVgwy57shLJhSv-ptP4xXpw5WFrUuuTU3MeJE,1970
+psengine/analyst_notes/helpers.py,sha256=_yoVhGU4Sl9DjjvmNP3xB0d0bLwXMi33oXqkOvWU09k,3769
+psengine/analyst_notes/models.py,sha256=71kRGvbYYjw8PDmI0mjk1JZiGX_fsAuFAAlIGFD_pI8,7880
+psengine/analyst_notes/note.py,sha256=P1w8KgrQlOqgLC8uwmOxKUq1qk3CwW36ftp9ZooFAiQ,5612
+psengine/analyst_notes/note_mgr.py,sha256=fD7631TCQztONusIz6KRq5g8CcJZXcTyFLrTZr45CqM,14843
+psengine/classic_alerts/__init__.py,sha256=lepL7n_agzve88BZWXTm9SKxPyTZ6_ru6GvXJqgKKdg,1482
+psengine/classic_alerts/classic_alert.py,sha256=oQXDfqOpcAP_NyYUuUCshlrUQYwwCqMFAJyy6H8F-b8,10060
+psengine/classic_alerts/classic_alert_mgr.py,sha256=L6Plx9pvJg0oGwrU_GnaH8bvCUlJ3aTm7pcAsRcs6H4,18812
+psengine/classic_alerts/constants.py,sha256=mgwScwVhp_exZJJ4E8TwAQpy-cL2gBvc4aJmy2B4IJw,1520
+psengine/classic_alerts/errors.py,sha256=Q_nPPpjoa7SB5EunXDmT83fKt21_pEVK04N_PDxP594,1985
+psengine/classic_alerts/helpers.py,sha256=EmtDl0NwVxaXLPX_j07OCVXMZXpfj1_Mqh4joUF3VBQ,3630
+psengine/classic_alerts/models.py,sha256=BrPjqTuMyIO6pRo_BErE33vCll2gylDrFsSNGEBlF64,4121
+psengine/classic_alerts/markdown/__init__.py,sha256=_5VWV_JkQlwsJdNCtl_HgSPp8uqgYUqz-I4dRTqVJLs,1145
+psengine/classic_alerts/markdown/markdown.py,sha256=jU_TE4heph0g77pkKAPskG_Z0dYolda6cBgx7yaRpOI,13884
+psengine/collective_insights/__init__.py,sha256=jt3TLqVgBLLxFGmOLhwlksnFE05btd7Nv9LfX8bShkE,1590
+psengine/collective_insights/collective_insights.py,sha256=wU2Lh0E-Qvm7QPFNx8DmQqoWSCm5hitZxtNPiVbq2Ls,5995
+psengine/collective_insights/constants.py,sha256=S-wVDdYSJNM7oii_3PmMOEWK7GBe6XhnOk-dZCs1DPA,2249
+psengine/collective_insights/errors.py,sha256=0PSxQkg-ZP9eK7uEdM60_RE6vk4Dll7CS8dLFMGAyYw,1321
+psengine/collective_insights/insight.py,sha256=4KrMk2VyNnz2hFDTKJA1BG9eInJZtLv5vqkGuvnrhRk,3361
+psengine/collective_insights/models.py,sha256=Z4W95P9NPWyz-SN71T7LP5i6wkzGPckXRKG_W-fkfpY,2876
+psengine/config/__init__.py,sha256=tiMOVTkfJYvwq4aKhDgYEuM2zZjg0_oXZzICUdaJBXk,1233
+psengine/config/config.py,sha256=tCt5rJM-Q_9KiDLBqa7LQYaTfcbP5wc8luGs1U9oc_Q,10928
+psengine/config/errors.py,sha256=mSfyIva4LgpimKwDH0jRExVGc_El-YwuVUTO_gyn0Tk,1314
+psengine/detection/__init__.py,sha256=0BMVvoanJR2sR9khm7TXwAHdVylUI8j-XQMUUOt4NlY,1352
+psengine/detection/detection_mgr.py,sha256=FIlfPRhfN7i_5lGF5LO-TuPLL2NigaShCHM9vOjydAg,5771
+psengine/detection/detection_rule.py,sha256=lxezNq427pJKgCVOGhHdTtGZARJ76YhZurQcLnJWQTY,3519
+psengine/detection/errors.py,sha256=ywvt0HL5taB-vev0271UsqhnwT_oKLsCs6Jt8ftLO1w,1578
+psengine/detection/helpers.py,sha256=3gAKamoBHrsKjRqyYx8IsnvCQ4y7enggsrvcBWIntD0,2631
+psengine/detection/models.py,sha256=F624ydQ0YJpnEv1nv-XBiCKoPm52K4O8VBkBGsYtk8Q,1983
+psengine/enrich/__init__.py,sha256=DRJjh2iAzc0K9SsXLzTX4iP0jWXmC5XjlgxO3Frb7oU,1523
+psengine/enrich/constants.py,sha256=C2x8noT2dvtIN-6DC1q_0KdgA8nXq9DpTw-zxbpf-js,2394
+psengine/enrich/errors.py,sha256=TOWh82BHiK7O958ceMADxNTUxvhmCBJViaL8TRGifpw,1581
+psengine/enrich/lookup.py,sha256=Kek8EYIZCPMrGDMvWCZzzRkfkEZVgWr8BLTbNrMIdP8,12198
+psengine/enrich/lookup_mgr.py,sha256=A-M0tWjwWPiFZoDc6oWJWWyeu4D_tstNIXbskQPfQIE,11969
+psengine/enrich/soar.py,sha256=wHxZDF9u_mE4tZ4LOz677G3v4_NU8t5FEou8Ur29qMY,3715
+psengine/enrich/soar_mgr.py,sha256=SZlBdSSAjKXqyRgpfph3uqhAn5Nw6jNJBIWvpxQC2LQ,7033
+psengine/enrich/models/__init__.py,sha256=_5VWV_JkQlwsJdNCtl_HgSPp8uqgYUqz-I4dRTqVJLs,1145
+psengine/enrich/models/base_enriched_entity.py,sha256=BSLmuZfIgkjzuZhf3jm6z2AC4mtucILmhCxfhQunTMQ,2173
+psengine/enrich/models/lookup.py,sha256=6_Q0SfEA83fg9DEa4bnK9I3FiLJJ7X4sk19ldYgqyAw,8385
+psengine/enrich/models/soar.py,sha256=hS86hYuvTksdtIWMygIVoTQcyCP-VC1M6PadwqbtNj8,4425
+psengine/entity_lists/__init__.py,sha256=uqr-ocoNKYhG165sqLHC5OEcaFKQ6MbaPQL2jdf6338,1334
+psengine/entity_lists/constants.py,sha256=As9Yd5DaP_ZTxubN9rQFu9UcrPC6zt83zRwE62ecnA4,1255
+psengine/entity_lists/entity_list.py,sha256=joVClsjTBIt9Msd5RAkTuoKdeFuifR_PHD5aESYinjg,15662
+psengine/entity_lists/entity_list_mgr.py,sha256=_wOANqY14E1Rb08_j9hfgIad2n6JA066gtiCq38l6tc,7692
+psengine/entity_lists/errors.py,sha256=l2yOXSgYJPVGZJAtBompgPPiNF8mfbXQmcLckdgdqVc,1507
+psengine/entity_lists/models.py,sha256=jDI1GPn-H091k0YWUtj20I_212sx17QJ3dbXQbhkdAE,2829
+psengine/entity_match/__init__.py,sha256=gQCXszK-ZflcEMrnTcSlNnYaSiq9MIzNJl6NuP-UOns,1279
+psengine/entity_match/entity_match.py,sha256=AcuQK44S35pxVkD1uDKI6UEThqnGDLP3qmP71PUfovQ,3416
+psengine/entity_match/entity_match_mgr.py,sha256=mvPPwb4COstH5I8cfSI8wAWOQRaPII0tlor4bMa4R50,8942
+psengine/entity_match/errors.py,sha256=cKSUG25KEBnnxQ5PuLteNiIWUvxlJqB1JTTI-e7yQaI,1312
+psengine/entity_match/models.py,sha256=hlSlWCPDAwgv8oJub4DXqnFXYnZ65FIWcfe_EMPzoFY,1308
+psengine/helpers/__init__.py,sha256=OLKNXYW5hDdCoNX0uRsCzICH8iSXwTslYq0KF5tpUvg,1328
+psengine/helpers/helpers.py,sha256=57oqqiDh2LI1EHhz1i-WrJBwB_MZUFkZlTqL-f6deP0,16371
+psengine/logger/__init__.py,sha256=2JlWQM2SKxCcQAy4teePslDcO3y7q8B3BlkKEVZ1Hok,1210
+psengine/logger/constants.py,sha256=KMQWGzi9Cfs55EFAZZNTfdh8AuMX-XbZrbdLx6p3exg,1846
+psengine/logger/errors.py,sha256=h0HjzCOw2svrasrltQC98LSxc1eKp9z7wHQ9sKrmplU,1290
+psengine/logger/rf_logger.py,sha256=HwCT1VUZxrrQiWmSmWTGesMo8JFy9IK9D3Lvr3GQn3w,5486
+psengine/markdown/__init__.py,sha256=sNtjQy20xOcWYjDIyb7ofqLQfh6G9cU1CIIRQ4b08zI,1287
+psengine/markdown/markdown.py,sha256=HNxs8xipPNEKHqDkBfH2H2ERwTmxygG-CaW18mRJCj0,6304
+psengine/markdown/models.py,sha256=7oVR6wvOJjMhgZqAq9JvdBuhGRl4oocvC9Jd4yfms9w,1304
+psengine/playbook_alerts/__init__.py,sha256=G-J5gzTet_wG6mQQfkYSP1ZkKYjGZX-xBjKcFLDUCcw,1672
+psengine/playbook_alerts/constants.py,sha256=2laFi9829w06hCxa_JzI34ewbqMrlJOpBpDtQu_G1rY,1650
+psengine/playbook_alerts/errors.py,sha256=8qRojM-mLPDAFHy0lEXPzP_BspHjZGbTxcC_25fQ2ag,1746
+psengine/playbook_alerts/helpers.py,sha256=9CnaxfGNTxWwjcPKIsNosY2bDeczByicVpTmaFTYkrA,3693
+psengine/playbook_alerts/mappings.py,sha256=sFYmKASj0pp33BGH8kWez6OpAQmgLRVGJZXiKCMcuIs,2338
+psengine/playbook_alerts/pa_category.py,sha256=cVR4aodVMDyey9H475mdzvajEac6gSHZq3krxfXVehw,1813
+psengine/playbook_alerts/playbook_alert_mgr.py,sha256=Xws4x7xhmKPBMZgO56gDnjWqKl4F2GtobGWzHGpI8Qo,24030
+psengine/playbook_alerts/playbook_alerts.py,sha256=0IKMPYdOc_CcUyqDaT8wYk3httn9bbrJxtYClUB63eg,14267
+psengine/playbook_alerts/markdown/__init__.py,sha256=_5VWV_JkQlwsJdNCtl_HgSPp8uqgYUqz-I4dRTqVJLs,1145
+psengine/playbook_alerts/markdown/markdown.py,sha256=d4Wy780H8wrUeOAZNqZgkxaxIkbeOzD_uykJB6b4TLA,4125
+psengine/playbook_alerts/markdown/markdown_code_repo.py,sha256=7wUzXzzuEgiw0jkUmnoWJQ0rkx7-LMiLKAAiLFP4P80,2963
+psengine/playbook_alerts/markdown/markdown_domain_abuse.py,sha256=AQbKb4xG9yp--wPWFyenNTfQ8qOijfbWWKOBzKQJLwc,5135
+psengine/playbook_alerts/markdown/markdown_identity_exposure.py,sha256=yxly4gpR-fMmRTruP7frmeL8B9lWiJBqKN7JQYn8rsU,6148
+psengine/playbook_alerts/models/__init__.py,sha256=0BYel1GfheIZ0XNGy1XPdwvvGuXxQACrmlaxib7FUH8,1870
+psengine/playbook_alerts/models/common_models.py,sha256=PQWnd6qSgBdmeSE4woPUJ5lI6TEOJD7MKmy23XZz1e4,1237
+psengine/playbook_alerts/models/panel_log.py,sha256=LAtlqyKRk2yDHj-xpzoey5LHJrAKJNP-dSMgfjJ7H1M,9384
+psengine/playbook_alerts/models/panel_status.py,sha256=YFqFgZHJGg_MMg8PkVZPzGc_tXnJct9iOkwSzn558r8,2795
+psengine/playbook_alerts/models/pba_code_repo_leak.py,sha256=vVswEwVypZYji-VMaUkr50xAOf6YRqF5btOr6wVvf6s,2170
+psengine/playbook_alerts/models/pba_cyber_vulnerability.py,sha256=Rb5wrGCF17mH41-lEycJGencV_d1NHDWNbN_UTlajnI,2259
+psengine/playbook_alerts/models/pba_domain_abuse.py,sha256=o-zofekpyxJ7wRTL1UyT6zMZoRebyFnUkU8-lzDhC9A,5118
+psengine/playbook_alerts/models/pba_identity_exposures.py,sha256=bQNNXLPrruJwtq41h7_eEyTEsjFjjamzx8Z3n-dRQ0A,3532
+psengine/playbook_alerts/models/pba_third_party_risk.py,sha256=zoK0lxaTK6pJKM3-BQ81a0h_pQAuxV_A5zG0G_ncuNI,3376
+psengine/playbook_alerts/models/search_endpoint.py,sha256=fj6vIaT3FIzbpcm3DpMeOYWV32rGzx2qDZdn15rJYVo,2525
+psengine/risklists/__init__.py,sha256=xohSIx-1HxI6GOhRPs5tapgNGO-XGxy8Xn9aPI83ueQ,1312
+psengine/risklists/constants.py,sha256=S93uHFccyRV30i1dZ-H4PGsoeKDWC_1-XxPbRJShvOs,1185
+psengine/risklists/errors.py,sha256=tlAub65rpwyCawy_j8rk-4qm-rLiUG1IgyG9Wlbf3vY,1353
+psengine/risklists/models.py,sha256=zl0q9pf_IDqDxue3iZtY3uGTXRqgl1A6O4XpX-jJc-0,3095
+psengine/risklists/risklist_mgr.py,sha256=ICwEeohOexQNFiDpcbJ4u8e2b_WuOFNVl4ISjbLwtP4,6160
+psengine/stix2/__init__.py,sha256=Hsb89u_FyD_NBNC5HT_e-jBOJckDg5zXyibD7myBjPc,1580
+psengine/stix2/base_stix_entity.py,sha256=qghRiNOGRBhVMMn_KNzxUuN0bZUpIdiNanMOoih8FDU,2611
+psengine/stix2/complex_entity.py,sha256=sqWi6Axg4XQslFAI0NKXLHsj9WnRrH82WGnzFoRPjcU,13728
+psengine/stix2/constants.py,sha256=nxhAdwfep4-1-yBYOM0Kl0ZUytDqTMSdJ4NLCVNdayU,3207
+psengine/stix2/enriched_indicator.py,sha256=eFfQnyf-5cVHHwAot3IAg9frGAAshs8tTfocEs-2hw4,10316
+psengine/stix2/errors.py,sha256=peIaG_oLqtn-lVaLcqicuZuCoY9FJjZoXVbnSOD795A,1475
+psengine/stix2/helpers.py,sha256=FRLXiMMhLcqKzGLmis-Uw5yyQrbLjUnqVM0oyVaglAM,3064
+psengine/stix2/rf_bundle.py,sha256=tb8MJQYZC9B2y6vPO9MQi351CxGdpqQ_-cU8BOoczPI,8739
+psengine/stix2/simple_entity.py,sha256=sqZvgwLN6slzTqJSRn3RXpBv0stj33TpqLpsy_JkBss,5341
+psengine/stix2/util.py,sha256=CqPjY5pGZ2MzUrdFHZfslv2tSUSHMRTsYleq3jtYkkQ,2484
+psengine-2.0.4.dist-info/licenses/LICENSE,sha256=TVndR2xDgh4CIt3zBnOlTWoVYm2YQsBVrYgvTppmNkg,1092
+psengine-2.0.4.dist-info/METADATA,sha256=ne6FVKmdGYQSFdLM7rmmw0UIamF0kk2WpEfU4IMf19M,7420
+psengine-2.0.4.dist-info/WHEEL,sha256=zaaOINJESkSfm_4HQVc5ssNzHCPXhJm0kEUakpsEHaU,91
+psengine-2.0.4.dist-info/entry_points.txt,sha256=uwDpwt0qM7cTygFw5iOKzqhur9rE-ejx8hkeiJ3_tFk,47
+psengine-2.0.4.dist-info/top_level.txt,sha256=oxOppB0mENI7Z2EbHfN9G2gHlg08qJAxCdROl35ac_k,9
+psengine-2.0.4.dist-info/RECORD,,

psengine-2.0.4.dist-info/WHEEL

@@ -0,0 +1,5 @@
+Wheel-Version: 1.0
+Generator: setuptools (80.8.0)
+Root-Is-Purelib: true
+Tag: py3-none-any
+

psengine-2.0.4.dist-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+psengine = psengine_cli:main

psengine-2.0.4.dist-info/licenses/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 RecordedFuture-ProfessionalServices
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

psengine-2.0.4.dist-info/top_level.txt

@@ -0,0 +1 @@
+psengine