pycti 6.3.13__py3-none-any.whl → 6.4.1__py3-none-any.whl

pycti/entities/opencti_stix_core_relationship.py

@@ -336,6 +336,7 @@ class StixCoreRelationship:
             start_time = start_time.isoformat()
         if isinstance(stop_time, datetime.datetime):
             stop_time = stop_time.isoformat()
+
         if start_time is not None and stop_time is not None:
             data = {
                 "relationship_type": relationship_type,
@@ -376,6 +377,16 @@ class StixCoreRelationship:
         :return List of stix_core_relationship objects
     """
 
+    @staticmethod
+    def generate_id_from_data(data):
+        return StixCoreRelationship.generate_id(
+            data["relationship_type"],
+            data["source_ref"],
+            data["target_ref"],
+            data.get("start_time"),
+            data.get("stop_time"),
+        )
+
     def list(self, **kwargs):
         from_or_to_id = kwargs.get("fromOrToId", None)
         element_with_target_types = kwargs.get("elementWithTargetTypes", None)
@@ -599,6 +610,7 @@ class StixCoreRelationship:
         kill_chain_phases = kwargs.get("killChainPhases", None)
         granted_refs = kwargs.get("objectOrganization", None)
         x_opencti_workflow_id = kwargs.get("x_opencti_workflow_id", None)
+        x_opencti_stix_ids = kwargs.get("x_opencti_stix_ids", None)
         update = kwargs.get("update", False)
 
         self.opencti.app_logger.info(
@@ -642,6 +654,7 @@ class StixCoreRelationship:
                     "externalReferences": external_references,
                     "killChainPhases": kill_chain_phases,
                     "x_opencti_workflow_id": x_opencti_workflow_id,
+                    "x_opencti_stix_ids": x_opencti_stix_ids,
                     "update": update,
                 }
             },
@@ -1132,6 +1145,10 @@ class StixCoreRelationship:
         default_date = kwargs.get("defaultDate", False)
         if stix_relation is not None:
             # Search in extensions
+            if "x_opencti_stix_ids" not in stix_relation:
+                stix_relation["x_opencti_stix_ids"] = (
+                    self.opencti.get_attribute_in_extension("stix_ids", stix_relation)
+                )
             if "x_opencti_granted_refs" not in stix_relation:
                 stix_relation["x_opencti_granted_refs"] = (
                     self.opencti.get_attribute_in_extension(
@@ -1213,6 +1230,11 @@ class StixCoreRelationship:
                     if "x_opencti_workflow_id" in stix_relation
                     else None
                 ),
+                x_opencti_stix_ids=(
+                    stix_relation["x_opencti_stix_ids"]
+                    if "x_opencti_stix_ids" in stix_relation
+                    else None
+                ),
                 update=update,
             )
         else:

pycti/entities/opencti_stix_sighting_relationship.py

@@ -262,7 +262,12 @@ class StixSightingRelationship:
         """
 
     @staticmethod
-    def generate_id(source_ref, target_ref, first_seen=None, last_seen=None):
+    def generate_id(
+        sighting_of_ref,
+        where_sighted_refs,
+        first_seen=None,
+        last_seen=None,
+    ):
         if isinstance(first_seen, datetime.datetime):
             first_seen = first_seen.isoformat()
         if isinstance(last_seen, datetime.datetime):
@@ -270,20 +275,38 @@ class StixSightingRelationship:
 
         if first_seen is not None and last_seen is not None:
             data = {
-                "source_ref": source_ref,
-                "target_ref": target_ref,
+                "type": "sighting",
+                "sighting_of_ref": sighting_of_ref,
+                "where_sighted_refs": where_sighted_refs,
                 "first_seen": first_seen,
                 "last_seen": last_seen,
             }
+        elif first_seen is not None:
+            data = {
+                "type": "sighting",
+                "sighting_of_ref": sighting_of_ref,
+                "where_sighted_refs": where_sighted_refs,
+                "first_seen": first_seen,
+            }
         else:
             data = {
-                "source_ref": source_ref,
-                "target_ref": target_ref,
+                "type": "sighting",
+                "sighting_of_ref": sighting_of_ref,
+                "where_sighted_refs": where_sighted_refs,
             }
         data = canonicalize(data, utf8=False)
         id = str(uuid.uuid5(uuid.UUID("00abedb4-aa42-466c-9c01-fed23315a9b7"), data))
         return "sighting--" + id
 
+    @staticmethod
+    def generate_id_from_data(data):
+        return StixSightingRelationship.generate_id(
+            data["sighting_of_ref"],
+            data["where_sighted_refs"],
+            data.get("first_seen"),
+            data.get("last_seen"),
+        )
+
     """
         List stix_sightings objects
 

pycti/entities/opencti_task.py

@@ -226,14 +226,17 @@ class Task:
 
     @staticmethod
     def generate_id(name, created):
-        name = name.lower().strip()
         if isinstance(created, datetime.datetime):
             created = created.isoformat()
-        data = {"name": name, "created": created}
+        data = {"name": name.lower().strip(), "created": created}
         data = canonicalize(data, utf8=False)
         id = str(uuid.uuid5(uuid.UUID("00abedb4-aa42-466c-9c01-fed23315a9b7"), data))
         return "task--" + id
 
+    @staticmethod
+    def generate_id_from_data(data):
+        return Task.generate_id(data["name"], data["created"])
+
     """
         List Task objects
         

pycti/entities/opencti_threat_actor.py

@@ -142,13 +142,20 @@ class ThreatActor:
         """
 
     @staticmethod
-    def generate_id(name):
-        name = name.lower().strip()
-        data = {"name": name}
+    def generate_id(name, opencti_type):
+        data = {"name": name.lower().strip(), "opencti_type": opencti_type}
         data = canonicalize(data, utf8=False)
         id = str(uuid.uuid5(uuid.UUID("00abedb4-aa42-466c-9c01-fed23315a9b7"), data))
         return "threat-actor--" + id
 
+    def generate_id_from_data(self, data):
+        data_type = "Threat-Actor-Group"
+        if "x_opencti_type" in data:
+            data_type = data["x_opencti_type"]
+        elif self.opencti.get_attribute_in_extension("type", data) is not None:
+            data_type = self.opencti.get_attribute_in_extension("type", data)
+        return ThreatActor.generate_id(data["name"], data_type)
+
     def list(self, **kwargs) -> dict:
         """List Threat-Actor objects
 

pycti/entities/opencti_threat_actor_group.py

@@ -145,6 +145,10 @@ class ThreatActorGroup:
         id = str(uuid.uuid5(uuid.UUID("00abedb4-aa42-466c-9c01-fed23315a9b7"), data))
         return "threat-actor--" + id
 
+    @staticmethod
+    def generate_id_from_data(data):
+        return ThreatActorGroup.generate_id(data["name"])
+
     def list(self, **kwargs) -> dict:
         """List Threat-Actor-Group objects
 

pycti/entities/opencti_threat_actor_individual.py

@@ -145,6 +145,10 @@ class ThreatActorIndividual:
         id = str(uuid.uuid5(uuid.UUID("00abedb4-aa42-466c-9c01-fed23315a9b7"), data))
         return "threat-actor--" + id
 
+    @staticmethod
+    def generate_id_from_data(data):
+        return ThreatActorIndividual.generate_id(data["name"])
+
     def list(self, **kwargs) -> dict:
         """List Threat-Actor-Individual objects
 

pycti/entities/opencti_tool.py

@@ -134,6 +134,10 @@ class Tool:
         id = str(uuid.uuid5(uuid.UUID("00abedb4-aa42-466c-9c01-fed23315a9b7"), data))
         return "tool--" + id
 
+    @staticmethod
+    def generate_id_from_data(data):
+        return Tool.generate_id(data["name"])
+
     """
         List Tool objects
 

pycti/entities/opencti_vocabulary.py

@@ -1,4 +1,7 @@
 import json
+import uuid
+
+from stix2.canonicalization.Canonicalize import canonicalize
 
 
 class Vocabulary:
@@ -15,6 +18,18 @@ class Vocabulary:
             }
         """
 
+    @staticmethod
+    def generate_id(name, category):
+        name = name.lower().strip()
+        data = {"name": name, "category": category}
+        data = canonicalize(data, utf8=False)
+        id = str(uuid.uuid5(uuid.UUID("00abedb4-aa42-466c-9c01-fed23315a9b7"), data))
+        return "vocabulary--" + id
+
+    @staticmethod
+    def generate_id_from_data(data):
+        return Vocabulary.generate_id(data["name"], data["category"])
+
     def list(self, **kwargs):
         filters = kwargs.get("filters", None)
         self.opencti.app_logger.info(

pycti/entities/opencti_vulnerability.py

@@ -131,6 +131,10 @@ class Vulnerability:
         id = str(uuid.uuid5(uuid.UUID("00abedb4-aa42-466c-9c01-fed23315a9b7"), data))
         return "vulnerability--" + id
 
+    @staticmethod
+    def generate_id_from_data(data):
+        return Vulnerability.generate_id(data["name"])
+
     """
         List Vulnerability objects
 

pycti/utils/opencti_stix2.py

@@ -176,7 +176,10 @@ class OpenCTIStix2:
         return None
 
     def import_bundle_from_file(
-        self, file_path: str, update: bool = False, types: List = None
+        self,
+        file_path: str,
+        update: bool = False,
+        types: List = None,
     ) -> Optional[List]:
         """import a stix2 bundle from a file
 
@@ -194,7 +197,7 @@ class OpenCTIStix2:
             return None
         with open(os.path.join(file_path), encoding="utf-8") as file:
             data = json.load(file)
-        return self.import_bundle(data, update, types)
+        return self.import_bundle(data, update, types, None)
 
     def import_bundle_from_json(
         self,
@@ -856,6 +859,59 @@ class OpenCTIStix2:
 
     # endregion
 
+    def get_stix_helper(self):
+        # Import
+        return {
+            # entities
+            "attack-pattern": self.opencti.attack_pattern,
+            "campaign": self.opencti.campaign,
+            "note": self.opencti.note,
+            "observed-data": self.opencti.observed_data,
+            "opinion": self.opencti.opinion,
+            "report": self.opencti.report,
+            "course-of-action": self.opencti.course_of_action,
+            "identity": self.opencti.identity,
+            "infrastructure": self.opencti.infrastructure,
+            "intrusion-set": self.opencti.intrusion_set,
+            "location": self.opencti.location,
+            "malware": self.opencti.malware,
+            "threat-actor": self.opencti.threat_actor,
+            "tool": self.opencti.tool,
+            "vulnerability": self.opencti.vulnerability,
+            "incident": self.opencti.incident,
+            "marking-definition": self.opencti.marking_definition,
+            "case-rfi": self.opencti.case_rfi,
+            "x-opencti-case-rfi": self.opencti.case_rfi,
+            "case-rft": self.opencti.case_rft,
+            "x-opencti-case-rft": self.opencti.case_rft,
+            "case-incident": self.opencti.case_incident,
+            "x-opencti-case-incident": self.opencti.case_incident,
+            "feedback": self.opencti.feedback,
+            "x-opencti-feedback": self.opencti.feedback,
+            "channel": self.opencti.channel,
+            "data-component": self.opencti.data_component,
+            "x-mitre-data-component": self.opencti.data_component,
+            "data-source": self.opencti.data_source,
+            "x-mitre-data-source": self.opencti.data_source,
+            "event": self.opencti.event,
+            "grouping": self.opencti.grouping,
+            "indicator": self.opencti.indicator,
+            "language": self.opencti.language,
+            "malware-analysis": self.opencti.malware_analysis,
+            "narrative": self.opencti.narrative,
+            "task": self.opencti.task,
+            "x-opencti-task": self.opencti.task,
+            "vocabulary": self.opencti.vocabulary,
+            # relationships
+            "relationship": self.opencti.stix_core_relationship,
+            "sighting": self.opencti.stix_sighting_relationship,
+        }
+
+    def generate_standard_id_from_stix(self, data):
+        stix_helpers = self.get_stix_helper()
+        helper = stix_helpers.get(data["type"])
+        return helper.generate_id_from_data(data)
+
     # region import
     def import_object(
         self, stix_object: Dict, update: bool = False, types: List = None
@@ -902,53 +958,16 @@ class OpenCTIStix2:
             "sample_ids": sample_refs_ids,
         }
 
-        # Import
-        importer = {
-            "marking-definition": self.opencti.marking_definition.import_from_stix2,
-            "attack-pattern": self.opencti.attack_pattern.import_from_stix2,
-            "campaign": self.opencti.campaign.import_from_stix2,
-            "channel": self.opencti.channel.import_from_stix2,
-            "event": self.opencti.event.import_from_stix2,
-            "note": self.opencti.note.import_from_stix2,
-            "observed-data": self.opencti.observed_data.import_from_stix2,
-            "opinion": self.opencti.opinion.import_from_stix2,
-            "report": self.opencti.report.import_from_stix2,
-            "grouping": self.opencti.grouping.import_from_stix2,
-            "case-rfi": self.opencti.case_rfi.import_from_stix2,
-            "x-opencti-case-rfi": self.opencti.case_rfi.import_from_stix2,
-            "case-rft": self.opencti.case_rft.import_from_stix2,
-            "x-opencti-case-rft": self.opencti.case_rft.import_from_stix2,
-            "task": self.opencti.task.import_from_stix2,
-            "x-opencti-task": self.opencti.task.import_from_stix2,
-            "case-incident": self.opencti.case_incident.import_from_stix2,
-            "x-opencti-case-incident": self.opencti.case_incident.import_from_stix2,
-            "feedback": self.opencti.feedback.import_from_stix2,
-            "x-opencti-feedback": self.opencti.feedback.import_from_stix2,
-            "course-of-action": self.opencti.course_of_action.import_from_stix2,
-            "data-component": self.opencti.data_component.import_from_stix2,
-            "x-mitre-data-component": self.opencti.data_component.import_from_stix2,
-            "data-source": self.opencti.data_source.import_from_stix2,
-            "x-mitre-data-source": self.opencti.data_source.import_from_stix2,
-            "identity": self.opencti.identity.import_from_stix2,
-            "indicator": self.opencti.indicator.import_from_stix2,
-            "infrastructure": self.opencti.infrastructure.import_from_stix2,
-            "intrusion-set": self.opencti.intrusion_set.import_from_stix2,
-            "location": self.opencti.location.import_from_stix2,
-            "malware": self.opencti.malware.import_from_stix2,
-            "malware-analysis": self.opencti.malware_analysis.import_from_stix2,
-            "threat-actor": self.opencti.threat_actor.import_from_stix2,
-            "tool": self.opencti.tool.import_from_stix2,
-            "narrative": self.opencti.narrative.import_from_stix2,
-            "vulnerability": self.opencti.vulnerability.import_from_stix2,
-            "incident": self.opencti.incident.import_from_stix2,
-        }
-        do_import = importer.get(
-            stix_object["type"],
-            lambda **kwargs: self.unknown_type(stix_object),
-        )
-        stix_object_results = do_import(
-            stixObject=stix_object, extras=extras, update=update
-        )
+        stix_helper = self.get_stix_helper().get(stix_object["type"])
+        if stix_helper:
+            stix_object_results = stix_helper.import_from_stix2(
+                stixObject=stix_object, extras=extras, update=update
+            )
+        else:
+            stix_object_results = None
+            self.opencti.app_logger.error(
+                "Unknown object type, doing nothing...", {"type": stix_object["type"]}
+            )
 
         if stix_object_results is None:
             return None
@@ -1381,6 +1400,11 @@ class OpenCTIStix2:
                 if "x_opencti_workflow_id" in stix_sighting
                 else None
             ),
+            x_opencti_stix_ids=(
+                stix_sighting["x_opencti_stix_ids"]
+                if "x_opencti_stix_ids" in stix_sighting
+                else None
+            ),
             update=update,
             ignore_dates=(
                 stix_sighting["x_opencti_ignore_dates"]
@@ -2411,7 +2435,7 @@ class OpenCTIStix2:
                 # region Resolve the to
                 to_ids = []
                 if "x_opencti_where_sighted_refs" in item:
-                    for where_sighted_ref in item["_opencti_where_sighted_refs"]:
+                    for where_sighted_ref in item["x_opencti_where_sighted_refs"]:
                         to_ids.append(where_sighted_ref)
                 elif "where_sighted_refs" in item:
                     for where_sighted_ref in item["where_sighted_refs"]:
@@ -2631,6 +2655,7 @@ class OpenCTIStix2:
             if "x_opencti_event_version" in stix_bundle
             else None
         )
+
         stix2_splitter = OpenCTIStix2Splitter()
         _, bundles = stix2_splitter.split_bundle_with_expectations(
             stix_bundle, False, event_version

{pycti-6.3.13.dist-info → pycti-6.4.1.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: pycti
-Version: 6.3.13
+Version: 6.4.1
 Summary: Python API client for OpenCTI.
 Home-page: https://github.com/OpenCTI-Platform/client-python
 Author: Filigran
@@ -24,7 +24,9 @@ License-File: LICENSE
 Requires-Dist: datefinder~=0.7.3
 Requires-Dist: pika~=1.3.0
 Requires-Dist: pydantic~=2.8.2
-Requires-Dist: python-json-logger~=2.0.4
+Requires-Dist: python-magic~=0.4.27; sys_platform == "linux" or sys_platform == "darwin"
+Requires-Dist: python-magic-bin~=0.4.14; sys_platform == "win32"
+Requires-Dist: python_json_logger~=2.0.4
 Requires-Dist: PyYAML~=6.0
 Requires-Dist: requests~=2.32.2
 Requires-Dist: setuptools~=71.1.0
@@ -35,8 +37,6 @@ Requires-Dist: opentelemetry-sdk~=1.22.0
 Requires-Dist: deprecation~=2.1.0
 Requires-Dist: filigran-sseclient~=1.0.0
 Requires-Dist: stix2~=3.0.1
-Requires-Dist: python-magic~=0.4.27; sys_platform == "linux" or sys_platform == "darwin"
-Requires-Dist: python-magic-bin~=0.4.14; sys_platform == "win32"
 Provides-Extra: dev
 Requires-Dist: black~=24.4.0; extra == "dev"
 Requires-Dist: build~=1.2.1; extra == "dev"
@@ -45,7 +45,7 @@ Requires-Dist: types-pytz~=2024.1.0.20240203; extra == "dev"
 Requires-Dist: pre-commit~=3.7.0; extra == "dev"
 Requires-Dist: pytest-cases~=3.8.0; extra == "dev"
 Requires-Dist: pytest-cov~=5.0.0; extra == "dev"
-Requires-Dist: pytest-randomly~=3.15.0; extra == "dev"
+Requires-Dist: pytest_randomly~=3.15.0; extra == "dev"
 Requires-Dist: pytest~=8.2.0; extra == "dev"
 Requires-Dist: types-python-dateutil~=2.9.0; extra == "dev"
 Requires-Dist: wheel~=0.43.0; extra == "dev"

pycti-6.4.1.dist-info/RECORD

@@ -0,0 +1,74 @@
+pycti/__init__.py,sha256=pY7vX3z0BSzJHOL0T-REcB8v0M8d8w2a5kJO4wgY5Cg,5218
+pycti/api/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+pycti/api/opencti_api_client.py,sha256=zTpdwD592cm_cpZmnK8Ba6CRyDK1Xe2jqaT2-HvTuKE,32187
+pycti/api/opencti_api_connector.py,sha256=ubM_zPjTD8L33TEugCQgf_YF9zugDFg_7FgNubGlwJw,5447
+pycti/api/opencti_api_playbook.py,sha256=456We78vESukfSOi_CctfZ9dbBJEi76EHClRc2f21Js,1628
+pycti/api/opencti_api_work.py,sha256=JLfl7oy6Cq9IrYW_kUrqwzN46FoVzyIn1JJQKyK0h_w,7615
+pycti/connector/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+pycti/connector/opencti_connector.py,sha256=5oVvS27KWhzRiofJAeQPDtba-EP83FziSistyEd5l-U,2561
+pycti/connector/opencti_connector_helper.py,sha256=b-6ymDF3e4pfVxRhB13vj8Vwzo3h2TcV1iud6pPrKOk,80672
+pycti/connector/opencti_metric_handler.py,sha256=4jXHeJflomtHjuQ_YU0b36TG7o26vOWbY_jvU8Ezobs,3725
+pycti/entities/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+pycti/entities/opencti_attack_pattern.py,sha256=rj3o2bFCoXniLmD9Ithi09S9Us8ab1G-GFLgqS8jll0,22237
+pycti/entities/opencti_campaign.py,sha256=QPvAPeydaIKFIl7ig3XUpfZCoRuiLABqoHSZG0uKbCE,17789
+pycti/entities/opencti_case_incident.py,sha256=KaJenRG8k0SCHL8jhThI1gSDsUvrJjNRSIBdmfRzosA,33826
+pycti/entities/opencti_case_rfi.py,sha256=PmXmzUqz2_VKJyrDh4_dceCcMR_WpD39E6LDaWJhwmo,32575
+pycti/entities/opencti_case_rft.py,sha256=yxhGdVOx40pAFpT2n0IBsZrWFaNXC3tg50gZHhlb9T0,33459
+pycti/entities/opencti_channel.py,sha256=6_R3e6WRnNe-qbZ4XHgXo7IalIRBd8l2YmKyNHpFtYM,16713
+pycti/entities/opencti_course_of_action.py,sha256=uOTik5-nykN83q7fqG-ClgJt3axwHy6DkAWA2ToTaT4,18697
+pycti/entities/opencti_data_component.py,sha256=8VpFJMr1fNmZg51kaHbzvmc_7KOZu_lMcwQsZylVQM4,19269
+pycti/entities/opencti_data_source.py,sha256=ATOz3B-pv8m6CkUq93MY6sg5zA8H-Q5SJRKwmna85Wk,18154
+pycti/entities/opencti_event.py,sha256=WUptWDmxMbuL-Mp0wX-BLTi15KJua1AO8L4n6tcSbTM,16809
+pycti/entities/opencti_external_reference.py,sha256=iffppZFJPRy0pZjdbfYYNlKp5PXS2VIWiyxeBMdGuuI,13568
+pycti/entities/opencti_feedback.py,sha256=t_4KnCi53lADEV-O_isD74v7GOMpoFz9Kf-eWJIBFoA,32420
+pycti/entities/opencti_grouping.py,sha256=q6zRDF_Oc2sIt6iKecxbqa8bh50UzJ8HixYouhem7Cc,30279
+pycti/entities/opencti_identity.py,sha256=QVXNBedhZ5jnQxx3w9IsrghvtRGpRhttpLdZ474TVZA,23803
+pycti/entities/opencti_incident.py,sha256=R0LYEBll5gv83pJloUcWRqTR5tmr2gF0kRGUAtg8w40,18676
+pycti/entities/opencti_indicator.py,sha256=cpz7Geiy7zkxPudnzdiVwRM5tUKs57LU7qTnl-M7wOE,20952
+pycti/entities/opencti_infrastructure.py,sha256=9rL9Rk7470gvjG6wuTbqUqtjsGxmvDId1NksudArb94,20041
+pycti/entities/opencti_intrusion_set.py,sha256=z5ziqushqrWFBL4ub8HrOxIYXIonZCsQH12F-R35in0,19067
+pycti/entities/opencti_kill_chain_phase.py,sha256=Uk4phq-l8TJTpPKmHJa6_1zTJb59-lah2HDaYWqMOTk,8081
+pycti/entities/opencti_label.py,sha256=6RZJPIa_dXf_YNNU4xXKghfBnpNjhU5YXOaSIcB4YrM,8800
+pycti/entities/opencti_language.py,sha256=KugOaUMnygo8wDnv4RPJTv_EleNGWyEfsAOxI7NitLk,16282
+pycti/entities/opencti_location.py,sha256=dbsqkgZbcnrh2mrG5u59kZmCv6HrclwUIgSb9BPm4DI,18395
+pycti/entities/opencti_malware.py,sha256=JkwOhee1uqs9_OptLG9qiwPlwWo4WuI1v2VGomNPfDg,20460
+pycti/entities/opencti_malware_analysis.py,sha256=Oz1rPrF6rUczmaKNB8j8k6JDsp-1UOcJN-2fIfckXNI,21798
+pycti/entities/opencti_marking_definition.py,sha256=Q_WdW_LyS7H8MuhCiFOwCFzj-1r5zFCev13FhY2iyvc,13030
+pycti/entities/opencti_narrative.py,sha256=jJz9v3DtApHS6gmpg6K8-jOG6E3s--K5ipzwc3WXF8A,17151
+pycti/entities/opencti_note.py,sha256=vYgooFvqWI9d9586HEQjp0xEzsrdLYQ_I9kKetw41Pg,30776
+pycti/entities/opencti_observed_data.py,sha256=9cTUTDB7DG7dKdyQsm30ucOUs8xxu6-r-VqVAYKzl68,31243
+pycti/entities/opencti_opinion.py,sha256=Znwkqx1gUYYu-Rx7jIidDC3yj0PQfLA-G3gz_IVXZbs,22503
+pycti/entities/opencti_report.py,sha256=W6lRCnW7J7vE5U_07X81wR6ff2Tk_GzeOV1B--NBiPA,35347
+pycti/entities/opencti_stix.py,sha256=uMheSg8i1f2Ozx2Mk0iShWzHHjj6MMWDtV5nDjVxKEE,2275
+pycti/entities/opencti_stix_core_object.py,sha256=Lc0-lytsEjQRWD9VkVTHPrWPgqOzqT99qwndOQIRYCw,51683
+pycti/entities/opencti_stix_core_relationship.py,sha256=Jebd-pp5aMu-HE58jisBBsQm0D3U03HBmi3ZePcRmtc,44786
+pycti/entities/opencti_stix_cyber_observable.py,sha256=ywZHND5Kfykurn-EUO2k0-hdpsrCHHFjpb4xONVGEt8,92094
+pycti/entities/opencti_stix_domain_object.py,sha256=LyKy5DbhtffO_sHJO3Xo1_PcuPi27pTKp_ETYhdU_zs,78894
+pycti/entities/opencti_stix_nested_ref_relationship.py,sha256=eGCF7yaEDqMsJbgvTDle0tVzRCF78CmEhE02jioUTCc,12605
+pycti/entities/opencti_stix_object_or_stix_relationship.py,sha256=5qutzML6SyYzDhZ-QpI9Vh23hzLEs-xeFAAZOpGHZ2g,18049
+pycti/entities/opencti_stix_sighting_relationship.py,sha256=FyvEcOwcSyVY_oYVqAVfi_VeeNLl7QJlTigM09tpXu0,28780
+pycti/entities/opencti_task.py,sha256=vNergoXqXd5FeNM75-cqtI__u2jG0462sRhakXG3-p0,24711
+pycti/entities/opencti_threat_actor.py,sha256=oo-WovanGdO_Ic9X1_uHBQB-4R25shLD1-6Sa7HJZKo,10365
+pycti/entities/opencti_threat_actor_group.py,sha256=lo60v-3qFRxtTmQ5Bq_csQchzE8spsdHmhMgXRDBM-4,19724
+pycti/entities/opencti_threat_actor_individual.py,sha256=hPcOrHKERTpcnVmFF8h8Dwe4gebWBK7h35BAMFf8P7g,19976
+pycti/entities/opencti_tool.py,sha256=PVI7fOz1t8cNfF6wvlO1LLWZqS26m8Ayn3-s-XQpaWg,15339
+pycti/entities/opencti_vocabulary.py,sha256=xupdHJ6TznCmvI3sVYU261SnfblSNc1nwg19MG9yrao,6499
+pycti/entities/opencti_vulnerability.py,sha256=PxlfRKrwmkqU5E8o8WF04YRXJtCxBu5QBKbxvd96loY,22658
+pycti/entities/indicator/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+pycti/entities/indicator/opencti_indicator_properties.py,sha256=8X8YkCshM0gkHc9sQZ_WSNvVxOA4aTJmLta8ZG93HOU,5087
+pycti/entities/stix_cyber_observable/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+pycti/entities/stix_cyber_observable/opencti_stix_cyber_observable_deprecated.py,sha256=BH65h6xBz7naG61t5nvBdhnGYnobNuiUZf8CJC4-nnc,1847
+pycti/entities/stix_cyber_observable/opencti_stix_cyber_observable_properties.py,sha256=MN56CW8RWZwB0Pr8UiHZy_4nSzbgFbwdhSFKpsZ_d1Y,11293
+pycti/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+pycti/utils/constants.py,sha256=ZgOVxY5bnrHiNvPgOfZLWk16sSDnaE_tg8JVjZpw24Q,11831
+pycti/utils/opencti_logger.py,sha256=0dvB75V0SuPFGxL539dAQrxTt1N5Acx0A3Ogwl5WMJ8,2199
+pycti/utils/opencti_stix2.py,sha256=oNB49_CB2cXjQ-a94zNOHJOZ86EcpexfJjkzToWRook,117554
+pycti/utils/opencti_stix2_identifier.py,sha256=k8L1z4q1xdCBfxqUba4YS_kT-MmbJFxYh0RvfGOmrOs,837
+pycti/utils/opencti_stix2_splitter.py,sha256=etnAWMDzNi2JCovSUJ5Td-XLVdzgKRdsV1XfpXOGols,11070
+pycti/utils/opencti_stix2_update.py,sha256=CnMyqkeVA0jgyxEcgqna8sABU4YPMjkEJ228GVurIn4,14658
+pycti/utils/opencti_stix2_utils.py,sha256=xgBZzm7HC76rLQYwTKkaUd_w9jJnVMoryHx7KDDIB_g,5065
+pycti-6.4.1.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
+pycti-6.4.1.dist-info/METADATA,sha256=KOFxignwDobbRHe9wNLppLrcoqGsvHQi-sd5_LfhOZ8,5418
+pycti-6.4.1.dist-info/WHEEL,sha256=PZUExdf71Ui_so67QXpySuHtCi3-J3wvF4ORK6k_S8U,91
+pycti-6.4.1.dist-info/top_level.txt,sha256=cqEpxitAhHP4VgSA6xmrak6Yk9MeBkwoMTB6k7d2ZnE,6
+pycti-6.4.1.dist-info/RECORD,,

{pycti-6.3.13.dist-info → pycti-6.4.1.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (75.5.0)
+Generator: setuptools (75.6.0)
 Root-Is-Purelib: true
 Tag: py3-none-any
 

pycti-6.3.13.dist-info/RECORD

@@ -1,74 +0,0 @@
-pycti/__init__.py,sha256=1gK3lh7du2Wua8ScY7_IHbGL4QWiCIGAk0YeY1DLL3Y,5219
-pycti/api/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-pycti/api/opencti_api_client.py,sha256=WpJs3GtEO0kV29KXmKY-2JmtiL6JSPD-746-FbnIcik,31027
-pycti/api/opencti_api_connector.py,sha256=ubM_zPjTD8L33TEugCQgf_YF9zugDFg_7FgNubGlwJw,5447
-pycti/api/opencti_api_playbook.py,sha256=456We78vESukfSOi_CctfZ9dbBJEi76EHClRc2f21Js,1628
-pycti/api/opencti_api_work.py,sha256=JLfl7oy6Cq9IrYW_kUrqwzN46FoVzyIn1JJQKyK0h_w,7615
-pycti/connector/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-pycti/connector/opencti_connector.py,sha256=5oVvS27KWhzRiofJAeQPDtba-EP83FziSistyEd5l-U,2561
-pycti/connector/opencti_connector_helper.py,sha256=KUir7ioe-5dhh9E8weZ_dRHu2j_lCpDsc0ORZJgZhz4,79371
-pycti/connector/opencti_metric_handler.py,sha256=4jXHeJflomtHjuQ_YU0b36TG7o26vOWbY_jvU8Ezobs,3725
-pycti/entities/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-pycti/entities/opencti_attack_pattern.py,sha256=AP_lTsHk0NscvFsXdxjzXWLCpg0ZaHTUT-Yg2JyB4YU,22047
-pycti/entities/opencti_campaign.py,sha256=WXY9wOJYqmW7tbRHQPlFX-vNYsx5w9Gz_olS4vJ0MDM,17683
-pycti/entities/opencti_case_incident.py,sha256=BEP22Itt7-ZxMBwMNMHO7sbS8XfNSfiy0Y7chuOgWJ4,33699
-pycti/entities/opencti_case_rfi.py,sha256=3coAKmkyc6rmk6D9Co3JvggtpOcOCFJJRgR4TuGSpcI,32453
-pycti/entities/opencti_case_rft.py,sha256=cO-DJAJThKHMYAMvKH8yGGIPXu1C40h9qZaNbwVXfzo,33337
-pycti/entities/opencti_channel.py,sha256=cA8ltYJpB43rUSKvCPyLUJvtdb_RSJ4tuuUdi_EMF2Q,16608
-pycti/entities/opencti_course_of_action.py,sha256=j_yZqvfeCba2FBSf0Pf2ZoDYUL_qpntMAUwpc_AJ4ow,18577
-pycti/entities/opencti_data_component.py,sha256=081y2bc4lz5E8esNloLNrZnIUCDicD3vKycIETwsyuE,19158
-pycti/entities/opencti_data_source.py,sha256=QeBDLuH5BZs0_rnQmXZGs0wWfxfC6qPcRFEWuAuaSaM,18046
-pycti/entities/opencti_event.py,sha256=Pam3eeR_Ytl_the-kV9IxXcfJKs2vRqN61igyDAlVE4,16706
-pycti/entities/opencti_external_reference.py,sha256=t54oKLvhbg6wY_GN10AAmJzPRjOi97zBk8m4SHoM7d4,13378
-pycti/entities/opencti_feedback.py,sha256=tK_Y3ZK2h33xQTzsjxu3x8Za3cBsgkBth_xNzEj2Hms,32314
-pycti/entities/opencti_grouping.py,sha256=Er4931oZy4rQzH4HOOOPOQotqH9HsDFoVKFXRNF-5J4,30034
-pycti/entities/opencti_identity.py,sha256=Bt6z8cNNnmPdV4iPSHb_FvO_9CGZdOHvhw9pT0llWH4,23685
-pycti/entities/opencti_incident.py,sha256=KAaqn0mnlyIKJ2whtbK0Eg8AbfQfxKvppS9hyfn_04s,18553
-pycti/entities/opencti_indicator.py,sha256=gh69C4Wu2Z08PcI2LC9p_FtKC1Qq8I1DjVsukz17kGI,20842
-pycti/entities/opencti_infrastructure.py,sha256=-hgDXR3ld2B6Man9WkFFuXOY8ELprLgNIUcyE03TSDA,19929
-pycti/entities/opencti_intrusion_set.py,sha256=MXubQhDZ6LE69z1Wj8agAZNOrGeKiXU4IZs_9B0Expg,18957
-pycti/entities/opencti_kill_chain_phase.py,sha256=643ffNdq-ZaVZPUqqLm1S6ITgKEf7N3XVAJxJM6bbbQ,7938
-pycti/entities/opencti_label.py,sha256=6RZJPIa_dXf_YNNU4xXKghfBnpNjhU5YXOaSIcB4YrM,8800
-pycti/entities/opencti_language.py,sha256=eHB7qzf_l2Mno_Wy9kF0QUdcBktWgr4kRHhb9AxT0c0,16176
-pycti/entities/opencti_location.py,sha256=QSC8klDklTcXziulPFCpn8-UqeSIzPX287vfUYVDVbY,17776
-pycti/entities/opencti_malware.py,sha256=T8P3cuG_5wVqpD8ArNnfZ1vk5CKfMCvaY8ZjskQHGnY,20355
-pycti/entities/opencti_malware_analysis.py,sha256=iHw5G1mK9LGGuuFP7Wb0740336GR5btedK2lmy8lX84,21480
-pycti/entities/opencti_marking_definition.py,sha256=2HkU58XWOZHuEFXrscshQIHW-KVyZSr02JRzBQYZirI,12862
-pycti/entities/opencti_narrative.py,sha256=tUoq5h9VleK6Q-Wt1KSXAtcLsBUEvQ559rDhgg4y-E0,17044
-pycti/entities/opencti_note.py,sha256=2VzLIxiOIT5MVWQbfNkSyooTuKvwJH7sguRrUOVNpTY,30514
-pycti/entities/opencti_observed_data.py,sha256=123sp3_Xbu1HVZW5-5_Tu8DYo_wBf6RVGPYyCIuDBtw,31126
-pycti/entities/opencti_opinion.py,sha256=SPcY8-0zRJCMle-eDLka-CFPyAqU3CnVVBtfVYhzyJE,21837
-pycti/entities/opencti_report.py,sha256=y-in19XqQ1BN0MZjKfxiOWe_0Q4Wakrj2MLrqzFpokU,35224
-pycti/entities/opencti_stix.py,sha256=uMheSg8i1f2Ozx2Mk0iShWzHHjj6MMWDtV5nDjVxKEE,2275
-pycti/entities/opencti_stix_core_object.py,sha256=Lc0-lytsEjQRWD9VkVTHPrWPgqOzqT99qwndOQIRYCw,51683
-pycti/entities/opencti_stix_core_relationship.py,sha256=ldhS0rJ9L6LrY1wvX28f9TMpVD1rVxsK-GYhH06qJFo,43944
-pycti/entities/opencti_stix_cyber_observable.py,sha256=ywZHND5Kfykurn-EUO2k0-hdpsrCHHFjpb4xONVGEt8,92094
-pycti/entities/opencti_stix_domain_object.py,sha256=LyKy5DbhtffO_sHJO3Xo1_PcuPi27pTKp_ETYhdU_zs,78894
-pycti/entities/opencti_stix_nested_ref_relationship.py,sha256=eGCF7yaEDqMsJbgvTDle0tVzRCF78CmEhE02jioUTCc,12605
-pycti/entities/opencti_stix_object_or_stix_relationship.py,sha256=5qutzML6SyYzDhZ-QpI9Vh23hzLEs-xeFAAZOpGHZ2g,18049
-pycti/entities/opencti_stix_sighting_relationship.py,sha256=OPbdanElqnAj7cLu2eh1P5PBh_54xfxnW36HX_5wnEs,28077
-pycti/entities/opencti_task.py,sha256=gDlUVyeRcIlIoh5bKtar-NmFa5_3OmMd4OkRVi_AYco,24612
-pycti/entities/opencti_threat_actor.py,sha256=lRdPhXX_HsNSE5rTwkke_U5T_FAPGD22ow2-YeZdaYc,9950
-pycti/entities/opencti_threat_actor_group.py,sha256=RLwufTb8vFvOHgV81VXf2cA1sREz12Tzwp9uRXONu88,19610
-pycti/entities/opencti_threat_actor_individual.py,sha256=b4Zqd40ehrFeaU6f_bSY6343Dg5vq6PuiDtKLXUrv78,19857
-pycti/entities/opencti_tool.py,sha256=5A20xY0fDBNLkbQP_32srjS3FXEVYGNxhe1I1YnaIbA,15237
-pycti/entities/opencti_vocabulary.py,sha256=6JfOByggvSxvkfIXk1b60T7fyWOhxZ6YFkGbSeV8F-4,5988
-pycti/entities/opencti_vulnerability.py,sha256=B-7H9_gRNDnjfspkAq3o4z8WJg_3EQ7y0iAXa9WHWkg,22547
-pycti/entities/indicator/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-pycti/entities/indicator/opencti_indicator_properties.py,sha256=2HJiBkBzbLe75Yu5AeSrTZCSKikPwwM_DeDgJCl7wm4,4953
-pycti/entities/stix_cyber_observable/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-pycti/entities/stix_cyber_observable/opencti_stix_cyber_observable_deprecated.py,sha256=BH65h6xBz7naG61t5nvBdhnGYnobNuiUZf8CJC4-nnc,1847
-pycti/entities/stix_cyber_observable/opencti_stix_cyber_observable_properties.py,sha256=MN56CW8RWZwB0Pr8UiHZy_4nSzbgFbwdhSFKpsZ_d1Y,11293
-pycti/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-pycti/utils/constants.py,sha256=ZgOVxY5bnrHiNvPgOfZLWk16sSDnaE_tg8JVjZpw24Q,11831
-pycti/utils/opencti_logger.py,sha256=0dvB75V0SuPFGxL539dAQrxTt1N5Acx0A3Ogwl5WMJ8,2199
-pycti/utils/opencti_stix2.py,sha256=NIesCMOGpBFUCNCEqyV2JexZX0-ww5E9VNfeF7xVSpc,117315
-pycti/utils/opencti_stix2_identifier.py,sha256=k8L1z4q1xdCBfxqUba4YS_kT-MmbJFxYh0RvfGOmrOs,837
-pycti/utils/opencti_stix2_splitter.py,sha256=etnAWMDzNi2JCovSUJ5Td-XLVdzgKRdsV1XfpXOGols,11070
-pycti/utils/opencti_stix2_update.py,sha256=CnMyqkeVA0jgyxEcgqna8sABU4YPMjkEJ228GVurIn4,14658
-pycti/utils/opencti_stix2_utils.py,sha256=xgBZzm7HC76rLQYwTKkaUd_w9jJnVMoryHx7KDDIB_g,5065
-pycti-6.3.13.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
-pycti-6.3.13.dist-info/METADATA,sha256=FaTSiHgjaDMCkJe3y_4cOD-eN5dPIAfzaaZMGIIGfmk,5419
-pycti-6.3.13.dist-info/WHEEL,sha256=R06PA3UVYHThwHvxuRWMqaGcr-PuniXahwjmQRFMEkY,91
-pycti-6.3.13.dist-info/top_level.txt,sha256=cqEpxitAhHP4VgSA6xmrak6Yk9MeBkwoMTB6k7d2ZnE,6
-pycti-6.3.13.dist-info/RECORD,,