PyPI - pymisp - Versions diffs - 2.5.7__py3-none-any.whl → 2.5.8__py3-none-any.whl - Mend

pymisp 2.5.7py3-none-any.whl → 2.5.8py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of pymisp might be problematic. Click here for more details.

Files changed (135) hide show

pymisp/api.py +1 -0
pymisp/data/misp-objects/objects/rmm/definition.json +1 -1
{pymisp-2.5.7.dist-info → pymisp-2.5.8.dist-info}/METADATA +4 -4
{pymisp-2.5.7.dist-info → pymisp-2.5.8.dist-info}/RECORD +6 -135
CHANGELOG.txt +0 -5380
examples/__init__.py +0 -0
examples/add_attributes_from_csv.py +0 -74
examples/add_email_object.py +0 -29
examples/add_fail2ban_object.py +0 -86
examples/add_feed.py +0 -25
examples/add_file_object.py +0 -47
examples/add_filetype_object_from_csv.py +0 -53
examples/add_generic_object.py +0 -26
examples/add_github_user.py +0 -65
examples/add_gitlab_user.py +0 -56
examples/add_named_attribute.py +0 -25
examples/add_organisations.py +0 -57
examples/add_ssh_authorized_keys.py +0 -29
examples/add_user.py +0 -22
examples/add_vehicle_object.py +0 -22
examples/addtag2.py +0 -45
examples/asciidoc_generator.py +0 -114
examples/cache_all.py +0 -10
examples/copyTagsFromAttributesToEvent.py +0 -68
examples/copy_list.py +0 -93
examples/create_events.py +0 -26
examples/cytomic_orion.py +0 -549
examples/del.py +0 -22
examples/delete_user.py +0 -16
examples/edit_organisation.py +0 -20
examples/edit_user.py +0 -20
examples/falsepositive_disabletoids.py +0 -136
examples/fetch_events_feed.py +0 -15
examples/fetch_warninglist_hits.py +0 -38
examples/freetext.py +0 -22
examples/generate_file_objects.py +0 -78
examples/generate_meta_feed.py +0 -15
examples/get.py +0 -37
examples/get_csv.py +0 -37
examples/get_network_activity.py +0 -187
examples/last.py +0 -48
examples/load_csv.py +0 -94
examples/lookup.py +0 -28
examples/misp2cef.py +0 -71
examples/misp2clamav.py +0 -52
examples/openioc_to_misp.py +0 -27
examples/proofpoint_tap.py +0 -203
examples/proofpoint_vap.py +0 -65
examples/search.py +0 -48
examples/search_attributes_yara.py +0 -40
examples/search_sighting.py +0 -42
examples/server_sync_check_conn.py +0 -32
examples/sharing_groups.py +0 -15
examples/show_sightings.py +0 -168
examples/stats_report.py +0 -405
examples/sync_sighting.py +0 -171
examples/tags.py +0 -25
examples/test_sign.py +0 -19
examples/trustar_misp.py +0 -59
examples/up.py +0 -21
examples/upload.py +0 -60
examples/users_list.py +0 -15
examples/vmray_automation.py +0 -281
examples/vt_to_misp.py +0 -182
examples/warninglists.py +0 -22
examples/yara.py +0 -38
examples/yara_dump.py +0 -98
tests/57c4445b-c548-4654-af0b-4be3950d210f.json +0 -1
tests/__init__.py +0 -0
tests/csv_testfiles/invalid_fieldnames.csv +0 -11
tests/csv_testfiles/valid_fieldnames.csv +0 -4
tests/email_testfiles/mail_1.eml.zip +0 -0
tests/email_testfiles/mail_1.msg +0 -0
tests/email_testfiles/mail_1_bom.eml +0 -858
tests/email_testfiles/mail_1_headers_only.eml +0 -28
tests/email_testfiles/mail_2.eml +0 -32
tests/email_testfiles/mail_3.eml +0 -170
tests/email_testfiles/mail_3.msg +0 -0
tests/email_testfiles/mail_4.msg +0 -0
tests/email_testfiles/mail_5.msg +0 -0
tests/email_testfiles/mail_multiple_to.eml +0 -15
tests/email_testfiles/source +0 -1
tests/git-vuln-finder-quagga.json +0 -1493
tests/misp_event.json +0 -76
tests/mispevent_testfiles/attribute.json +0 -21
tests/mispevent_testfiles/attribute_del.json +0 -23
tests/mispevent_testfiles/def_param.json +0 -53
tests/mispevent_testfiles/event.json +0 -8
tests/mispevent_testfiles/event_obj_attr_tag.json +0 -57
tests/mispevent_testfiles/event_obj_def_param.json +0 -62
tests/mispevent_testfiles/event_obj_tag.json +0 -29
tests/mispevent_testfiles/event_tags.json +0 -18
tests/mispevent_testfiles/existing_event.json +0 -4599
tests/mispevent_testfiles/existing_event_edited.json +0 -4601
tests/mispevent_testfiles/galaxy.json +0 -25
tests/mispevent_testfiles/malware.json +0 -19
tests/mispevent_testfiles/malware_exist.json +0 -163
tests/mispevent_testfiles/misp_custom_obj.json +0 -38
tests/mispevent_testfiles/overwrite_file/definition.json +0 -457
tests/mispevent_testfiles/proposals.json +0 -35
tests/mispevent_testfiles/shadow.json +0 -148
tests/mispevent_testfiles/sighting.json +0 -5
tests/mispevent_testfiles/simple.json +0 -2
tests/mispevent_testfiles/test_object_template/definition.json +0 -29
tests/new_misp_event.json +0 -34
tests/reportlab_testfiles/HTML_event.json +0 -1
tests/reportlab_testfiles/galaxy_1.json +0 -1250
tests/reportlab_testfiles/image_event.json +0 -2490
tests/reportlab_testfiles/japanese_test.json +0 -156
tests/reportlab_testfiles/japanese_test_heavy.json +0 -318
tests/reportlab_testfiles/long_event.json +0 -3730
tests/reportlab_testfiles/mainly_objects_1.json +0 -1092
tests/reportlab_testfiles/mainly_objects_2.json +0 -977
tests/reportlab_testfiles/sighting_1.json +0 -305
tests/reportlab_testfiles/sighting_2.json +0 -221
tests/reportlab_testfiles/to_delete1.json +0 -804
tests/reportlab_testfiles/to_delete2.json +0 -1
tests/reportlab_testfiles/to_delete3.json +0 -1
tests/reportlab_testfiles/very_long_event.json +0 -1006
tests/reportlab_testoutputs/to_delete1.json.pdf +0 -391
tests/reportlab_testoutputs/to_delete2.json.pdf +0 -506
tests/reportlab_testoutputs/to_delete3.json.pdf +0 -277
tests/search_index_result.json +0 -69
tests/sharing_groups.json +0 -98
tests/stix1.xml-utf8 +0 -110
tests/stix2.json +0 -1
tests/test_analyst_data.py +0 -123
tests/test_emailobject.py +0 -157
tests/test_fileobject.py +0 -20
tests/test_mispevent.py +0 -473
tests/test_reportlab.py +0 -431
tests/testlive_comprehensive.py +0 -3734
tests/testlive_sync.py +0 -474
{pymisp-2.5.7.dist-info → pymisp-2.5.8.dist-info}/LICENSE +0 -0
{pymisp-2.5.7.dist-info → pymisp-2.5.8.dist-info}/WHEEL +0 -0

tests/test_analyst_data.py DELETED Viewed

@@ -1,123 +0,0 @@
-#!/usr/bin/env python
-from __future__ import annotations
-import unittest
-from pymisp import (MISPAttribute, MISPEvent, MISPEventReport, MISPNote,
-                    MISPObject, MISPOpinion)
-from uuid import uuid4
-class TestAnalystData(unittest.TestCase):
-    def setUp(self) -> None:
-        self.note_dict = {
-            "uuid": uuid4(),
-            "note": "note3"
-        }
-        self.opinion_dict = {
-            "uuid": uuid4(),
-            "opinion": 75,
-            "comment": "Agree"
-        }
-    def test_analyst_data_on_attribute(self) -> None:
-        attribute = MISPAttribute()
-        attribute.from_dict(type='filename', value='foo.exe')
-        self._attach_analyst_data(attribute)
-    def test_analyst_data_on_attribute_alternative(self) -> None:
-        event = MISPEvent()
-        event.info = 'Test on Attribute'
-        event.add_attribute('domain', 'foo.bar')
-        self._attach_analyst_data(event.attributes[0])
-    def test_analyst_data_on_event(self) -> None:
-        event = MISPEvent()
-        event.info = 'Test Event'
-        self._attach_analyst_data(event)
-    def test_analyst_data_on_event_report(self) -> None:
-        event_report = MISPEventReport()
-        event_report.from_dict(name='Test Report', content='This is a report')
-        self._attach_analyst_data(event_report)
-    def test_analyst_data_on_event_report_alternative(self) -> None:
-        event = MISPEvent()
-        event.info = 'Test on Event Report'
-        event.add_event_report('Test Report', 'This is a report')
-        self._attach_analyst_data(event.event_reports[0])
-    def test_analyst_data_on_object(self) -> None:
-        misp_object = MISPObject('file')
-        misp_object.add_attribute('filename', 'foo.exe')
-        self._attach_analyst_data(misp_object)
-    def test_analyst_data_on_object_alternative(self) -> None:
-        event = MISPEvent()
-        event.info = 'Test on Object'
-        misp_object = MISPObject('file')
-        misp_object.add_attribute('filename', 'foo.exe')
-        event.add_object(misp_object)
-        self._attach_analyst_data(event.objects[0])
-    def test_analyst_data_on_object_attribute(self) -> None:
-        misp_object = MISPObject('file')
-        object_attribute = misp_object.add_attribute('filename', 'foo.exe')
-        self._attach_analyst_data(object_attribute)
-    def test_analyst_data_object_object_attribute_alternative(self) -> None:
-        misp_object = MISPObject('file')
-        misp_object.add_attribute('filename', 'foo.exe')
-        self._attach_analyst_data(misp_object.attributes[0])
-    def _attach_analyst_data(
-            self, container: MISPAttribute | MISPEvent | MISPEventReport | MISPObject) -> None:
-        object_type = container._analyst_data_object_type
-        note1 = container.add_note(note='note1')
-        opinion1 = note1.add_opinion(opinion=25, comment='Disagree')
-        opinion2 = container.add_opinion(opinion=50, comment='Neutral')
-        note2 = opinion2.add_note(note='note2')
-        dict_note = MISPNote()
-        dict_note.from_dict(
-            object_type=object_type, object_uuid=container.uuid, **self.note_dict
-        )
-        note3 = container.add_note(**dict_note)
-        dict_opinion = MISPOpinion()
-        dict_opinion.from_dict(
-            object_type='Note', object_uuid=note3.uuid, **self.opinion_dict
-        )
-        container.add_opinion(**dict_opinion)
-        self.assertEqual(len(container.notes), 3)
-        self.assertEqual(len(container.opinions), 3)
-        misp_note1, misp_note2, misp_note3 = container.notes
-        misp_opinion1, misp_opinion2, misp_opinion3 = container.opinions
-        self.assertEqual(misp_note1.object_type, object_type)
-        self.assertEqual(misp_note1.object_uuid, container.uuid)
-        self.assertEqual(misp_note1.note, 'note1')
-        self.assertEqual(misp_note2.object_type, 'Opinion')
-        self.assertEqual(misp_note2.object_uuid, opinion2.uuid)
-        self.assertEqual(misp_note2.note, 'note2')
-        self.assertEqual(misp_note3.object_type, object_type)
-        self.assertEqual(misp_note3.object_uuid, container.uuid)
-        self.assertEqual(misp_note3.note, 'note3')
-        self.assertEqual(misp_opinion1.object_type, 'Note')
-        self.assertEqual(misp_opinion1.object_uuid, note1.uuid)
-        self.assertEqual(misp_opinion1.opinion, 25)
-        self.assertEqual(misp_opinion1.comment, 'Disagree')
-        self.assertEqual(misp_opinion2.object_type, object_type)
-        self.assertEqual(misp_opinion2.object_uuid, container.uuid)
-        self.assertEqual(misp_opinion2.opinion, 50)
-        self.assertEqual(misp_opinion2.comment, 'Neutral')
-        self.assertEqual(misp_opinion3.object_type, 'Note')
-        self.assertEqual(misp_opinion3.object_uuid, note3.uuid)
-        self.assertEqual(misp_opinion3.opinion, 75)
-        self.assertEqual(misp_opinion3.comment, 'Agree')

tests/test_emailobject.py DELETED Viewed

@@ -1,157 +0,0 @@
-from __future__ import annotations
-# import json
-import unittest
-from email.message import EmailMessage
-from io import BytesIO
-from os import urandom
-from pathlib import Path
-from typing import TypeVar, Type
-from zipfile import ZipFile
-from pymisp.tools import EMailObject
-from pymisp.exceptions import PyMISPNotImplementedYet, InvalidMISPObject
-T = TypeVar('T', bound='TestEmailObject')
-class TestEmailObject(unittest.TestCase):
-    eml_1: BytesIO
-    @classmethod
-    def setUpClass(cls: type[T]) -> None:
-        with ZipFile(Path("tests/email_testfiles/mail_1.eml.zip"), 'r') as myzip:
-            with myzip.open('mail_1.eml', pwd=b'AVs are dumb') as myfile:
-                cls.eml_1 = BytesIO(myfile.read())
-    def test_mail_1(self) -> None:
-        email_object = EMailObject(pseudofile=self.eml_1)
-        self.assertEqual(self._get_values(email_object, "subject")[0], "письмо уведом-е")
-        self.assertEqual(self._get_values(email_object, "to")[0], "kinney@noth.com")
-        self.assertEqual(self._get_values(email_object, "from")[0], "suvorov.s@nalg.ru")
-        self.assertEqual(self._get_values(email_object, "from-display-name")[0], "служба ФНС Даниил Суворов")
-        self.assertEqual(len(self._get_values(email_object, "email-body")), 1)
-        self.assertEqual(self._get_values(email_object, "received-header-ip"),
-                         ['64.98.42.207', '2603:10b6:207:3d::31',
-                          '2a01:111:f400:7e49::205', '43.230.105.145'])
-        self.assertIsInstance(email_object.email, EmailMessage)
-        for file_name, file_content in email_object.attachments:
-            self.assertIsInstance(file_name, str)
-            self.assertIsInstance(file_content, BytesIO)
-    def test_mail_1_headers_only(self) -> None:
-        email_object = EMailObject(Path("tests/email_testfiles/mail_1_headers_only.eml"))
-        self.assertEqual(self._get_values(email_object, "subject")[0], "письмо уведом-е")
-        self.assertEqual(self._get_values(email_object, "to")[0], "kinney@noth.com")
-        self.assertEqual(self._get_values(email_object, "from")[0], "suvorov.s@nalg.ru")
-        self.assertEqual(len(self._get_values(email_object, "email-body")), 0)
-        self.assertIsInstance(email_object.email, EmailMessage)
-        self.assertEqual(len(email_object.attachments), 0)
-    def test_mail_multiple_to(self) -> None:
-        email_object = EMailObject(Path("tests/email_testfiles/mail_multiple_to.eml"))
-        to = self._get_values(email_object, "to")
-        to_display_name = self._get_values(email_object, "to-display-name")
-        self.assertEqual(to[0], "jan.novak@example.com")
-        self.assertEqual(to_display_name[0], "Novak, Jan")
-        self.assertEqual(to[1], "jan.marek@example.com")
-        self.assertEqual(to_display_name[1], "Marek, Jan")
-    def test_msg(self) -> None:
-        # Test result of eml converted to msg is the same
-        eml_email_object = EMailObject(pseudofile=self.eml_1)
-        email_object = EMailObject(Path("tests/email_testfiles/mail_1.msg"))
-        self.assertIsInstance(email_object.email, EmailMessage)
-        for file_name, file_content in email_object.attachments:
-            self.assertIsInstance(file_name, str)
-            self.assertIsInstance(file_content, BytesIO)
-        self.assertEqual(self._get_values(email_object, "subject")[0],
-                         self._get_values(eml_email_object, "subject")[0])
-        self.assertEqual(self._get_values(email_object, "to")[0],
-                         self._get_values(eml_email_object, "to")[0])
-        self.assertEqual(self._get_values(email_object, "from")[0],
-                         self._get_values(eml_email_object, "from")[0])
-        self.assertEqual(self._get_values(email_object, "from-display-name")[0],
-                         self._get_values(eml_email_object, "from-display-name")[0])
-        self.assertEqual(len(self._get_values(email_object, "email-body")), 2)
-        self.assertEqual(self._get_values(email_object, "received-header-ip"),
-                         self._get_values(eml_email_object, "received-header-ip"))
-    def test_bom_encoded(self) -> None:
-        """Test utf-8-sig encoded email"""
-        bom_email_object = EMailObject(Path("tests/email_testfiles/mail_1_bom.eml"))
-        eml_email_object = EMailObject(pseudofile=self.eml_1)
-        self.assertIsInstance(bom_email_object.email, EmailMessage)
-        for file_name, file_content in bom_email_object.attachments:
-            self.assertIsInstance(file_name, str)
-            self.assertIsInstance(file_content, BytesIO)
-        self.assertEqual(self._get_values(bom_email_object, "subject")[0],
-                         self._get_values(eml_email_object, "subject")[0])
-        self.assertEqual(self._get_values(bom_email_object, "to")[0],
-                         self._get_values(eml_email_object, "to")[0])
-        self.assertEqual(self._get_values(bom_email_object, "from")[0],
-                         self._get_values(eml_email_object, "from")[0])
-        self.assertEqual(self._get_values(bom_email_object, "from-display-name")[0],
-                         self._get_values(eml_email_object, "from-display-name")[0])
-        self.assertEqual(len(self._get_values(bom_email_object, "email-body")), 1)
-        self.assertEqual(self._get_values(bom_email_object, "received-header-ip"),
-                         self._get_values(eml_email_object, "received-header-ip"))
-    def test_handling_of_various_email_types(self) -> None:
-        self._does_not_fail(Path("tests/email_testfiles/mail_2.eml"),
-                            "ensuring all headers work")
-        self._does_not_fail(Path('tests/email_testfiles/mail_3.eml'),
-                            "Check for related content in emails emls")
-        self._does_not_fail(Path('tests/email_testfiles/mail_3.msg'),
-                            "Check for related content in emails msgs")
-        self._does_not_fail(Path('tests/email_testfiles/mail_4.msg'),
-                            "Check that HTML without specific encoding")
-        self._does_not_fail(Path('tests/email_testfiles/mail_5.msg'),
-                            "Check encapsulated HTML works")
-    def _does_not_fail(self, path: Path, test_type: str="test") -> None:
-        found_error = None
-        try:
-            EMailObject(path)
-        except Exception as _e:
-            found_error = _e
-        if found_error is not None:
-            self.fail('Error {} raised when parsing test email {} which tests against {}. It should not have raised an error.'.format(
-                type(found_error),
-                path,
-                test_type))
-    def test_random_binary_blob(self) -> None:
-        """Email parser fails correctly on random binary blob."""
-        random_data = urandom(1024)
-        random_blob = BytesIO(random_data)
-        found_error = None
-        try:
-            broken_obj = EMailObject(pseudofile=random_data)
-        except Exception as _e:
-            found_error = _e
-        if not isinstance(found_error, InvalidMISPObject):
-            self.fail("Expected InvalidMISPObject when EmailObject receives completely unknown binary input data. But, did not get that exception.")
-        try:
-            broken_obj = EMailObject(pseudofile=random_blob)
-        except Exception as _e:
-            found_error = _e
-        if not isinstance(found_error, InvalidMISPObject):
-            self.fail("Expected InvalidMISPObject when EmailObject receives completely unknown binary input data in a pseudofile. But, did not get that exception.")
-    @staticmethod
-    def _get_values(obj: EMailObject, relation: str) -> list[str]:
-        return [attr.value for attr in obj.attributes if attr['object_relation'] == relation]

tests/test_fileobject.py DELETED Viewed

@@ -1,20 +0,0 @@
-#!/usr/bin/env python
-from __future__ import annotations
-import unittest
-import json
-from pymisp.tools import FileObject
-import pathlib
-class TestFileObject(unittest.TestCase):
-    def test_mimeType(self) -> None:
-        file_object = FileObject(filepath=pathlib.Path(__file__))
-        attributes = json.loads(file_object.to_json())['Attribute']
-        mime = next(attr for attr in attributes if attr['object_relation'] == 'mimetype')
-        # was "Python script, ASCII text executable"
-        # libmagic on linux: 'text/x-python'
-        # libmagic on os x:  'text/x-script.python'
-        self.assertEqual(mime['value'][:7], 'text/x-')
-        self.assertEqual(mime['value'][-6:], 'python')

pymisp 2.5.7__py3-none-any.whl → 2.5.8__py3-none-any.whl

Potentially problematic release.

pymisp 2.5.7py3-none-any.whl → 2.5.8py3-none-any.whl