txt2stix 0.0.4__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (119) hide show
  1. txt2stix/__init__.py +33 -0
  2. txt2stix/ai_extractor/__init__.py +15 -0
  3. txt2stix/ai_extractor/anthropic.py +12 -0
  4. txt2stix/ai_extractor/base.py +87 -0
  5. txt2stix/ai_extractor/deepseek.py +19 -0
  6. txt2stix/ai_extractor/gemini.py +18 -0
  7. txt2stix/ai_extractor/openai.py +15 -0
  8. txt2stix/ai_extractor/openrouter.py +20 -0
  9. txt2stix/ai_extractor/prompts.py +164 -0
  10. txt2stix/ai_extractor/utils.py +85 -0
  11. txt2stix/attack_flow.py +101 -0
  12. txt2stix/bundler.py +428 -0
  13. txt2stix/common.py +23 -0
  14. txt2stix/extractions.py +59 -0
  15. txt2stix/includes/__init__.py +0 -0
  16. txt2stix/includes/extractions/ai/config.yaml +1023 -0
  17. txt2stix/includes/extractions/lookup/config.yaml +393 -0
  18. txt2stix/includes/extractions/pattern/config.yaml +609 -0
  19. txt2stix/includes/helpers/mimetype_filename_extension_list.csv +936 -0
  20. txt2stix/includes/helpers/stix_relationship_types.txt +41 -0
  21. txt2stix/includes/helpers/tlds.txt +1446 -0
  22. txt2stix/includes/helpers/windows_registry_key_prefix.txt +12 -0
  23. txt2stix/includes/lookups/_README.md +11 -0
  24. txt2stix/includes/lookups/_generate_lookups.py +247 -0
  25. txt2stix/includes/lookups/attack_pattern.txt +1 -0
  26. txt2stix/includes/lookups/campaign.txt +1 -0
  27. txt2stix/includes/lookups/country_iso3166_alpha2.txt +249 -0
  28. txt2stix/includes/lookups/course_of_action.txt +1 -0
  29. txt2stix/includes/lookups/disarm_id_v1_5.txt +345 -0
  30. txt2stix/includes/lookups/disarm_name_v1_5.txt +347 -0
  31. txt2stix/includes/lookups/extensions.txt +78 -0
  32. txt2stix/includes/lookups/identity.txt +1 -0
  33. txt2stix/includes/lookups/infrastructure.txt +1 -0
  34. txt2stix/includes/lookups/intrusion_set.txt +1 -0
  35. txt2stix/includes/lookups/malware.txt +2 -0
  36. txt2stix/includes/lookups/mitre_atlas_id_v4_5_2.txt +116 -0
  37. txt2stix/includes/lookups/mitre_atlas_name_v4_5_2.txt +117 -0
  38. txt2stix/includes/lookups/mitre_attack_enterprise_aliases_v16_0.txt +1502 -0
  39. txt2stix/includes/lookups/mitre_attack_enterprise_id_v16_0.txt +1656 -0
  40. txt2stix/includes/lookups/mitre_attack_enterprise_name_v16_0.txt +1765 -0
  41. txt2stix/includes/lookups/mitre_attack_ics_aliases_v16_0.txt +141 -0
  42. txt2stix/includes/lookups/mitre_attack_ics_id_v16_0.txt +254 -0
  43. txt2stix/includes/lookups/mitre_attack_ics_name_v16_0.txt +293 -0
  44. txt2stix/includes/lookups/mitre_attack_mobile_aliases_v16_0.txt +159 -0
  45. txt2stix/includes/lookups/mitre_attack_mobile_id_v16_0.txt +277 -0
  46. txt2stix/includes/lookups/mitre_attack_mobile_name_v16_0.txt +296 -0
  47. txt2stix/includes/lookups/mitre_capec_id_v3_9.txt +559 -0
  48. txt2stix/includes/lookups/mitre_capec_name_v3_9.txt +560 -0
  49. txt2stix/includes/lookups/mitre_cwe_id_v4_15.txt +939 -0
  50. txt2stix/includes/lookups/mitre_cwe_name_v4_15.txt +939 -0
  51. txt2stix/includes/lookups/threat_actor.txt +1 -0
  52. txt2stix/includes/lookups/tld.txt +1422 -0
  53. txt2stix/includes/lookups/tool.txt +1 -0
  54. txt2stix/includes/tests/test_cases.yaml +695 -0
  55. txt2stix/indicator.py +860 -0
  56. txt2stix/lookups.py +68 -0
  57. txt2stix/pattern/__init__.py +13 -0
  58. txt2stix/pattern/extractors/__init__.py +0 -0
  59. txt2stix/pattern/extractors/base_extractor.py +167 -0
  60. txt2stix/pattern/extractors/card/README.md +34 -0
  61. txt2stix/pattern/extractors/card/__init__.py +15 -0
  62. txt2stix/pattern/extractors/card/amex_card_extractor.py +52 -0
  63. txt2stix/pattern/extractors/card/diners_card_extractor.py +47 -0
  64. txt2stix/pattern/extractors/card/discover_card_extractor.py +48 -0
  65. txt2stix/pattern/extractors/card/jcb_card_extractor.py +43 -0
  66. txt2stix/pattern/extractors/card/master_card_extractor.py +63 -0
  67. txt2stix/pattern/extractors/card/union_card_extractor.py +38 -0
  68. txt2stix/pattern/extractors/card/visa_card_extractor.py +46 -0
  69. txt2stix/pattern/extractors/crypto/__init__.py +3 -0
  70. txt2stix/pattern/extractors/crypto/btc_extractor.py +38 -0
  71. txt2stix/pattern/extractors/directory/__init__.py +10 -0
  72. txt2stix/pattern/extractors/directory/unix_directory_extractor.py +40 -0
  73. txt2stix/pattern/extractors/directory/unix_file_path_extractor.py +42 -0
  74. txt2stix/pattern/extractors/directory/windows_directory_path_extractor.py +47 -0
  75. txt2stix/pattern/extractors/directory/windows_file_path_extractor.py +42 -0
  76. txt2stix/pattern/extractors/domain/__init__.py +8 -0
  77. txt2stix/pattern/extractors/domain/domain_extractor.py +39 -0
  78. txt2stix/pattern/extractors/domain/hostname_extractor.py +36 -0
  79. txt2stix/pattern/extractors/domain/sub_domain_extractor.py +49 -0
  80. txt2stix/pattern/extractors/hashes/__init__.py +16 -0
  81. txt2stix/pattern/extractors/hashes/md5_extractor.py +16 -0
  82. txt2stix/pattern/extractors/hashes/sha1_extractor.py +14 -0
  83. txt2stix/pattern/extractors/hashes/sha224_extractor.py +18 -0
  84. txt2stix/pattern/extractors/hashes/sha2_256_exactor.py +14 -0
  85. txt2stix/pattern/extractors/hashes/sha2_512_exactor.py +13 -0
  86. txt2stix/pattern/extractors/hashes/sha3_256_exactor.py +15 -0
  87. txt2stix/pattern/extractors/hashes/sha3_512_exactor.py +16 -0
  88. txt2stix/pattern/extractors/helper.py +64 -0
  89. txt2stix/pattern/extractors/ip/__init__.py +14 -0
  90. txt2stix/pattern/extractors/ip/ipv4_cidr_extractor.py +49 -0
  91. txt2stix/pattern/extractors/ip/ipv4_extractor.py +18 -0
  92. txt2stix/pattern/extractors/ip/ipv4_port_extractor.py +42 -0
  93. txt2stix/pattern/extractors/ip/ipv6_cidr_extractor.py +18 -0
  94. txt2stix/pattern/extractors/ip/ipv6_extractor.py +16 -0
  95. txt2stix/pattern/extractors/ip/ipv6_port_extractor.py +46 -0
  96. txt2stix/pattern/extractors/others/__init__.py +22 -0
  97. txt2stix/pattern/extractors/others/asn_extractor.py +14 -0
  98. txt2stix/pattern/extractors/others/cpe_extractor.py +29 -0
  99. txt2stix/pattern/extractors/others/cve_extractor.py +14 -0
  100. txt2stix/pattern/extractors/others/email_extractor.py +21 -0
  101. txt2stix/pattern/extractors/others/filename_extractor.py +17 -0
  102. txt2stix/pattern/extractors/others/iban_extractor.py +15 -0
  103. txt2stix/pattern/extractors/others/mac_address_extractor.py +13 -0
  104. txt2stix/pattern/extractors/others/phonenumber_extractor.py +41 -0
  105. txt2stix/pattern/extractors/others/user_agent_extractor.py +20 -0
  106. txt2stix/pattern/extractors/others/windows_registry_key_extractor.py +18 -0
  107. txt2stix/pattern/extractors/url/__init__.py +7 -0
  108. txt2stix/pattern/extractors/url/url_extractor.py +22 -0
  109. txt2stix/pattern/extractors/url/url_file_extractor.py +21 -0
  110. txt2stix/pattern/extractors/url/url_path_extractor.py +74 -0
  111. txt2stix/retriever.py +126 -0
  112. txt2stix/stix.py +1 -0
  113. txt2stix/txt2stix.py +336 -0
  114. txt2stix/utils.py +86 -0
  115. txt2stix-0.0.4.dist-info/METADATA +190 -0
  116. txt2stix-0.0.4.dist-info/RECORD +119 -0
  117. txt2stix-0.0.4.dist-info/WHEEL +4 -0
  118. txt2stix-0.0.4.dist-info/entry_points.txt +2 -0
  119. txt2stix-0.0.4.dist-info/licenses/LICENSE +202 -0
txt2stix/includes/lookups/extensions.txt ADDED
@@ -0,0 +1,78 @@
1
+ sln
2
+ bat
3
+ bmp
4
+ cer
5
+ cmd
6
+ chm
7
+ dll
8
+ doc
9
+ docx
10
+ exe
11
+ gif
12
+ jpg
13
+ js
14
+ log
15
+ p7s
16
+ pdf
17
+ php
18
+ ppt
19
+ pptx
20
+ rar
21
+ swf
22
+ sys
23
+ tmp
24
+ txt
25
+ vbs
26
+ xls
27
+ xlsx
28
+ zip
29
+ msg
30
+ lnk
31
+ odt
32
+ inf
33
+ msi
34
+ java
35
+ class
36
+ jar
37
+ apk
38
+ app
39
+ wsf
40
+ gadget
41
+ cgi
42
+ swf
43
+ js
44
+ py
45
+ crx
46
+ plugin
47
+ flv
48
+ m4v
49
+ mov
50
+ mp4
51
+ mpg
52
+ swf
53
+ wmv
54
+ bmp
55
+ gif
56
+ jpg
57
+ png
58
+ psd
59
+ svg
60
+ tif
61
+ tiff
62
+ 7z
63
+ deb
64
+ rpm
65
+ tar
66
+ gz
67
+ tgz
68
+ zip
69
+ zipx
70
+ cab
71
+ vir
72
+ so
73
+ pf
74
+ sh
75
+ html
76
+ pdf,
77
+ htm
78
+ html,
txt2stix/includes/lookups/identity.txt ADDED
@@ -0,0 +1 @@
1
+ Franistan Intelligence
txt2stix/includes/lookups/infrastructure.txt ADDED
@@ -0,0 +1 @@
1
+ C2 Server
txt2stix/includes/lookups/intrusion_set.txt ADDED
@@ -0,0 +1 @@
1
+ APT BPP
txt2stix/includes/lookups/malware.txt ADDED
@@ -0,0 +1,2 @@
1
+ revil
2
+ Sodinokibi
txt2stix/includes/lookups/mitre_atlas_id_v4_5_2.txt ADDED
@@ -0,0 +1,116 @@
1
+ AML.M0000
2
+ AML.M0001
3
+ AML.M0002
4
+ AML.M0003
5
+ AML.M0004
6
+ AML.M0005
7
+ AML.M0006
8
+ AML.M0007
9
+ AML.M0008
10
+ AML.M0009
11
+ AML.M0010
12
+ AML.M0011
13
+ AML.M0012
14
+ AML.M0013
15
+ AML.M0014
16
+ AML.M0015
17
+ AML.M0016
18
+ AML.M0017
19
+ AML.M0018
20
+ AML.M0019
21
+ AML.T0000
22
+ AML.T0000.000
23
+ AML.T0000.001
24
+ AML.T0000.002
25
+ AML.T0001
26
+ AML.T0002
27
+ AML.T0002.000
28
+ AML.T0002.001
29
+ AML.T0003
30
+ AML.T0004
31
+ AML.T0005
32
+ AML.T0005.000
33
+ AML.T0005.001
34
+ AML.T0005.002
35
+ AML.T0006
36
+ AML.T0007
37
+ AML.T0008
38
+ AML.T0008.000
39
+ AML.T0008.001
40
+ AML.T0010
41
+ AML.T0010.000
42
+ AML.T0010.001
43
+ AML.T0010.002
44
+ AML.T0010.003
45
+ AML.T0011
46
+ AML.T0011.000
47
+ AML.T0012
48
+ AML.T0013
49
+ AML.T0014
50
+ AML.T0015
51
+ AML.T0016
52
+ AML.T0016.000
53
+ AML.T0016.001
54
+ AML.T0017
55
+ AML.T0017.000
56
+ AML.T0018
57
+ AML.T0018.000
58
+ AML.T0018.001
59
+ AML.T0019
60
+ AML.T0020
61
+ AML.T0021
62
+ AML.T0024
63
+ AML.T0024.000
64
+ AML.T0024.001
65
+ AML.T0024.002
66
+ AML.T0025
67
+ AML.T0029
68
+ AML.T0031
69
+ AML.T0034
70
+ AML.T0035
71
+ AML.T0036
72
+ AML.T0037
73
+ AML.T0040
74
+ AML.T0041
75
+ AML.T0042
76
+ AML.T0043
77
+ AML.T0043.000
78
+ AML.T0043.001
79
+ AML.T0043.002
80
+ AML.T0043.003
81
+ AML.T0043.004
82
+ AML.T0044
83
+ AML.T0046
84
+ AML.T0047
85
+ AML.T0048
86
+ AML.T0048.000
87
+ AML.T0048.001
88
+ AML.T0048.002
89
+ AML.T0048.003
90
+ AML.T0048.004
91
+ AML.T0049
92
+ AML.T0050
93
+ AML.T0051
94
+ AML.T0051.000
95
+ AML.T0051.001
96
+ AML.T0052
97
+ AML.T0052.000
98
+ AML.T0053
99
+ AML.T0054
100
+ AML.T0055
101
+ AML.T0056
102
+ AML.T0057
103
+ AML.TA0000
104
+ AML.TA0001
105
+ AML.TA0002
106
+ AML.TA0003
107
+ AML.TA0004
108
+ AML.TA0005
109
+ AML.TA0006
110
+ AML.TA0007
111
+ AML.TA0008
112
+ AML.TA0009
113
+ AML.TA0010
114
+ AML.TA0011
115
+ AML.TA0012
116
+ AML.TA0013
txt2stix/includes/lookups/mitre_atlas_name_v4_5_2.txt ADDED
@@ -0,0 +1,117 @@
1
+ Reconnaissance
2
+ Resource Development
3
+ Initial Access
4
+ ML Model Access
5
+ Execution
6
+ Persistence
7
+ Privilege Escalation
8
+ Defense Evasion
9
+ Credential Access
10
+ Discovery
11
+ Collection
12
+ ML Attack Staging
13
+ Exfiltration
14
+ Impact
15
+ Search for Victim's Publicly Available Research Materials
16
+ Journals and Conference Proceedings
17
+ Pre-Print Repositories
18
+ Technical Blogs
19
+ Search for Publicly Available Adversarial Vulnerability Analysis
20
+ Search Victim-Owned Websites
21
+ Search Application Repositories
22
+ Active Scanning
23
+ Acquire Public ML Artifacts
24
+ Datasets
25
+ Models
26
+ Obtain Capabilities
27
+ Adversarial ML Attack Implementations
28
+ Software Tools
29
+ Develop Capabilities
30
+ Adversarial ML Attacks
31
+ Acquire Infrastructure
32
+ ML Development Workspaces
33
+ Consumer Hardware
34
+ Publish Poisoned Datasets
35
+ ML Supply Chain Compromise
36
+ GPU Hardware
37
+ ML Software
38
+ Data
39
+ Model
40
+ ML Model Inference API Access
41
+ ML-Enabled Product or Service
42
+ Physical Environment Access
43
+ Full ML Model Access
44
+ Discover ML Model Ontology
45
+ Discover ML Model Family
46
+ Poison Training Data
47
+ Establish Accounts
48
+ Create Proxy ML Model
49
+ Train Proxy via Gathered ML Artifacts
50
+ Train Proxy via Replication
51
+ Use Pre-Trained Model
52
+ Discover ML Artifacts
53
+ User Execution
54
+ Unsafe ML Artifacts
55
+ Valid Accounts
56
+ Evade ML Model
57
+ Backdoor ML Model
58
+ Poison ML Model
59
+ Inject Payload
60
+ Exfiltration via ML Inference API
61
+ Infer Training Data Membership
62
+ Invert ML Model
63
+ Extract ML Model
64
+ Exfiltration via Cyber Means
65
+ Denial of ML Service
66
+ Spamming ML System with Chaff Data
67
+ Erode ML Model Integrity
68
+ Cost Harvesting
69
+ ML Artifact Collection
70
+ Data from Information Repositories
71
+ Data from Local System
72
+ Verify Attack
73
+ Craft Adversarial Data
74
+ White-Box Optimization
75
+ Black-Box Optimization
76
+ Black-Box Transfer
77
+ Manual Modification
78
+ Insert Backdoor Trigger
79
+ External Harms
80
+ Financial Harm
81
+ Reputational Harm
82
+ Societal Harm
83
+ User Harm
84
+ ML Intellectual Property Theft
85
+ Exploit Public-Facing Application
86
+ Command and Scripting Interpreter
87
+ LLM Prompt Injection
88
+ Direct
89
+ Indirect
90
+ Phishing
91
+ Spearphishing via Social Engineering LLM
92
+ LLM Plugin Compromise
93
+ LLM Jailbreak
94
+ Unsecured Credentials
95
+ LLM Meta Prompt Extraction
96
+ LLM Data Leakage
97
+ Limit Release of Public Information
98
+ Limit Model Artifact Release
99
+ Passive ML Output Obfuscation
100
+ Model Hardening
101
+ Restrict Number of ML Model Queries
102
+ Control Access to ML Models and Data at Rest
103
+ Use Ensemble Methods
104
+ Sanitize Training Data
105
+ Validate ML Model
106
+ Use Multi-Modal Sensors
107
+ Input Restoration
108
+ Restrict Library Loading
109
+ Encrypt Sensitive Information
110
+ Code Signing
111
+ Verify ML Artifacts
112
+ Adversarial Input Detection
113
+ Vulnerability Scanning
114
+ Model Distribution Methods
115
+ User Training
116
+ Control Access to ML Models and Data in Production
117
+ ATLAS