txt2stix 1.0.11__tar.gz → 1.0.13__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (261) hide show
  1. {txt2stix-1.0.11 → txt2stix-1.0.13}/PKG-INFO +1 -1
  2. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/extractions/ai/config.yaml +6 -6
  3. {txt2stix-1.0.11 → txt2stix-1.0.13}/pyproject.toml +1 -1
  4. txt2stix-1.0.13/tests/data/manually_generated_reports/ai_index_position.txt +2 -0
  5. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/manual-tests/cases-standard-tests.md +17 -0
  6. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/ai_extractor/base.py +7 -2
  7. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/ai_extractor/utils.py +2 -7
  8. {txt2stix-1.0.11 → txt2stix-1.0.13}/.env.example +0 -0
  9. {txt2stix-1.0.11 → txt2stix-1.0.13}/.env.markdown +0 -0
  10. {txt2stix-1.0.11 → txt2stix-1.0.13}/.github/workflows/create-release.yml +0 -0
  11. {txt2stix-1.0.11 → txt2stix-1.0.13}/.github/workflows/run-tests.yml +0 -0
  12. {txt2stix-1.0.11 → txt2stix-1.0.13}/.gitignore +0 -0
  13. {txt2stix-1.0.11 → txt2stix-1.0.13}/LICENSE +0 -0
  14. {txt2stix-1.0.11 → txt2stix-1.0.13}/README.md +0 -0
  15. {txt2stix-1.0.11 → txt2stix-1.0.13}/docs/README.md +0 -0
  16. {txt2stix-1.0.11 → txt2stix-1.0.13}/docs/stix-mapping.md +0 -0
  17. {txt2stix-1.0.11 → txt2stix-1.0.13}/docs/txt2stix.png +0 -0
  18. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/__init__.py +0 -0
  19. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/extractions/lookup/config.yaml +0 -0
  20. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/extractions/pattern/config.yaml +0 -0
  21. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/helpers/mimetype_filename_extension_list.csv +0 -0
  22. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/helpers/stix_relationship_types.txt +0 -0
  23. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/helpers/tlds.txt +0 -0
  24. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/helpers/windows_registry_key_prefix.txt +0 -0
  25. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/_README.md +0 -0
  26. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/_generate_lookups.py +0 -0
  27. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/attack_pattern.txt +0 -0
  28. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/campaign.txt +0 -0
  29. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/country_iso3166_alpha2.txt +0 -0
  30. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/course_of_action.txt +0 -0
  31. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/disarm_id_v1_5.txt +0 -0
  32. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/disarm_name_v1_5.txt +0 -0
  33. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/extensions.txt +0 -0
  34. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/identity.txt +0 -0
  35. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/infrastructure.txt +0 -0
  36. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/intrusion_set.txt +0 -0
  37. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/malware.txt +0 -0
  38. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/mitre_atlas_id_v4_5_2.txt +0 -0
  39. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/mitre_atlas_name_v4_5_2.txt +0 -0
  40. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/mitre_attack_enterprise_aliases_v16_0.txt +0 -0
  41. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/mitre_attack_enterprise_id_v16_0.txt +0 -0
  42. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/mitre_attack_enterprise_name_v16_0.txt +0 -0
  43. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/mitre_attack_ics_aliases_v16_0.txt +0 -0
  44. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/mitre_attack_ics_id_v16_0.txt +0 -0
  45. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/mitre_attack_ics_name_v16_0.txt +0 -0
  46. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/mitre_attack_mobile_aliases_v16_0.txt +0 -0
  47. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/mitre_attack_mobile_id_v16_0.txt +0 -0
  48. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/mitre_attack_mobile_name_v16_0.txt +0 -0
  49. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/mitre_capec_id_v3_9.txt +0 -0
  50. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/mitre_capec_name_v3_9.txt +0 -0
  51. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/mitre_cwe_id_v4_15.txt +0 -0
  52. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/mitre_cwe_name_v4_15.txt +0 -0
  53. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/threat_actor.txt +0 -0
  54. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/tld.txt +0 -0
  55. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/lookups/tool.txt +0 -0
  56. {txt2stix-1.0.11 → txt2stix-1.0.13}/includes/tests/test_cases.yaml +0 -0
  57. {txt2stix-1.0.11 → txt2stix-1.0.13}/requirements.txt +0 -0
  58. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/README.md +0 -0
  59. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/ai_country.txt +0 -0
  60. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/ai_mitre_attack_enterprise.txt +0 -0
  61. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/ai_mitre_attack_ics.txt +0 -0
  62. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/ai_mitre_attack_mobile.txt +0 -0
  63. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/ai_mitre_capec.txt +0 -0
  64. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/ai_mitre_cwe.txt +0 -0
  65. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/all_cases.txt +0 -0
  66. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_autonomous_system_number.txt +0 -0
  67. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_bank_card_all.txt +0 -0
  68. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_bank_card_amex.txt +0 -0
  69. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_bank_card_diners.txt +0 -0
  70. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_bank_card_discover.txt +0 -0
  71. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_bank_card_jcb.txt +0 -0
  72. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_bank_card_mastercard.txt +0 -0
  73. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_bank_card_union_pay.txt +0 -0
  74. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_bank_card_visa.txt +0 -0
  75. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_country_alpha2.txt +0 -0
  76. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_cpe_uri.txt +0 -0
  77. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_cryptocurrency_btc_transaction.txt +0 -0
  78. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_cryptocurrency_btc_wallet.txt +0 -0
  79. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_cryptocurrency_eth_transaction.txt +0 -0
  80. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_cryptocurrency_eth_wallet.txt +0 -0
  81. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_cryptocurrency_xmr_transaction.txt +0 -0
  82. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_cryptocurrency_xmr_wallet.txt +0 -0
  83. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_cve_id.txt +0 -0
  84. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_directory_unix.txt +0 -0
  85. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_directory_unix_file.txt +0 -0
  86. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_directory_windows.txt +0 -0
  87. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_directory_windows_with_file.txt +0 -0
  88. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_disarm.txt +0 -0
  89. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_disarm_name.txt +0 -0
  90. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_domain_name_only.txt +0 -0
  91. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_domain_name_subdomain.txt +0 -0
  92. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_email_address.txt +0 -0
  93. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_file_hash_md5.txt +0 -0
  94. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_file_hash_sha_1.txt +0 -0
  95. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_file_hash_sha_224.txt +0 -0
  96. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_file_hash_sha_256.txt +0 -0
  97. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_file_hash_sha_384.txt +0 -0
  98. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_file_hash_sha_512.txt +0 -0
  99. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_file_name.txt +0 -0
  100. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_host_name.txt +0 -0
  101. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_host_name_file.txt +0 -0
  102. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_host_name_path.txt +0 -0
  103. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_host_name_subdomain.txt +0 -0
  104. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_host_name_url.txt +0 -0
  105. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_iban_number.txt +0 -0
  106. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_ipv4_address_cidr.txt +0 -0
  107. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_ipv4_address_only.txt +0 -0
  108. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_ipv4_address_port.txt +0 -0
  109. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_ipv6_address_cidr.txt +0 -0
  110. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_ipv6_address_only.txt +0 -0
  111. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_ipv6_address_port.txt +0 -0
  112. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_mac_address.txt +0 -0
  113. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_mitre_atlas.txt +0 -0
  114. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_mitre_atlas_name.txt +0 -0
  115. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_mitre_attack_enterprise.txt +0 -0
  116. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_mitre_attack_enterprise_aliases.txt +0 -0
  117. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_mitre_attack_enterprise_name.txt +0 -0
  118. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_mitre_attack_ics.txt +0 -0
  119. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_mitre_attack_ics_aliases.txt +0 -0
  120. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_mitre_attack_ics_name.txt +0 -0
  121. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_mitre_attack_mobile.txt +0 -0
  122. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_mitre_attack_mobile_aliases.txt +0 -0
  123. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_mitre_attack_mobile_name.txt +0 -0
  124. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_mitre_capec.txt +0 -0
  125. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_mitre_capec_name.txt +0 -0
  126. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_mitre_cwe.txt +0 -0
  127. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_mitre_cwe_name.txt +0 -0
  128. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_phone_number.txt +0 -0
  129. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_url.txt +0 -0
  130. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_url_file.txt +0 -0
  131. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_url_path.txt +0 -0
  132. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_user_agent.txt +0 -0
  133. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/generic_windows_registry_key.txt +0 -0
  134. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/lookup_attack_pattern.txt +0 -0
  135. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/lookup_campaign.txt +0 -0
  136. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/lookup_course_of_action.txt +0 -0
  137. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/lookup_identity.txt +0 -0
  138. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/lookup_infrastructure.txt +0 -0
  139. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/lookup_intrusion_set.txt +0 -0
  140. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/lookup_malware.txt +0 -0
  141. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/lookup_threat_actor.txt +0 -0
  142. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/extraction_types/lookup_tool.txt +0 -0
  143. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/attack_flow_demo.txt +0 -0
  144. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/attack_navigator_demo.txt +0 -0
  145. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/basic_relationship.txt +0 -0
  146. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/char_length_too_long.txt +0 -0
  147. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/descriptive_for_ai_relationships_1.txt +0 -0
  148. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/disarm_demo.txt +0 -0
  149. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/embedded_img_ignore.txt +0 -0
  150. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/embedded_link_ignore.txt +0 -0
  151. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/ip1.txt +0 -0
  152. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/ip2.txt +0 -0
  153. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/known_whitelist_match.txt +0 -0
  154. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/mitre_attack_enterprise_ai_demo.txt +0 -0
  155. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/mitre_attack_enterprise_lookup_demo.txt +0 -0
  156. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/mixed_extractions.txt +0 -0
  157. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/not_security_content.txt +0 -0
  158. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/test_ai_hash_error_with_stix2_lib.txt +0 -0
  159. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/test_aliases.txt +0 -0
  160. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/test_extraction_boundary.txt +0 -0
  161. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/manually_generated_reports/test_extraction_escapes.txt +0 -0
  162. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/real_intel_reports/APT28-Center-of-Storm-2017.txt +0 -0
  163. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/real_intel_reports/Bitdefender-Labs-Report-X-creat6958-en-EN.txt +0 -0
  164. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/real_intel_reports/FireEyeAPT39.txt +0 -0
  165. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/real_intel_reports/France_CERT_APT31_Pakdoor_TLPWHITE.txt +0 -0
  166. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/real_intel_reports/Group-IB_Ransomware_Uncovered_whitepaper_eng.txt +0 -0
  167. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/real_intel_reports/JOINT_CSA_HUNTING_RU_INTEL_SNAKE_MALWARE_20230509.txt +0 -0
  168. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/real_intel_reports/TA22-0126-QAKBOT-analysis-TLP-GREEN.txt +0 -0
  169. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/real_intel_reports/dinners_card.txt +0 -0
  170. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/real_intel_reports/mandiant-apt1.txt +0 -0
  171. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/data/real_intel_reports/mykings_report_final.txt +0 -0
  172. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/manual-tests/cases-ai-relationships.md +0 -0
  173. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/manual-tests/cases-extraction-type-ai.md +0 -0
  174. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/manual-tests/cases-extraction-type-lookup.md +0 -0
  175. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/manual-tests/cases-extraction-type-pattern.md +0 -0
  176. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/scripts/generate_simple_extraction_test_cases_txt_files.py +0 -0
  177. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/src/__init__.py +0 -0
  178. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/src/test_attack_flow.py +0 -0
  179. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/src/test_bundler.py +0 -0
  180. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/src/test_extractors.py +0 -0
  181. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/src/test_indicator.py +0 -0
  182. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/src/test_lookups.py +0 -0
  183. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/src/test_main.py +0 -0
  184. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/src/test_retriever.py +0 -0
  185. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/src/test_run_txt2stix.py +0 -0
  186. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/src/test_utils.py +0 -0
  187. {txt2stix-1.0.11 → txt2stix-1.0.13}/tests/src/utils.py +0 -0
  188. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/__init__.py +0 -0
  189. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/ai_extractor/__init__.py +0 -0
  190. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/ai_extractor/anthropic.py +0 -0
  191. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/ai_extractor/deepseek.py +0 -0
  192. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/ai_extractor/gemini.py +0 -0
  193. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/ai_extractor/openai.py +0 -0
  194. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/ai_extractor/openrouter.py +0 -0
  195. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/ai_extractor/prompts.py +0 -0
  196. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/attack_flow.py +0 -0
  197. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/bundler.py +0 -0
  198. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/common.py +0 -0
  199. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/credential_checker.py +0 -0
  200. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/extractions.py +0 -0
  201. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/indicator.py +0 -0
  202. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/lookups.py +0 -0
  203. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/__init__.py +0 -0
  204. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/__init__.py +0 -0
  205. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/base_extractor.py +0 -0
  206. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/card/README.md +0 -0
  207. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/card/__init__.py +0 -0
  208. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/card/amex_card_extractor.py +0 -0
  209. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/card/diners_card_extractor.py +0 -0
  210. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/card/discover_card_extractor.py +0 -0
  211. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/card/jcb_card_extractor.py +0 -0
  212. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/card/master_card_extractor.py +0 -0
  213. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/card/union_card_extractor.py +0 -0
  214. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/card/visa_card_extractor.py +0 -0
  215. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/crypto/__init__.py +0 -0
  216. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/crypto/btc_extractor.py +0 -0
  217. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/directory/__init__.py +0 -0
  218. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/directory/unix_directory_extractor.py +0 -0
  219. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/directory/unix_file_path_extractor.py +0 -0
  220. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/directory/windows_directory_path_extractor.py +0 -0
  221. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/directory/windows_file_path_extractor.py +0 -0
  222. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/domain/__init__.py +0 -0
  223. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/domain/domain_extractor.py +0 -0
  224. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/domain/hostname_extractor.py +0 -0
  225. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/domain/sub_domain_extractor.py +0 -0
  226. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/hashes/__init__.py +0 -0
  227. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/hashes/md5_extractor.py +0 -0
  228. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/hashes/sha1_extractor.py +0 -0
  229. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/hashes/sha224_extractor.py +0 -0
  230. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/hashes/sha2_256_exactor.py +0 -0
  231. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/hashes/sha2_512_exactor.py +0 -0
  232. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/hashes/sha3_256_exactor.py +0 -0
  233. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/hashes/sha3_512_exactor.py +0 -0
  234. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/helper.py +0 -0
  235. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/ip/__init__.py +0 -0
  236. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/ip/ipv4_cidr_extractor.py +0 -0
  237. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/ip/ipv4_extractor.py +0 -0
  238. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/ip/ipv4_port_extractor.py +0 -0
  239. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/ip/ipv6_cidr_extractor.py +0 -0
  240. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/ip/ipv6_extractor.py +0 -0
  241. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/ip/ipv6_port_extractor.py +0 -0
  242. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/others/__init__.py +0 -0
  243. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/others/asn_extractor.py +0 -0
  244. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/others/cpe_extractor.py +0 -0
  245. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/others/cve_extractor.py +0 -0
  246. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/others/email_extractor.py +0 -0
  247. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/others/filename_extractor.py +0 -0
  248. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/others/iban_extractor.py +0 -0
  249. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/others/mac_address_extractor.py +0 -0
  250. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/others/phonenumber_extractor.py +0 -0
  251. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/others/user_agent_extractor.py +0 -0
  252. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/others/windows_registry_key_extractor.py +0 -0
  253. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/url/__init__.py +0 -0
  254. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/url/url_extractor.py +0 -0
  255. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/url/url_file_extractor.py +0 -0
  256. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/pattern/extractors/url/url_path_extractor.py +0 -0
  257. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/retriever.py +0 -0
  258. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/stix.py +0 -0
  259. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/txt2stix.py +0 -0
  260. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/utils.py +0 -0
  261. {txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix.py +0 -0
{txt2stix-1.0.11 → txt2stix-1.0.13}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: txt2stix
3
- Version: 1.0.11
3
+ Version: 1.0.13
4
4
  Summary: txt2stix is a Python script that is designed to identify and extract IoCs and TTPs from text files, identify the relationships between them, convert them to STIX 2.1 objects, and output as a STIX 2.1 bundle.
5
5
  Project-URL: Homepage, https://github.com/muchdogesec/txt2stix
6
6
  Project-URL: Issues, https://github.com/muchdogesec/txt2stix/issues
{txt2stix-1.0.11 → txt2stix-1.0.13}/includes/extractions/ai/config.yaml RENAMED
@@ -28,7 +28,7 @@ ai_ipv4_address_cidr:
28
28
  modified: 2020-01-01
29
29
  created_by: DOGESEC
30
30
  version: 1.0.0
31
- prompt_base: 'Extract all IPv4 addresses with a CIDR from the text.'
31
+ prompt_base: 'Extract all IPv4 addresses with a CIDR from the text. CIDR part must be >=0 <=32.'
32
32
  prompt_helper: 'Do not include any IPs that do not have a CIDR.'
33
33
  prompt_conversion: ''
34
34
  test_cases: ipv4_address_cidr
@@ -44,8 +44,8 @@ ai_ipv4_address_port:
44
44
  modified: 2020-01-01
45
45
  created_by: DOGESEC
46
46
  version: 1.0.0
47
- prompt_base: 'Extract all IPv4 addresses with a port from the text.'
48
- prompt_helper: 'Do not include any IPv4s that do not contain a port number'
47
+ prompt_base: 'Extract all IPv4 addresses with a port from the text. Port number part must be >=0 <=65535.'
48
+ prompt_helper: 'Do not include any IPv4s that do not contain a port number.'
49
49
  prompt_conversion: ''
50
50
  test_cases: ipv4_address_port
51
51
  stix_mapping: ipv4-addr-port
@@ -72,13 +72,13 @@ ai_ipv6_address_cidr:
72
72
  type: ai
73
73
  dogesec_web: true
74
74
  name: 'IPv6 Address with CIDR'
75
- description: 'Extracts IPv6 addresses with CIDRs'
75
+ description: 'Extracts IPv6 addresses with CIDRs.'
76
76
  notes: 'pattern_ipv6_address_cidr legacy extraction also exists if you cannot use AI'
77
77
  created: 2020-01-01
78
78
  modified: 2020-01-01
79
79
  created_by: DOGESEC
80
80
  version: 1.0.0
81
- prompt_base: 'Extract all IPv6 addresses with a CIDR from the text.'
81
+ prompt_base: 'Extract all IPv6 addresses with a CIDR from the text. CIDR part must be >=0 <=128.'
82
82
  prompt_helper: 'Do not include any IPv6s that do not contain a CIDR'
83
83
  prompt_conversion: ''
84
84
  test_cases: generic_ipv6_address_cidr
@@ -94,7 +94,7 @@ ai_ipv6_address_port:
94
94
  modified: 2020-01-01
95
95
  created_by: DOGESEC
96
96
  version: 1.0.0
97
- prompt_base: 'Extract all IPv6 addresses with a CIDR from the text.'
97
+ prompt_base: 'Extract all IPv6 addresses with a CIDR from the text. Port number part must be >=0 <=65535.'
98
98
  prompt_helper: 'Do not include any IPv6s that do not contain a port number'
99
99
  prompt_conversion: ''
100
100
  test_cases: generic_ipv6_address_port
{txt2stix-1.0.11 → txt2stix-1.0.13}/pyproject.toml RENAMED
@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
4
4
 
5
5
  [project]
6
6
  name = "txt2stix"
7
- version = "1.0.11"
7
+ version = "1.0.13"
8
8
  authors = [{ name = "dogesec" }]
9
9
  maintainers = [{ name = "dogesec" }]
10
10
  description = "txt2stix is a Python script that is designed to identify and extract IoCs and TTPs from text files, identify the relationships between them, convert them to STIX 2.1 objects, and output as a STIX 2.1 bundle."
{txt2stix-1.0.11 → txt2stix-1.0.13}/tests/manual-tests/cases-standard-tests.md RENAMED
@@ -540,4 +540,21 @@ python3 txt2stix.py \
540
540
  --ai_create_attack_flow \
541
541
  --ai_create_attack_navigator_layer \
542
542
  --report_id c0d48262-1d9f-42d2-aa29-f0cba1bfa2e0
543
+ ```
544
+
545
+ ### test AI extraction position
546
+
547
+ same extraction twice in doc
548
+
549
+ ```shell
550
+ python3 txt2stix.py \
551
+ --relationship_mode ai \
552
+ --ai_settings_relationships openai:gpt-4o \
553
+ --input_file tests/data/manually_generated_reports/ai_index_position.txt \
554
+ --name 'Extraction index' \
555
+ --tlp_level clear \
556
+ --confidence 100 \
557
+ --use_extractions 'ai_ipv4_address_only' \
558
+ --ai_settings_extractions openai:gpt-4o \
559
+ --report_id 2b3326b4-dfcf-4391-b550-e91652f9ffcd
543
560
  ```
{txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/ai_extractor/base.py RENAMED
@@ -10,6 +10,8 @@ from txt2stix.ai_extractor.prompts import DEFAULT_CONTENT_CHECKER_WITH_SUMMARY_T
10
10
  from txt2stix.ai_extractor.utils import AttackFlowList, DescribesIncident, ExtractionList, ParserWithLogging, RelationshipList, get_extractors_str
11
11
  from llama_index.core.utils import get_tokenizer
12
12
 
13
+ from txt2stix.lookups import find_get_indexes
14
+
13
15
 
14
16
  _ai_extractor_registry: dict[str, 'Type[BaseAIExtractor]'] = {}
15
17
  class BaseAIExtractor():
@@ -67,8 +69,11 @@ class BaseAIExtractor():
67
69
  def extract_relationships(self, input_text, extractions, relationship_types: list[str]) -> RelationshipList:
68
70
  return self._get_relationship_program()(relationship_types=relationship_types, input_file=input_text, extractions=extractions)
69
71
 
70
- def extract_objects(self, input_text, extractors) -> ExtractionList:
71
- extraction_list = self._get_extraction_program()(extractors=get_extractors_str(extractors), input_file=input_text)
72
+ def extract_objects(self, input_text: str, extractors) -> ExtractionList:
73
+ extraction_list: ExtractionList = self._get_extraction_program()(extractors=get_extractors_str(extractors), input_file=input_text)
74
+ for extract in extraction_list.extractions:
75
+ extract.start_index = list(find_get_indexes(extract.original_text, input_text))
76
+
72
77
  return extraction_list.model_dump().get('extractions', [])
73
78
 
74
79
  def __init__(self, *args, **kwargs) -> None:
{txt2stix-1.0.11 → txt2stix-1.0.13}/txt2stix/ai_extractor/utils.py RENAMED
@@ -15,7 +15,8 @@ class Extraction(BaseModel):
15
15
  id: str = Field(description='is the id of the extraction of the format `"ai-%d" %(position in list)`, it should start from 1 (e.g `"ai-1", "ai-2", ..., "ai-n"`)')
16
16
  value: str = Field(description='is the value extracted from the text')
17
17
  original_text: str = Field(description='is the original text the extraction was made from')
18
- # start_index: list[str|int] = Field(description='a list of the index positions of the first character for each matching extraction. Some documents might capture many extractions where `key` and `value` are the same for many entries. This property allows the user to identify how many extractions happened, and where they are in the document.')
18
+ start_index: list[str|int] = Field(default_factory=list, description='no result expected')
19
+
19
20
 
20
21
  class Relationship(BaseModel):
21
22
  source_ref: str = Field(description='is the id for the source extraction for the relationship (e.g. extraction_1).')
@@ -85,9 +86,3 @@ def get_extractors_str(extractors):
85
86
  logging.debug(buffer.getvalue())
86
87
  logging.debug("======== extractors end ======")
87
88
  return buffer.getvalue()
88
-
89
-
90
-
91
- if __name__ == '__main__':
92
- a = ExtractionList(extractions=[Extraction(type="yes", id="1", value="2", original_text="3")], success=True)
93
- print(a.model_dump())
{txt2stix-1.0.11 → txt2stix-1.0.13}/.env.example RENAMED
File without changes
{txt2stix-1.0.11 → txt2stix-1.0.13}/.env.markdown RENAMED
File without changes
{txt2stix-1.0.11 → txt2stix-1.0.13}/.gitignore RENAMED
File without changes
{txt2stix-1.0.11 → txt2stix-1.0.13}/LICENSE RENAMED
File without changes
{txt2stix-1.0.11 → txt2stix-1.0.13}/README.md RENAMED
File without changes
{txt2stix-1.0.11 → txt2stix-1.0.13}/docs/README.md RENAMED
File without changes
{txt2stix-1.0.11 → txt2stix-1.0.13}/docs/txt2stix.png RENAMED
File without changes
{txt2stix-1.0.11 → txt2stix-1.0.13}/requirements.txt RENAMED
File without changes
{txt2stix-1.0.11 → txt2stix-1.0.13}/tests/README.md RENAMED
File without changes