txt2stix 1.1.2__py3-none-any.whl → 1.1.4__py3-none-any.whl

txt2stix/ai_extractor/openai.py

@@ -8,7 +8,7 @@ from llama_index.llms.openai import OpenAI
 class OpenAIExtractor(BaseAIExtractor, provider="openai"):
     def __init__(self, **kwargs) -> None:
         kwargs.setdefault('temperature', float(os.environ.get('TEMPERATURE', 0.0)))
-        self.llm = OpenAI(system_prompt=self.system_prompt, **kwargs)
+        self.llm = OpenAI(system_prompt=self.system_prompt, timeout=300, **kwargs)
         super().__init__()
 
     def count_tokens(self, text):

txt2stix/attack_flow.py

@@ -8,15 +8,13 @@ from txt2stix.ai_extractor.base import BaseAIExtractor
 from txt2stix.common import UUID_NAMESPACE
 from txt2stix.retriever import STIXObjectRetriever
 from stix2extensions.attack_action import AttackAction, AttackFlow
-from stix2extensions._extensions import attack_flow_ExtensionDefinitionSMO
 from .utils import AttackFlowList
 
-
 def parse_flow(report, flow: AttackFlowList, techniques, tactics):
     logging.info(f"flow.success = {flow.success}")
     if not flow.success:
         return []
-    objects = [report, attack_flow_ExtensionDefinitionSMO]
+    objects = [report]
     for domain in ["enterprise-attack", "mobile-attack", "ics-attack"]:
         flow_objects = parse_domain_flow(report, flow, techniques, tactics, domain)
         objects.extend(flow_objects)

txt2stix/bundler.py

@@ -113,7 +113,7 @@ class TLP_LEVEL(enum.Enum):
     @classmethod
     def get(cls, level):
         if isinstance(level, str):
-            level = level.replace('-', '_').replace('+', '_')
+            level = level.replace("-", "_").replace("+", "_")
         if isinstance(level, cls):
             return level
         return cls.levels()[level]
@@ -128,12 +128,13 @@ class txt2stixBundler:
         "user-agent": None,
         "cryptocurrency-wallet": None,
         "cryptocurrency-transaction": None,
-        "bank-card": None,
+        "payment-card": None,
         "bank-account": None,
         "phone-number": None,
         "weakness": None,
     }
     EXTENSION_DEFINITION_BASE_URL = "https://raw.githubusercontent.com/muchdogesec/stix2extensions/main/extension-definitions"
+    ATTACK_FLOW_SMO_URL = "https://github.com/muchdogesec/stix2extensions/raw/refs/heads/main/remote-definitions/attack-flow.json"
     report = None
     identity = None
     object_marking_refs = []
@@ -204,7 +205,7 @@ class txt2stixBundler:
             )
         external_references = external_references or []
         labels = labels or []
-        labels.append('placeholder_label')
+        labels.append("placeholder_label")
 
         self.job_id = f"report--{self.uuid}"
         self.report_md5 = hashlib.md5(description.encode()).hexdigest()
@@ -230,11 +231,12 @@ class txt2stixBundler:
                     "source_name": "txt2stix_report_md5",
                     "description": self.report_md5,
                 },
-            ] + external_references,
+            ]
+            + external_references,
             confidence=confidence,
         )
         self.report.object_refs.clear()  # clear object refs
-        self.report.labels.pop(-1) # remove txt2stix placeholder
+        self.report.labels.pop(-1)  # remove txt2stix placeholder
         self.added_objects = set()
         self.set_defaults()
 
@@ -277,7 +279,17 @@ class txt2stixBundler:
             self.bundle.objects.append(sdo)
 
         sdo_value = ""
-        for key in ['name', 'value', 'path', 'key', 'string', 'number', 'iban_number', 'address', 'hashes']:
+        for key in [
+            "name",
+            "value",
+            "path",
+            "key",
+            "string",
+            "number",
+            "iban_number",
+            "address",
+            "hashes",
+        ]:
             if v := sdo.get(key):
                 sdo_value = v
                 break
@@ -305,7 +317,7 @@ class txt2stixBundler:
                 )
             )
         objects, related_refs = build_observables(
-            self, stix_mapping, indicator, extracted_dict['value'], extractor
+            self, stix_mapping, indicator, extracted_dict["value"], extractor
         )
         if not objects:
             raise MinorException(
@@ -349,17 +361,30 @@ class txt2stixBundler:
         for source_ref in self.id_map.get(gpt_out["source_ref"], []):
             for target_ref in self.id_map.get(gpt_out["target_ref"], []):
                 self.add_standard_relationship(
-                    source_ref, target_ref, gpt_out["relationship_type"],
+                    source_ref,
+                    target_ref,
+                    gpt_out["relationship_type"],
                 )
 
     def add_standard_relationship(self, source_ref, target_ref, relationship_type):
-        descriptor = ' '.join(relationship_type.split('-'))
-        self.add_ref(self.new_relationship(
-            source_ref, target_ref, relationship_type,
-            description=f"{self.id_value_map.get(source_ref, source_ref)} {descriptor} {self.id_value_map.get(target_ref, target_ref)}"
-        ))
+        descriptor = " ".join(relationship_type.split("-"))
+        self.add_ref(
+            self.new_relationship(
+                source_ref,
+                target_ref,
+                relationship_type,
+                description=f"{self.id_value_map.get(source_ref, source_ref)} {descriptor} {self.id_value_map.get(target_ref, target_ref)}",
+            )
+        )
 
-    def new_relationship(self, source_ref, target_ref, relationship_type, description=None, external_references=None):
+    def new_relationship(
+        self,
+        source_ref,
+        target_ref,
+        relationship_type,
+        description=None,
+        external_references=None,
+    ):
         relationship = dict(
             id="relationship--"
             + str(
@@ -367,8 +392,8 @@ class txt2stixBundler:
                     UUID_NAMESPACE, f"{relationship_type}+{source_ref}+{target_ref}"
                 )
             ),
-            type='relationship',
-            spec_version='2.1',
+            type="relationship",
+            spec_version="2.1",
             source_ref=source_ref,
             target_ref=target_ref,
             relationship_type=relationship_type,
@@ -377,7 +402,8 @@ class txt2stixBundler:
             description=description,
             modified=self.report.modified,
             object_marking_refs=self.report.object_marking_refs,
-            external_references=external_references or [
+            external_references=external_references
+            or [
                 {
                     "source_name": "txt2stix_report_id",
                     "external_id": self.uuid,
@@ -386,7 +412,7 @@ class txt2stixBundler:
         )
         error = relationships_strict(relationship)
         if error:
-            relationship['relationship_type'] = 'related-to'
+            relationship["relationship_type"] = "related-to"
             logger.debug(error)
         return parse_stix(relationship, allow_custom=True)
 
@@ -396,7 +422,9 @@ class txt2stixBundler:
     def process_observables(self, extractions, add_standard_relationship=False):
         for ex in extractions:
             try:
-                if ex.get('id', '').startswith('ai'): #so id is distinct across multiple AIExtractors
+                if ex.get("id", "").startswith(
+                    "ai"
+                ):  # so id is distinct across multiple AIExtractors
                     ex["id"] = f'{ex["id"]}_{self.observables_processed}'
                 ex["id"] = ex.get("id", f"ex_{self.observables_processed}")
                 self.observables_processed += 1
@@ -406,7 +434,7 @@ class txt2stixBundler:
                     f"ran into exception while processing observable `{ex}`. {e}",
                     exc_info=True,
                 )
-                ex['error'] = str(e)
+                ex["error"] = str(e)
 
     def process_relationships(self, observables):
         for relationship in observables:
@@ -420,29 +448,33 @@ class txt2stixBundler:
 
     def indicator_id_from_value(self, value, stix_mapping):
         return "indicator--" + str(
-            uuid.uuid5(UUID_NAMESPACE, f"txt2stix+{self.identity['id']}+{self.report_md5}+{stix_mapping}+{value}")
+            uuid.uuid5(
+                UUID_NAMESPACE,
+                f"txt2stix+{self.identity['id']}+{self.report_md5}+{stix_mapping}+{value}",
+            )
         )
 
     def add_summary(self, summary, ai_summary_provider):
         self.report.external_references.append(
             dict(
-                source_name='txt2stix_ai_summary',
+                source_name="txt2stix_ai_summary",
                 external_id=ai_summary_provider,
-                description=summary
+                description=summary,
             )
         )
         self.summary = summary
 
-
     @property
     def flow_objects(self):
         return self._flow_objects
 
     @flow_objects.setter
     def flow_objects(self, objects):
+        smo_objects = self.load_stix_object_from_url(self.ATTACK_FLOW_SMO_URL)["objects"]
+        objects.extend(smo_objects)
         for obj in objects:
-            if obj['id'] == self.report.id:
+            if obj["id"] == self.report.id:
                 continue
-            is_report_object = obj['type'] != "extension-definition"
+            is_report_object = obj["type"] not in ["extension-definition", "identity"]
             self.add_ref(obj, is_report_object=is_report_object)
         self._flow_objects = objects

txt2stix/includes/extractions/ai/config.yaml

@@ -622,7 +622,7 @@ ai_bank_card_all:
   prompt_helper: ''
   prompt_conversion: ''
   test_cases: generic_bank_card_mastercard
-  stix_mapping: bank-card
+  stix_mapping: payment-card
 
 ai_bank_card_mastercard:
   type: ai
@@ -638,7 +638,7 @@ ai_bank_card_mastercard:
   prompt_helper: ''
   prompt_conversion: ''
   test_cases: generic_bank_card_mastercard
-  stix_mapping: bank-card
+  stix_mapping: payment-card
 
 ai_bank_card_visa:
   type: ai
@@ -654,7 +654,7 @@ ai_bank_card_visa:
   prompt_helper: ''
   prompt_conversion: ''
   test_cases: generic_bank_card_visa
-  stix_mapping: bank-card
+  stix_mapping: payment-card
 
 ai_bank_card_amex:
   type: ai
@@ -670,7 +670,7 @@ ai_bank_card_amex:
   prompt_helper: ''
   prompt_conversion: ''
   test_cases: generic_bank_card_amex
-  stix_mapping: bank-card
+  stix_mapping: payment-card
 
 ai_bank_card_union_pay:
   type: ai
@@ -686,7 +686,7 @@ ai_bank_card_union_pay:
   prompt_helper: ''
   prompt_conversion: ''
   test_cases: generic_bank_card_union_pay
-  stix_mapping: bank-card
+  stix_mapping: payment-card
 
 ai_bank_card_diners:
   type: ai
@@ -702,7 +702,7 @@ ai_bank_card_diners:
   prompt_helper: ''
   prompt_conversion: ''
   test_cases: generic_bank_card_diners
-  stix_mapping: bank-card
+  stix_mapping: payment-card
 
 ai_bank_card_jcb:
   type: ai
@@ -718,7 +718,7 @@ ai_bank_card_jcb:
   prompt_helper: ''
   prompt_conversion: ''
   test_cases: generic_bank_card_jcb
-  stix_mapping: bank-card
+  stix_mapping: payment-card
 
 ai_bank_card_discover:
   type: ai
@@ -734,7 +734,7 @@ ai_bank_card_discover:
   prompt_helper: ''
   prompt_conversion: ''
   test_cases: generic_bank_card_discover
-  stix_mapping: bank-card
+  stix_mapping: payment-card
 
 ####### IBAN Extractions #######
 

txt2stix/includes/extractions/pattern/config.yaml

@@ -491,92 +491,92 @@ pattern_bank_card_mastercard:
   type: pattern
   dogesec_web: true
   name: 'Bank Card Mastercard'
-  description: 'Will extract card numbers and create a bank-card object. Will also enrich card information if BIN List API key set'
+  description: 'Will extract card numbers and create a payment-card object. Will also enrich card information if BIN List API key set'
   notes: 'Also available: ai_bank_card_mastercard'
   created: 2020-01-01
   modified:  2020-01-01
   created_by: DOGESEC
   version: 1.0.0
   test_cases: generic_bank_card_mastercard
-  stix_mapping: bank-card
+  stix_mapping: payment-card
 
 pattern_bank_card_visa:
   type: pattern
   dogesec_web: true
   name: 'Bank Card Visa'
-  description: 'Will extract card numbers and create a bank-card object. Will also enrich card information if BIN List API key set'
+  description: 'Will extract card numbers and create a payment-card object. Will also enrich card information if BIN List API key set'
   notes: 'Also available: ai_bank_card_visa'
   created: 2020-01-01
   modified:  2020-01-01
   created_by: DOGESEC
   version: 1.0.0
   test_cases: generic_bank_card_visa
-  stix_mapping: bank-card
+  stix_mapping: payment-card
 
 pattern_bank_card_amex:
   type: pattern
   dogesec_web: true
   name: 'Bank Card American Express'
-  description: 'Will extract card numbers and create a bank-card object. Will also enrich card information if BIN List API key set'
+  description: 'Will extract card numbers and create a payment-card object. Will also enrich card information if BIN List API key set'
   notes: 'Also available: ai_bank_card_amex'
   created: 2020-01-01
   modified:  2020-01-01
   created_by: DOGESEC
   version: 1.0.0
   test_cases: generic_bank_card_amex
-  stix_mapping: bank-card
+  stix_mapping: payment-card
 
 pattern_bank_card_union_pay:
   type: pattern
   dogesec_web: true
   name: 'Bank Card Union Pay'
-  description: 'Will extract card numbers and create a bank-card object. Will also enrich card information if BIN List API key set'
+  description: 'Will extract card numbers and create a payment-card object. Will also enrich card information if BIN List API key set'
   notes: 'Also available: ai_bank_card_union_pay'
   created: 2020-01-01
   modified:  2020-01-01
   created_by: DOGESEC
   version: 1.0.0
   test_cases: generic_bank_card_union_pay
-  stix_mapping: bank-card
+  stix_mapping: payment-card
 
 pattern_bank_card_diners:
   type: pattern
   dogesec_web: true
   name: 'Bank Card Diners'
-  description: 'Will extract card numbers and create a bank-card object. Will also enrich card information if BIN List API key set'
+  description: 'Will extract card numbers and create a payment-card object. Will also enrich card information if BIN List API key set'
   notes: 'Also available: ai_bank_card_diners'
   created: 2020-01-01
   modified:  2020-01-01
   created_by: DOGESEC
   version: 1.0.0
   test_cases: generic_bank_card_diners
-  stix_mapping: bank-card
+  stix_mapping: payment-card
 
 pattern_bank_card_jcb:
   type: pattern
   dogesec_web: true
   name: 'Bank Card JCB'
-  description: 'Will extract card numbers and create a bank-card object. Will also enrich card information if BIN List API key set'
+  description: 'Will extract card numbers and create a payment-card object. Will also enrich card information if BIN List API key set'
   notes: 'Also available: ai_bank_card_jcb'
   created: 2020-01-01
   modified:  2020-01-01
   created_by: DOGESEC
   version: 1.0.0
   test_cases: generic_bank_card_jcb
-  stix_mapping: bank-card
+  stix_mapping: payment-card
 
 pattern_bank_card_discover:
   type: pattern
   dogesec_web: true
   name: 'Bank Card Discover'
-  description: 'Will extract card numbers and create a bank-card object. Will also enrich card information if BIN List API key set'
+  description: 'Will extract card numbers and create a payment-card object. Will also enrich card information if BIN List API key set'
   notes: 'Also available: ai_bank_card_discover'
   created: 2020-01-01
   modified:  2020-01-01
   created_by: DOGESEC
   version: 1.0.0
   test_cases: generic_bank_card_discover
-  stix_mapping: bank-card
+  stix_mapping: payment-card
 
 ####### IBAN Extractions #######
 

txt2stix/indicator.py

@@ -2,7 +2,7 @@ from __future__ import annotations
 import os
 import re
 from stix2.parsing import dict_to_stix2
-from stix2 import HashConstant
+from stix2 import HashConstant, File
 from stix2.v21.vocab import HASHING_ALGORITHM
 from stix2.patterns import _HASH_REGEX as HASHING_ALGORITHM_2
 from ipaddress import ip_address
@@ -14,7 +14,9 @@ from typing import TYPE_CHECKING
 
 import validators
 
-from txt2stix.pattern.extractors.others.phonenumber_extractor import PhoneNumberExtractor
+from txt2stix.pattern.extractors.others.phonenumber_extractor import (
+    PhoneNumberExtractor,
+)
 from txt2stix.utils import validate_file_mimetype, validate_reg_key
 
 if TYPE_CHECKING:
@@ -24,7 +26,7 @@ if TYPE_CHECKING:
 
 from .common import MinorException
 
-from .retriever import _retrieve_stix_objects, retrieve_stix_objects
+from .retriever import retrieve_stix_objects
 
 logger = logging.getLogger("txt2stix.indicator")
 
@@ -71,12 +73,13 @@ def split_ip_port(ip_port: str):
 
     return ip.exploded, int(port)
 
+
 def get_country_code(number: str) -> str:
     phone = PhoneNumberExtractor.parse_phone_number(number)
     if phone:
         return geocoder.region_codes_for_country_code(phone.country_code)[0]
     else:
-        raise BadDataException('bad phone number')
+        raise BadDataException("bad phone number")
 
 
 def get_iban_details(number) -> tuple[str, str]:
@@ -93,7 +96,7 @@ def build_observables(
     except BadDataException:
         raise
     except BaseException as e:
-        raise BadDataException(f"unknown data error: {e}") from e
+        raise BadDataException("unknown data error") from e
 
 
 def _build_observables(
@@ -102,6 +105,13 @@ def _build_observables(
     retrieved_objects = retrieve_stix_objects(stix_mapping, extracted_value)
     if retrieved_objects:
         return retrieved_objects, [sdo["id"] for sdo in retrieved_objects]
+    if retrieved_objects == []:
+        logger.warning(
+            f"could not find `{stix_mapping}` with id=`{extracted_value}` in remote"
+        )
+        raise BadDataException(
+            f"could not find `{stix_mapping}` with id=`{extracted_value}` in remote"
+        )
 
     stix_objects = [indicator]
 
@@ -321,7 +331,9 @@ def _build_observables(
             }
         )
         indicator["name"] = f"Directory File: {extracted_value}"
-        indicator["pattern"] = f"[ directory:path = { repr(dir_obj.path) }  OR file:name = {repr(file.name)}]"
+        indicator["pattern"] = (
+            f"[ directory:path = { repr(dir_obj.path) }  OR file:name = {repr(file.name)}]"
+        )
 
         stix_objects.append(dir_obj)
         stix_objects.append(file)
@@ -440,11 +452,11 @@ def _build_observables(
 
     if stix_mapping == "user-agent":
         indicator["name"] = f"User Agent: {extracted_value}"
-        indicator["pattern"] = f"[ user-agent:string = { repr(extracted_value) } ]"
+        indicator["pattern"] = f"[ user-agent:value = { repr(extracted_value) } ]"
 
         stix_objects.append(
             dict_to_stix2(
-                {"type": "user-agent", "spec_version": "2.1", "string": extracted_value}
+                {"type": "user-agent", "spec_version": "2.1", "value": extracted_value}
             )
         )
         stix_objects.append(
@@ -464,7 +476,9 @@ def _build_observables(
                 f"AS Number must contain a number, got `{extracted_value}`"
             )
         extracted_value = int(match.group(0))
-        assert extracted_value >= 1 and extracted_value <= 65535, "AS Number must be between 1 and 65535"
+        assert (
+            extracted_value >= 1 and extracted_value <= 65535
+        ), "AS Number must be between 1 and 65535"
         indicator["name"] = f"AS{extracted_value}"
         indicator["pattern"] = (
             f"[ autonomous-system:number = { repr(extracted_value) } ]"
@@ -497,7 +511,7 @@ def _build_observables(
         btc2stix = crypto2stix.BTC2Stix()
         indicator["name"] = f"{currency_symbol} Wallet: {extracted_value}"
         indicator["pattern"] = (
-            f"[ cryptocurrency-wallet:address = { repr(extracted_value) } ]"
+            f"[ cryptocurrency-wallet:value = { repr(extracted_value) } ]"
         )
         wallet_obj, *other_objects = btc2stix.process_wallet(
             extracted_value, wallet_only=True, transactions_only=False
@@ -524,7 +538,7 @@ def _build_observables(
         txn_object, *other_objects = btc2stix.process_transaction(extracted_value)
         indicator["name"] = f"{currency_symbol} Transaction: {extracted_value}"
         indicator["pattern"] = (
-            f"[ cryptocurrency-transaction:hash = { repr(extracted_value) } ]"
+            f"[ cryptocurrency-transaction:value = { repr(extracted_value) } ]"
         )
 
         stix_objects.append(txn_object)
@@ -549,7 +563,7 @@ def _build_observables(
         btc2stix = crypto2stix.BTC2Stix()
         indicator["name"] = f"{currency_symbol} Wallet: {extracted_value}"
         indicator["pattern"] = (
-            f"[ cryptocurrency-wallet:address = { repr(extracted_value) } ]"
+            f"[ cryptocurrency-wallet:value = { repr(extracted_value) } ]"
         )
         wallet_obj, *other_objects = btc2stix.process_wallet(
             extracted_value, wallet_only=False, transactions_only=True
@@ -567,7 +581,7 @@ def _build_observables(
             )
         )
         return stix_objects, [wallet_obj.id]
-    if stix_mapping == "bank-card":
+    if stix_mapping == "payment-card":
         # TODO
         card_type = extractor.name
         if "Bank Card" in extractor.name:
@@ -585,7 +599,7 @@ def _build_observables(
             card_type = card_object["scheme"]
 
         indicator["name"] = f"{card_type}: {extracted_value}"
-        indicator["pattern"] = f"[ bank-card:number = { repr(extracted_value) } ]"
+        indicator["pattern"] = f"[ payment-card:value = { repr(extracted_value) } ]"
 
         stix_objects.append(
             bundler.new_relationship(
@@ -601,41 +615,42 @@ def _build_observables(
     if stix_mapping == "bank-account":
         q = validators.iban(extracted_value)
         if q != True:
-            raise BadDataException('invalid iban number') from q
+            raise BadDataException("invalid iban number") from q
         indicator["name"] = f"Bank account: {extracted_value}"
-        indicator["pattern"] = (
-            f"[ bank-account:iban_number = { repr(extracted_value) } ]"
-        )
+        indicator["pattern"] = f"[ bank-account:iban = { repr(extracted_value) } ]"
         extracted_value = extracted_value.replace("-", "").replace(" ", "")
 
         country_code, bank_code = get_iban_details(extracted_value)
+        location = retrieve_stix_objects("location", country_code)[0]
+        stix_objects.append(location)
 
-        stix_objects.append(
-            dict_to_stix2(
-                {
-                    "type": "bank-account",
-                    "spec_version": "2.1",
-                    "iban_number": extracted_value,
-                    "country": country_code,
-                }
-            )
+        bank_acc = dict_to_stix2(
+            {
+                "type": "bank-account",
+                "spec_version": "2.1",
+                "iban": extracted_value,
+                "country_ref": location["id"],
+            }
         )
+
+        stix_objects.append(bank_acc)
         stix_objects.append(
             bundler.new_relationship(
                 indicator["id"],
-                stix_objects[1].id,
+                bank_acc.id,
                 "related-to",
                 description=f"STIX pattern contains {extracted_value}",
                 external_references=indicator["external_references"],
             )
         )
+        return stix_objects, [bank_acc.id]
 
     if stix_mapping == "phone-number":
         country_code = get_country_code(extracted_value)
         if not country_code:
-            raise BadDataException('parse phone number failed')
+            raise BadDataException("parse phone number failed")
         indicator["name"] = f"Phone Number: {extracted_value}"
-        indicator["pattern"] = f"[ phone-number:number = { repr(extracted_value) }"
+        indicator["pattern"] = f"[ phone-number:value = { repr(extracted_value) }"
         if country_code:
             indicator["pattern"] += f" AND phone-number:country = '{country_code}' "
         indicator["pattern"] += " ]"
@@ -645,7 +660,7 @@ def _build_observables(
                 {
                     "type": "phone-number",
                     "spec_version": "2.1",
-                    "number": extracted_value,
+                    "value": extracted_value,
                     "country": country_code,
                 }
             )
@@ -825,7 +840,7 @@ def _build_observables(
         "user-agent",
         "cryptocurrency-wallet",
         "cryptocurrency-transaction",
-        "bank-card",
+        "payment-card",
         "bank-account",
         "phone-number",
         "attack-pattern",

txt2stix/pattern/extractors/card/discover_card_extractor.py

@@ -7,7 +7,7 @@ class BankCardDiscoverExtractor(BaseExtractor):
     A class for extracting Discover credit card numbers from text using regular expressions.
 
     Attributes:
-        name (str): The name of the extractor, set to "bank-card-discover".
+        name (str): The name of the extractor, set to "payment-card-discover".
         extraction_regex (str): The regular expression pattern used for extracting Discover credit card numbers.
     """
 

txt2stix/retriever.py

@@ -58,6 +58,12 @@ class STIXObjectRetriever:
         return self._retrieve_objects(
             urljoin(self.api_root, f"v1/{type}/objects/{id}/")
         )
+    
+    def retrieve_object_by_id(self, id, type):
+        endpoint = urljoin(self.api_root, f"v1/{type}/objects/{id}/")
+        resp = self.session.get(endpoint)
+        resp.raise_for_status()
+        return [resp.json()]
 
     def get_location_objects(self, id):
         return self._retrieve_objects(
@@ -111,9 +117,9 @@ def _retrieve_stix_objects(host, knowledge_base, filter_value):
         case "mitre-cwe-id":
             return retreiver.get_objects_by_id(filter_value, "cwe")
         case "cve-id":
-            return retreiver.get_objects_by_id(filter_value, "cve")
+            return retreiver.retrieve_object_by_id(filter_value, "cve")
         case "cpe-id":
-            return retreiver.get_objects_by_id(filter_value, "cpe")
+            return retreiver.retrieve_object_by_id(filter_value, "cpe")
         case "location":
             return retreiver.get_location_objects(filter_value)
 

{txt2stix-1.1.2.dist-info → txt2stix-1.1.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: txt2stix
-Version: 1.1.2
+Version: 1.1.4
 Summary: txt2stix is a Python script that is designed to identify and extract IoCs and TTPs from text files, identify the relationships between them, convert them to STIX 2.1 objects, and output as a STIX 2.1 bundle.
 Project-URL: Homepage, https://github.com/muchdogesec/txt2stix
 Project-URL: Issues, https://github.com/muchdogesec/txt2stix/issues

{txt2stix-1.1.2.dist-info → txt2stix-1.1.4.dist-info}/RECORD

@@ -1,12 +1,12 @@
 txt2stix/__init__.py,sha256=Sm_VT913IFuAZ6dJEdVz3baPwC5VYtHySVfBAOUG92w,803
-txt2stix/attack_flow.py,sha256=FA5mRf4iVe9E6e_WfGF9PK6MTz8f3UhvDKjO_PDFHso,9164
-txt2stix/bundler.py,sha256=pAML3FXfSX96n15ZFmtOUHoXYvgp8V-1A6GhtYHk_K0,16246
+txt2stix/attack_flow.py,sha256=Y0zl-2YVkiVhbtUu6rsrX7ujnfdDTArSkrR_WS_fSc8,9052
+txt2stix/bundler.py,sha256=L5s8IvNLd6VwjnTEqU71hEAR3j_Vj4NdXlufavTLuKM,16917
 txt2stix/common.py,sha256=ISnGNKqJPE1EcfhL-x_4G18mcwt1urmorkW-ru9kV-0,585
 txt2stix/credential_checker.py,sha256=eWDP-jY3-jm8zI0JMoUcyoQZ_JqPNfCIr_HAO8nVYz0,3044
 txt2stix/extractions.py,sha256=_tlsqYHhfAoV-PJzxRHysrX47uxCsMlSg7PQWxww1u0,2171
-txt2stix/indicator.py,sha256=lukbmRMrRTKvirs_BnIOoAcmRIdyqkodJGDmQE_D6YE,29621
+txt2stix/indicator.py,sha256=dyf4wbvVrZRitZpm6t7UusSM98bVW1qc5UkdGpVm3ls,30025
 txt2stix/lookups.py,sha256=h42YVtYUkWZm6ZPv2h5hHDHDzDs3yBqrT_T7pj2MDZI,2301
-txt2stix/retriever.py,sha256=cOcC6h-eyutfdIFQqAPUodneBFwgk21q0u2rXI9L57Q,6177
+txt2stix/retriever.py,sha256=0eoLzabGrcR0wdQuEYdU8ZPomq42lAsGwP4gY6RLgww,6410
 txt2stix/stix.py,sha256=9nXD9a2dCY4uaatl-mlIA1k3srwQBhGW-tUSho3iYe0,30
 txt2stix/txt2stix.py,sha256=4iVvzlLbUeDIKUPPHGUWZufsy-LIMPk6ejrw8kSI1o8,18595
 txt2stix/utils.py,sha256=n6mh4t9ZRJ7iT4Jvp9ai_dfCXjgXNcRtF_zXO7nkpnk,3304
@@ -15,7 +15,7 @@ txt2stix/ai_extractor/anthropic.py,sha256=mdz-8CB-BSCEqnK5l35DRZURVPUf508ef2b48X
 txt2stix/ai_extractor/base.py,sha256=t0SCh24FeDEDzXsrGFada6ux9F6m0ILwXtPSaleDiv8,4172
 txt2stix/ai_extractor/deepseek.py,sha256=2XehIYbWXG6Odq68nQX4CNtl5GdmBlAmjLP_lG2eEFo,660
 txt2stix/ai_extractor/gemini.py,sha256=yJC7knYzl-TScyCBd-MTpUf-NT6znC25E7vXxNMqjLU,578
-txt2stix/ai_extractor/openai.py,sha256=FK3UlKozwoBVoBYS_CDGa9lSOae5AC3rMcOH_v0y5_Q,629
+txt2stix/ai_extractor/openai.py,sha256=1RxaLy0TJ4GjNKmcJoi6ZiBrCS_gt5ql9jpeE-SOy8g,642
 txt2stix/ai_extractor/openrouter.py,sha256=hAA6mTOMcpA28XYsOCvuJH7WMJqXCxfqZGJf_VrDsIk,628
 txt2stix/ai_extractor/prompts.py,sha256=NtqtVyPPtShPlVZ5SrFmo-LCkfpANIIi4H9rjqaxqDo,10559
 txt2stix/ai_extractor/utils.py,sha256=jG5tPuS2xfiH7xCxlaEkAOboNOOMDah9JpGDXrUUJBA,4342
@@ -27,7 +27,7 @@ txt2stix/pattern/extractors/card/README.md,sha256=VRtmsIhbwswI0mP9axgV-czTOgpG6-
 txt2stix/pattern/extractors/card/__init__.py,sha256=KyYIaHA2igtJZfTDebwM6ohism_dJNh5Velexzhhcts,678
 txt2stix/pattern/extractors/card/amex_card_extractor.py,sha256=NrWqwv2cEeOK1LxZZ5AwxLyZ1lyYB7CmxpT40t5dUIk,1999
 txt2stix/pattern/extractors/card/diners_card_extractor.py,sha256=e7Q7_g1iXyBD4439iz4uMLBrEf5ykL143dqwYtQMJPM,1802
-txt2stix/pattern/extractors/card/discover_card_extractor.py,sha256=U9U_gwwwIipDtDtn3RlY_iUmlA-YLTYyjjhRxFE_YzM,1909
+txt2stix/pattern/extractors/card/discover_card_extractor.py,sha256=wYaP1Juzqc5wcvJcxGGi2ni9ENY8NL9dc9a2itqi_mw,1912
 txt2stix/pattern/extractors/card/jcb_card_extractor.py,sha256=6wKrJmkhsm8gnQUtyLE2JxHuCO0NzUaDl3uyfU4livw,1681
 txt2stix/pattern/extractors/card/master_card_extractor.py,sha256=STzq09lHV1W7nZg8NjToS0D3e04QwME2i0CUSUbL7BM,2736
 txt2stix/pattern/extractors/card/union_card_extractor.py,sha256=94Z2shAnBB0fvGHm_0DgUPwzULyftAmmWpMLZdq0WB8,1374
@@ -74,9 +74,9 @@ txt2stix/pattern/extractors/url/url_extractor.py,sha256=-SH1WvxbViaRZ1on8lRlzNAc
 txt2stix/pattern/extractors/url/url_file_extractor.py,sha256=_VDu_BX3Ys9SKhZlscZPp9xSOKCxNKKvJ2gbe7Nvuv0,881
 txt2stix/pattern/extractors/url/url_path_extractor.py,sha256=FNKcMZRnJpcZZF44T8DHsDWzhBqPq5a23h7T7l2osac,2459
 txt2stix/includes/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-txt2stix/includes/extractions/ai/config.yaml,sha256=8tFAA4cCrXHbf2ewJNo5yTrLUB7qhM0jOu2XsA1hUYs,41540
+txt2stix/includes/extractions/ai/config.yaml,sha256=r98Sa93GaZNcY60NuZ2XlIM8BpFl33PUBkqFvGLqTOo,41564
 txt2stix/includes/extractions/lookup/config.yaml,sha256=lZoJ-vHig30TpfiwNEl4fiT-AwdOlhm7h0pE8b_G6jg,12059
-txt2stix/includes/extractions/pattern/config.yaml,sha256=BTfFc69hTR1TMMuu86UVg0K6aFQAxAF55R8l2-PBeOM,20154
+txt2stix/includes/extractions/pattern/config.yaml,sha256=UICpzQN7SOr5yT7jmhJYtpDuQxQxA-cxoltI4GW0nFs,20196
 txt2stix/includes/helpers/mimetype_filename_extension_list.csv,sha256=kgozjMyp7y87CqRcoedfDwNXSLKrDgC9r9YKDYK0EbY,27593
 txt2stix/includes/helpers/stix_relationship_types.txt,sha256=PQytANVSrWepdK_SLEZtfiTe1eoxj6YMGUZslO_C1oc,505
 txt2stix/includes/helpers/tlds.txt,sha256=Va_awj-FQiKgs5ace6C0kC5xxAHIl9yAIBhvT08Q7Q0,9551
@@ -113,8 +113,8 @@ txt2stix/includes/lookups/threat_actor.txt,sha256=QfDO9maQuqKBgW_Sdd7VGv1SHZ9Ra-
 txt2stix/includes/lookups/tld.txt,sha256=-MEgJea2NMG_KDsnc4BVvI8eRk5Dm93L-t8SGYx5wMo,8598
 txt2stix/includes/lookups/tool.txt,sha256=HGKG6JpUE26w6ezzSxOjBkp15UpSaB7N-mZ_NU_3G7A,6
 txt2stix/includes/tests/test_cases.yaml,sha256=QD1FdIunpPkOpsn6wJRqs2vil_hv8OSVaqUp4a96aZg,22247
-txt2stix-1.1.2.dist-info/METADATA,sha256=Re99mCqh9VkxdCJyG7iuWbQh6KPllsO2Sn-Xi587SQQ,15513
-txt2stix-1.1.2.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-txt2stix-1.1.2.dist-info/entry_points.txt,sha256=x6QPtt65hWeomw4IpJ_wQUesBl1M4WOLODbhOKyWMFg,55
-txt2stix-1.1.2.dist-info/licenses/LICENSE,sha256=BK8Ppqlc4pdgnNzIxnxde0taoQ1BgicdyqmBvMiNYgY,11364
-txt2stix-1.1.2.dist-info/RECORD,,
+txt2stix-1.1.4.dist-info/METADATA,sha256=_LzscyEWJvO91-3mIQkAq7jie7uFEZ8GcLVmfrcUhJM,15513
+txt2stix-1.1.4.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+txt2stix-1.1.4.dist-info/entry_points.txt,sha256=x6QPtt65hWeomw4IpJ_wQUesBl1M4WOLODbhOKyWMFg,55
+txt2stix-1.1.4.dist-info/licenses/LICENSE,sha256=BK8Ppqlc4pdgnNzIxnxde0taoQ1BgicdyqmBvMiNYgY,11364
+txt2stix-1.1.4.dist-info/RECORD,,