|Build_Status| |Coverage| |Version| |Downloads_Badge| |Documentation_Status|
cti-python-stix2
================
This is an `OASIS TC Open Repository <https://www.oasis-open.org/resources/open-repositories/>`__.
See the `Governance <#governance>`__ section for more information.
This repository provides Python APIs for serializing and de-serializing STIX2
JSON content, along with higher-level APIs for common tasks, including data
markings, versioning, and for resolving STIX IDs across multiple data sources.
For more information, see `the documentation <https://stix2.readthedocs.io/>`__ on ReadTheDocs.
Installation
------------
Install with `pip <https://pip.pypa.io/en/stable/>`__:
.. code-block:: bash
$ pip install stix2
Note: The library requires Python 3.6+.
Usage
-----
To create a STIX object, provide keyword arguments to the type's constructor.
Certain required attributes of all objects, such as ``type`` or ``id``, will
be set automatically if not provided as keyword arguments.
.. code-block:: python
from stix2 import Indicator
indicator = Indicator(name="File hash for malware variant",
indicator_types=["malicious-activity"],
pattern_type="stix",
pattern="[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']")
To parse a STIX JSON string into a Python STIX object, use ``parse()``. To serialize a STIX object, use ``serialize()``:
.. code-block:: python
from stix2 import parse
indicator = parse("""{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dbcbd659-c927-4f9a-994f-0a2632274394",
"created": "2017-09-26T23:33:39.829Z",
"modified": "2017-09-26T23:33:39.829Z",
"name": "File hash for malware variant",
"indicator_types": [
"malicious-activity"
],
"pattern_type": "stix",
"pattern_version": "2.1",
"pattern": "[file:hashes.md5 ='d41d8cd98f00b204e9800998ecf8427e']",
"valid_from": "2017-09-26T23:33:39.829952Z"
}""")
print(indicator.serialize(pretty=True))
For more in-depth documentation, please see `https://stix2.readthedocs.io/ <https://stix2.readthedocs.io/>`__.
STIX 2 Technical Specification Support
--------------------------------------
This version of cti-python-stix2 brings support to `STIX Version 2.1 <https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html>`__
published on 10 June 2021 currently at the Committee Specification (CS) 03 level, also know as the "OASIS Standard".
The stix2 Python library supports multiple versions of the STIX 2 Technical
Specification. The library will be updated to support new Committee
Specification Drafts (CSDs) as they are released, but modules for these
versions must be imported manually until the CSD reaches CS level. In new
major releases of stix2 the ``import stix2`` implicit import statement
will be updated to automatically load the STIX Objects equivalent to the most
recently supported CS. Please see the `library documentation <https://stix2.readthedocs.io/en/latest/guide/ts_support.html>`__
for details.
Governance
----------
This GitHub public repository (**https://github.com/oasis-open/cti-python-stix2**) was
`proposed <https://lists.oasis-open.org/archives/cti/201702/msg00008.html>`__ and
`approved <https://www.oasis-open.org/committees/download.php/60009/>`__
[`bis <https://issues.oasis-open.org/browse/TCADMIN-2549>`__] by the
`OASIS Cyber Threat Intelligence (CTI) TC <https://www.oasis-open.org/committees/cti/>`__
as an `OASIS TC Open Repository <https://www.oasis-open.org/resources/open-repositories/>`__
to support development of open source resources related to Technical Committee work.
While this TC Open Repository remains associated with the sponsor TC, its
development priorities, leadership, intellectual property terms, participation
rules, and other matters of governance are `separate and distinct
<https://github.com/oasis-open/cti-python-stix2/blob/master/CONTRIBUTING.md#governance-distinct-from-oasis-tc-process>`__
from the OASIS TC Process and related policies.
All contributions made to this TC Open Repository are subject to open
source license terms expressed in the `BSD-3-Clause License <https://www.oasis-open.org/sites/www.oasis-open.org/files/BSD-3-Clause.txt>`__.
That license was selected as the declared `"Applicable License" <https://www.oasis-open.org/resources/open-repositories/licenses>`__
when the TC Open Repository was created.
As documented in `"Public Participation Invited
<https://github.com/oasis-open/cti-python-stix2/blob/master/CONTRIBUTING.md#public-participation-invited>`__",
contributions to this OASIS TC Open Repository are invited from all parties,
whether affiliated with OASIS or not. Participants must have a GitHub account,
but no fees or OASIS membership obligations are required. Participation is
expected to be consistent with the `OASIS TC Open Repository Guidelines and Procedures
<https://www.oasis-open.org/policies-guidelines/open-repositories>`__,
the open source `LICENSE <https://github.com/oasis-open/cti-python-stix2/blob/master/LICENSE>`__
designated for this particular repository, and the requirement for an
`Individual Contributor License Agreement <https://www.oasis-open.org/resources/open-repositories/cla/individual-cla>`__
that governs intellectual property.
Maintainers
~~~~~~~~~~~
TC Open Repository `Maintainers <https://www.oasis-open.org/resources/open-repositories/maintainers-guide>`__
are responsible for oversight of this project's community development
activities, including evaluation of GitHub
`pull requests <https://github.com/oasis-open/cti-python-stix2/blob/master/CONTRIBUTING.md#fork-and-pull-collaboration-model>`__
and `preserving <https://www.oasis-open.org/policies-guidelines/open-repositories#repositoryManagement>`__
open source principles of openness and fairness. Maintainers are recognized
and trusted experts who serve to implement community goals and consensus design
preferences.
Initially, the associated TC members have designated one or more persons to
serve as Maintainer(s); subsequently, participating community members may
select additional or substitute Maintainers, per `consensus agreements
<https://www.oasis-open.org/resources/open-repositories/maintainers-guide#additionalMaintainers>`__.
.. _currentmaintainers:
**Current Maintainers of this TC Open Repository**
- `Chris Lenk <mailto:clenk@mitre.org>`__; GitHub ID:
https://github.com/clenk/; WWW: `MITRE Corporation <http://www.mitre.org/>`__
- `Rich Piazza <mailto:rpiazza@mitre.org>`__; GitHub ID:
https://github.com/rpiazza/; WWW: `MITRE Corporation <https://www.mitre.org/>`__
- `Andy Chisholm <mailto:chisholm@mitre.org>`__; GitHub ID:
https://github.com/chisholm/; WWW: `MITRE Corporation <https://www.mitre.org/>`__
- `Jason Keirstead <mailto:Jason.Keirstead@ca.ibm.com>`__; GitHub ID:
https://github.com/JasonKeirstead; WWW: `IBM <http://www.ibm.com/>`__
About OASIS TC Open Repositories
--------------------------------
- `TC Open Repositories: Overview and Resources <https://www.oasis-open.org/resources/open-repositories/>`__
- `Frequently Asked Questions <https://www.oasis-open.org/resources/open-repositories/faq>`__
- `Open Source Licenses <https://www.oasis-open.org/resources/open-repositories/licenses>`__
- `Contributor License Agreements (CLAs) <https://www.oasis-open.org/resources/open-repositories/cla>`__
- `Maintainers' Guidelines and Agreement <https://www.oasis-open.org/resources/open-repositories/maintainers-guide>`__
Feedback
--------
Questions or comments about this TC Open Repository's activities should be
composed as GitHub issues or comments. If use of an issue/comment is not
possible or appropriate, questions may be directed by email to the
Maintainer(s) `listed above <#currentmaintainers>`__. Please send general
questions about TC Open Repository participation to OASIS Staff at
repository-admin@oasis-open.org and any specific CLA-related questions
to repository-cla@oasis-open.org.
.. |Build_Status| image:: https://github.com/oasis-open/cti-python-stix2/workflows/cti-python-stix2%20test%20harness/badge.svg
:target: https://github.com/oasis-open/cti-python-stix2/actions?query=workflow%3A%22cti-python-stix2+test+harness%22
:alt: Build Status
.. |Coverage| image:: https://codecov.io/gh/oasis-open/cti-python-stix2/branch/master/graph/badge.svg
:target: https://codecov.io/gh/oasis-open/cti-python-stix2
:alt: Coverage
.. |Version| image:: https://img.shields.io/pypi/v/stix2.svg?maxAge=3600
:target: https://pypi.python.org/pypi/stix2/
:alt: Version
.. |Downloads_Badge| image:: https://img.shields.io/pypi/dm/stix2.svg?maxAge=3600
:target: https://pypi.python.org/pypi/stix2/
:alt: Downloads
.. |Documentation_Status| image:: https://readthedocs.org/projects/stix2/badge/?version=latest
:target: https://stix2.readthedocs.io/en/latest/?badge=latest
:alt: Documentation Status
Raw data
{
"_id": null,
"home_page": "https://oasis-open.github.io/cti-documentation/",
"name": "stix2",
"maintainer": "Chris Lenk",
"docs_url": null,
"requires_python": ">=3.6",
"maintainer_email": "clenk@mitre.org",
"keywords": "stix stix2 json cti cyber threat intelligence",
"author": "OASIS Cyber Threat Intelligence Technical Committee",
"author_email": "cti-users@lists.oasis-open.org",
"download_url": "https://files.pythonhosted.org/packages/f6/6c/598c368b2822783179b0e7992877a3d4b4a7aded18244c1ed1db4894d729/stix2-3.0.1.tar.gz",
"platform": "",
"description": "|Build_Status| |Coverage| |Version| |Downloads_Badge| |Documentation_Status|\n\ncti-python-stix2\n================\n\nThis is an `OASIS TC Open Repository <https://www.oasis-open.org/resources/open-repositories/>`__.\nSee the `Governance <#governance>`__ section for more information.\n\nThis repository provides Python APIs for serializing and de-serializing STIX2\nJSON content, along with higher-level APIs for common tasks, including data\nmarkings, versioning, and for resolving STIX IDs across multiple data sources.\n\nFor more information, see `the documentation <https://stix2.readthedocs.io/>`__ on ReadTheDocs.\n\nInstallation\n------------\n\nInstall with `pip <https://pip.pypa.io/en/stable/>`__:\n\n.. code-block:: bash\n\n $ pip install stix2\n\nNote: The library requires Python 3.6+.\n\nUsage\n-----\n\nTo create a STIX object, provide keyword arguments to the type's constructor.\nCertain required attributes of all objects, such as ``type`` or ``id``, will\nbe set automatically if not provided as keyword arguments.\n\n.. code-block:: python\n\n from stix2 import Indicator\n\n indicator = Indicator(name=\"File hash for malware variant\",\n indicator_types=[\"malicious-activity\"],\n pattern_type=\"stix\",\n pattern=\"[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']\")\n\nTo parse a STIX JSON string into a Python STIX object, use ``parse()``. To serialize a STIX object, use ``serialize()``:\n\n.. code-block:: python\n\n from stix2 import parse\n\n indicator = parse(\"\"\"{\n \"type\": \"indicator\",\n \"spec_version\": \"2.1\",\n \"id\": \"indicator--dbcbd659-c927-4f9a-994f-0a2632274394\",\n \"created\": \"2017-09-26T23:33:39.829Z\",\n \"modified\": \"2017-09-26T23:33:39.829Z\",\n \"name\": \"File hash for malware variant\",\n \"indicator_types\": [\n \"malicious-activity\"\n ],\n \"pattern_type\": \"stix\",\n \"pattern_version\": \"2.1\",\n \"pattern\": \"[file:hashes.md5 ='d41d8cd98f00b204e9800998ecf8427e']\",\n \"valid_from\": \"2017-09-26T23:33:39.829952Z\"\n }\"\"\")\n\n print(indicator.serialize(pretty=True))\n\nFor more in-depth documentation, please see `https://stix2.readthedocs.io/ <https://stix2.readthedocs.io/>`__.\n\nSTIX 2 Technical Specification Support\n--------------------------------------\n\nThis version of cti-python-stix2 brings support to `STIX Version 2.1 <https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html>`__\npublished on 10 June 2021 currently at the Committee Specification (CS) 03 level, also know as the \"OASIS Standard\".\n\nThe stix2 Python library supports multiple versions of the STIX 2 Technical\nSpecification. The library will be updated to support new Committee\nSpecification Drafts (CSDs) as they are released, but modules for these\nversions must be imported manually until the CSD reaches CS level. In new\nmajor releases of stix2 the ``import stix2`` implicit import statement\nwill be updated to automatically load the STIX Objects equivalent to the most\nrecently supported CS. Please see the `library documentation <https://stix2.readthedocs.io/en/latest/guide/ts_support.html>`__\nfor details.\n\nGovernance\n----------\n\nThis GitHub public repository (**https://github.com/oasis-open/cti-python-stix2**) was\n`proposed <https://lists.oasis-open.org/archives/cti/201702/msg00008.html>`__ and\n`approved <https://www.oasis-open.org/committees/download.php/60009/>`__\n[`bis <https://issues.oasis-open.org/browse/TCADMIN-2549>`__] by the\n`OASIS Cyber Threat Intelligence (CTI) TC <https://www.oasis-open.org/committees/cti/>`__\nas an `OASIS TC Open Repository <https://www.oasis-open.org/resources/open-repositories/>`__\nto support development of open source resources related to Technical Committee work.\n\nWhile this TC Open Repository remains associated with the sponsor TC, its\ndevelopment priorities, leadership, intellectual property terms, participation\nrules, and other matters of governance are `separate and distinct\n<https://github.com/oasis-open/cti-python-stix2/blob/master/CONTRIBUTING.md#governance-distinct-from-oasis-tc-process>`__\nfrom the OASIS TC Process and related policies.\n\nAll contributions made to this TC Open Repository are subject to open\nsource license terms expressed in the `BSD-3-Clause License <https://www.oasis-open.org/sites/www.oasis-open.org/files/BSD-3-Clause.txt>`__.\nThat license was selected as the declared `\"Applicable License\" <https://www.oasis-open.org/resources/open-repositories/licenses>`__\nwhen the TC Open Repository was created.\n\nAs documented in `\"Public Participation Invited\n<https://github.com/oasis-open/cti-python-stix2/blob/master/CONTRIBUTING.md#public-participation-invited>`__\",\ncontributions to this OASIS TC Open Repository are invited from all parties,\nwhether affiliated with OASIS or not. Participants must have a GitHub account,\nbut no fees or OASIS membership obligations are required. Participation is\nexpected to be consistent with the `OASIS TC Open Repository Guidelines and Procedures\n<https://www.oasis-open.org/policies-guidelines/open-repositories>`__,\nthe open source `LICENSE <https://github.com/oasis-open/cti-python-stix2/blob/master/LICENSE>`__\ndesignated for this particular repository, and the requirement for an\n`Individual Contributor License Agreement <https://www.oasis-open.org/resources/open-repositories/cla/individual-cla>`__\nthat governs intellectual property.\n\nMaintainers\n~~~~~~~~~~~\n\nTC Open Repository `Maintainers <https://www.oasis-open.org/resources/open-repositories/maintainers-guide>`__\nare responsible for oversight of this project's community development\nactivities, including evaluation of GitHub\n`pull requests <https://github.com/oasis-open/cti-python-stix2/blob/master/CONTRIBUTING.md#fork-and-pull-collaboration-model>`__\nand `preserving <https://www.oasis-open.org/policies-guidelines/open-repositories#repositoryManagement>`__\nopen source principles of openness and fairness. Maintainers are recognized\nand trusted experts who serve to implement community goals and consensus design\npreferences.\n\nInitially, the associated TC members have designated one or more persons to\nserve as Maintainer(s); subsequently, participating community members may\nselect additional or substitute Maintainers, per `consensus agreements\n<https://www.oasis-open.org/resources/open-repositories/maintainers-guide#additionalMaintainers>`__.\n\n.. _currentmaintainers:\n\n**Current Maintainers of this TC Open Repository**\n\n- `Chris Lenk <mailto:clenk@mitre.org>`__; GitHub ID:\n https://github.com/clenk/; WWW: `MITRE Corporation <http://www.mitre.org/>`__\n\n- `Rich Piazza <mailto:rpiazza@mitre.org>`__; GitHub ID:\n https://github.com/rpiazza/; WWW: `MITRE Corporation <https://www.mitre.org/>`__\n\n- `Andy Chisholm <mailto:chisholm@mitre.org>`__; GitHub ID:\n https://github.com/chisholm/; WWW: `MITRE Corporation <https://www.mitre.org/>`__\n\n- `Jason Keirstead <mailto:Jason.Keirstead@ca.ibm.com>`__; GitHub ID:\n https://github.com/JasonKeirstead; WWW: `IBM <http://www.ibm.com/>`__\n\nAbout OASIS TC Open Repositories\n--------------------------------\n\n- `TC Open Repositories: Overview and Resources <https://www.oasis-open.org/resources/open-repositories/>`__\n- `Frequently Asked Questions <https://www.oasis-open.org/resources/open-repositories/faq>`__\n- `Open Source Licenses <https://www.oasis-open.org/resources/open-repositories/licenses>`__\n- `Contributor License Agreements (CLAs) <https://www.oasis-open.org/resources/open-repositories/cla>`__\n- `Maintainers' Guidelines and Agreement <https://www.oasis-open.org/resources/open-repositories/maintainers-guide>`__\n\nFeedback\n--------\n\nQuestions or comments about this TC Open Repository's activities should be\ncomposed as GitHub issues or comments. If use of an issue/comment is not\npossible or appropriate, questions may be directed by email to the\nMaintainer(s) `listed above <#currentmaintainers>`__. Please send general\nquestions about TC Open Repository participation to OASIS Staff at\nrepository-admin@oasis-open.org and any specific CLA-related questions\nto repository-cla@oasis-open.org.\n\n.. |Build_Status| image:: https://github.com/oasis-open/cti-python-stix2/workflows/cti-python-stix2%20test%20harness/badge.svg\n :target: https://github.com/oasis-open/cti-python-stix2/actions?query=workflow%3A%22cti-python-stix2+test+harness%22\n :alt: Build Status\n.. |Coverage| image:: https://codecov.io/gh/oasis-open/cti-python-stix2/branch/master/graph/badge.svg\n :target: https://codecov.io/gh/oasis-open/cti-python-stix2\n :alt: Coverage\n.. |Version| image:: https://img.shields.io/pypi/v/stix2.svg?maxAge=3600\n :target: https://pypi.python.org/pypi/stix2/\n :alt: Version\n.. |Downloads_Badge| image:: https://img.shields.io/pypi/dm/stix2.svg?maxAge=3600\n :target: https://pypi.python.org/pypi/stix2/\n :alt: Downloads\n.. |Documentation_Status| image:: https://readthedocs.org/projects/stix2/badge/?version=latest\n :target: https://stix2.readthedocs.io/en/latest/?badge=latest\n :alt: Documentation Status\n\n\n",
"bugtrack_url": null,
"license": "BSD",
"summary": "Produce and consume STIX 2 JSON content",
"version": "3.0.1",
"split_keywords": [
"stix",
"stix2",
"json",
"cti",
"cyber",
"threat",
"intelligence"
],
"urls": [
{
"comment_text": "",
"digests": {
"md5": "699ae6e2ba37dcbaa0fcb6b48938c46a",
"sha256": "827acf0b5b319c1b857c9db0d54907bb438b2b32312d236c891a305ad49b0ba2"
},
"downloads": -1,
"filename": "stix2-3.0.1-py2.py3-none-any.whl",
"has_sig": false,
"md5_digest": "699ae6e2ba37dcbaa0fcb6b48938c46a",
"packagetype": "bdist_wheel",
"python_version": "py2.py3",
"requires_python": ">=3.6",
"size": 177847,
"upload_time": "2021-09-24T13:37:24",
"upload_time_iso_8601": "2021-09-24T13:37:24.210324Z",
"url": "https://files.pythonhosted.org/packages/6b/4e/f88d650a5cf6483740a9bc31c106a21af3330bef0c8be89dae3c715edca3/stix2-3.0.1-py2.py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"md5": "98da050a0bd6e0d7e9f0e8eff87ae1be",
"sha256": "2a2718dc3451c84c709990b2ca220cc39c75ed23e0864d7e8d8190a9365b0cbf"
},
"downloads": -1,
"filename": "stix2-3.0.1.tar.gz",
"has_sig": false,
"md5_digest": "98da050a0bd6e0d7e9f0e8eff87ae1be",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.6",
"size": 140969,
"upload_time": "2021-09-24T13:37:25",
"upload_time_iso_8601": "2021-09-24T13:37:25.628456Z",
"url": "https://files.pythonhosted.org/packages/f6/6c/598c368b2822783179b0e7992877a3d4b4a7aded18244c1ed1db4894d729/stix2-3.0.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2021-09-24 13:37:25",
"github": false,
"gitlab": false,
"bitbucket": false,
"lcname": "stix2"
}
JSON