[![Build Python distribution and Release](https://github.com/cloudcover-cc/cc-taxii2-client/actions/workflows/python-publish.yml/badge.svg)](https://github.com/cloudcover-cc/cc-taxii2-client/actions/workflows/python-publish.yml)
[![Python 3.9](https://img.shields.io/badge/python-3.9+-blue.svg)](https://www.python.org/downloads/release/python-390/)
[![GPLv3 license](https://img.shields.io/badge/License-GPLv3-blue.svg)](http://perso.crans.org/besson/LICENSE.html)
# cc-taxii2-client
## Minimal CloudCover TAXII2.1 Python client library.
### Installation
To install from PyPI run:
```
pip install cc-taxii2-client
```
To install from source, run the following commands:
```
git clone https://github.com/cloudcover-cc/cc-taxii2-client
cd cc-taxii2-client
pip install .
```
### Basic usage examples:
```python
from itertools import chain
from cc_taxii2_client import (CCTaxiiClient, count_indicators, ip_search,
description_search)
# Create a CloudCover TAXII2.1 server connection client object:
connection = CCTaxiiClient("testaccount", "XxXxXx")
# RETURNS:
# CCTaxiiClient(account='testaccount',
# url='https://taxii2.cloudcover.net',
# headers={
# 'Accept': 'application/taxii+json;version=2.1',
# 'Content-Type': 'application/taxii+json;version=2.1',
# 'Authorization': 'Basic dGVzdF9hY2NvdW50Olh4WHhYeA=='
# })
# Get collection IDs for the public (/api/) root silo
connection.get_collections()
# RETURNS:
# ['decb0efc-6a36-4dd7-a4dd-7f955f42b977']
# Get collection IDS for private (/account/) root silo
connection.get_collections("testaccount")
# RETURNS:
# ['c774c554-038c-46a6-8339-9ddfae4cd871']
# Create a generator object that yields all indicators in the public root
# silo default collection, grouped in pages of 1000 (default) indicators:
generate_indicators = connection.get_cc_indicators_generator(follow_pages=True)
# Count total number of indicators yielded from the generator:
count_indicators(generate_indicators)
# RETURNS:
# 711
# Create a generator object that yields all indicators in the private root
# silo default collection, grouped in pages of 2 indicators, added only
# after 2023-11-03T19:07:51.812746Z:
generate_indicators = connection.get_cc_indicators_generator(
private=True,
limit=2,
added_after="2023-11-03T19:07:51.812746Z",
follow_pages=True)
# Yield the pages of indicators:
next(generate_indicators)
# YIELDS:
# [
# CCIndicator(created='2023-11-03T19:07:51.812746Z',
# description='#Recon# ICMP PING',
# id='indicator--5c46d792-93a9-435c-a04f-b843de740fe6',
# modified='2023-11-03T19:07:51.812746Z',
# name='CloudCover Detected IOC',
# pattern="[ipv4-addr:value = '13.127.11.123']",
# pattern_type='stix',
# pattern_version='2.1',
# spec_version='2.1',
# type='indicator',
# valid_from='2023-11-03T19:07:51.812746Z'),
# CCIndicator(created='2023-11-03T19:07:51.816509Z',
# description='#Recon# ICMP PING',
# id='indicator--3d217760-a17a-41b4-af5f-5b5bf72ff396',
# modified='2023-11-03T19:07:51.816509Z',
# name='CloudCover Detected IOC',
# pattern="[ipv4-addr:value = '34.219.199.125']",
# pattern_type='stix',
# pattern_version='2.1',
# spec_version='2.1',
# type='indicator',
# valid_from='2023-11-03T19:07:51.816509Z')
# ]
# Search generator results for indicators containing a specific IP address:
generate_indicators = connection.get_cc_indicators_generator(private=True,
follow_pages=True)
ip_search("13.127.11.123", generate_indicators)
# RETURNS:
# [
# CCIndicator(created='2023-11-03T19:07:51.812746Z',
# description='#Recon# ICMP PING',
# id='indicator--5c46d792-93a9-435c-a04f-b843de740fe6',
# modified='2023-11-03T19:07:51.812746Z',
# name='CloudCover Detected IOC',
# pattern="[ipv4-addr:value = '13.127.11.123']",
# pattern_type='stix',
# pattern_version='2.1',
# spec_version='2.1',
# type='indicator',
# valid_from='2023-11-03T19:07:51.812746Z')
# ]
# Search generator results for indicators containing "Recon" in the description
# field, then get the total number found:
generate_indicators = connection.get_cc_indicators_generator(private=True,
follow_pages=True)
indicators = description_search("Recon", generate_indicators)
len(indicators)
# RETURNS:
# 264
# Create a generator object that yields all indicators in the private root
# silo default collection, grouped in pages of 1000 (default) indicators,
# of type "indicator" that match the two indicator IDs given. Then combine
# all found indicator objects into a single list:
generate_indicators = connection.get_cc_indicators_generator(
private=True,
follow_pages=True,
matches={
"type":
"indicator",
"id": ("indicator--5c46d792-93a9-435c-a04f-b843de740fe6,"
"indicator--6b405c16-ac9b-4446-8d13-1cc17a4cf867")
})
list(chain(*generate_indicators))
# RETURNS:
# [
# CCIndicator(created='2023-11-03T19:07:51.812746Z',
# description='#Recon# ICMP PING',
# id='indicator--5c46d792-93a9-435c-a04f-b843de740fe6',
# modified='2023-11-03T19:07:51.812746Z',
# name='CloudCover Detected IOC',
# pattern="[ipv4-addr:value = '13.127.11.123']",
# pattern_type='stix',
# pattern_version='2.1',
# spec_version='2.1',
# type='indicator',
# valid_from='2023-11-03T19:07:51.812746Z'),
# CCIndicator(created='2023-11-03T19:07:51.817258Z',
# description='#Recon# ICMP PING',
# id='indicator--6b405c16-ac9b-4446-8d13-1cc17a4cf867',
# modified='2023-11-03T19:07:51.817258Z',
# name='CloudCover Detected IOC',
# pattern="[ipv4-addr:value = '34.218.245.10']",
# pattern_type='stix',
# pattern_version='2.1',
# spec_version='2.1',
# type='indicator',
# valid_from='2023-11-03T19:07:51.817258Z')
# ]
```
Raw data
{
"_id": null,
"home_page": "",
"name": "cc-taxii2-client",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.9",
"maintainer_email": "",
"keywords": "cloudcover,taxii,taxii2,taxii2.1,stix,stix2.1,api,client,SDK",
"author": "",
"author_email": "Nick Bowling <nbowling@cloudcover.net>",
"download_url": "https://files.pythonhosted.org/packages/de/3e/86da72d5eb59a2513f16e04b83f13a34ac23a243f20e44f7a3c3f6dbf166/cc_taxii2_client-0.1.5.tar.gz",
"platform": null,
"description": "[![Build Python distribution and Release](https://github.com/cloudcover-cc/cc-taxii2-client/actions/workflows/python-publish.yml/badge.svg)](https://github.com/cloudcover-cc/cc-taxii2-client/actions/workflows/python-publish.yml)\n[![Python 3.9](https://img.shields.io/badge/python-3.9+-blue.svg)](https://www.python.org/downloads/release/python-390/)\n[![GPLv3 license](https://img.shields.io/badge/License-GPLv3-blue.svg)](http://perso.crans.org/besson/LICENSE.html)\n\n# cc-taxii2-client\n## Minimal CloudCover TAXII2.1 Python client library.\n\n### Installation\nTo install from PyPI run:\n```\npip install cc-taxii2-client\n```\n\nTo install from source, run the following commands:\n```\ngit clone https://github.com/cloudcover-cc/cc-taxii2-client\ncd cc-taxii2-client\npip install .\n```\n\n### Basic usage examples:\n\n```python\nfrom itertools import chain\nfrom cc_taxii2_client import (CCTaxiiClient, count_indicators, ip_search,\n description_search)\n\n# Create a CloudCover TAXII2.1 server connection client object:\nconnection = CCTaxiiClient(\"testaccount\", \"XxXxXx\")\n# RETURNS:\n# CCTaxiiClient(account='testaccount',\n# url='https://taxii2.cloudcover.net',\n# headers={\n# 'Accept': 'application/taxii+json;version=2.1',\n# 'Content-Type': 'application/taxii+json;version=2.1',\n# 'Authorization': 'Basic dGVzdF9hY2NvdW50Olh4WHhYeA=='\n# })\n\n# Get collection IDs for the public (/api/) root silo\nconnection.get_collections()\n# RETURNS:\n# ['decb0efc-6a36-4dd7-a4dd-7f955f42b977']\n\n# Get collection IDS for private (/account/) root silo\nconnection.get_collections(\"testaccount\")\n# RETURNS:\n# ['c774c554-038c-46a6-8339-9ddfae4cd871']\n\n# Create a generator object that yields all indicators in the public root\n# silo default collection, grouped in pages of 1000 (default) indicators:\ngenerate_indicators = connection.get_cc_indicators_generator(follow_pages=True)\n\n# Count total number of indicators yielded from the generator:\ncount_indicators(generate_indicators)\n# RETURNS:\n# 711\n\n# Create a generator object that yields all indicators in the private root\n# silo default collection, grouped in pages of 2 indicators, added only\n# after 2023-11-03T19:07:51.812746Z:\ngenerate_indicators = connection.get_cc_indicators_generator(\n private=True,\n limit=2,\n added_after=\"2023-11-03T19:07:51.812746Z\",\n follow_pages=True)\n\n# Yield the pages of indicators:\nnext(generate_indicators)\n# YIELDS:\n# [\n# CCIndicator(created='2023-11-03T19:07:51.812746Z',\n# description='#Recon# ICMP PING',\n# id='indicator--5c46d792-93a9-435c-a04f-b843de740fe6',\n# modified='2023-11-03T19:07:51.812746Z',\n# name='CloudCover Detected IOC',\n# pattern=\"[ipv4-addr:value = '13.127.11.123']\",\n# pattern_type='stix',\n# pattern_version='2.1',\n# spec_version='2.1',\n# type='indicator',\n# valid_from='2023-11-03T19:07:51.812746Z'),\n# CCIndicator(created='2023-11-03T19:07:51.816509Z',\n# description='#Recon# ICMP PING',\n# id='indicator--3d217760-a17a-41b4-af5f-5b5bf72ff396',\n# modified='2023-11-03T19:07:51.816509Z',\n# name='CloudCover Detected IOC',\n# pattern=\"[ipv4-addr:value = '34.219.199.125']\",\n# pattern_type='stix',\n# pattern_version='2.1',\n# spec_version='2.1',\n# type='indicator',\n# valid_from='2023-11-03T19:07:51.816509Z')\n# ]\n\n# Search generator results for indicators containing a specific IP address:\ngenerate_indicators = connection.get_cc_indicators_generator(private=True,\n follow_pages=True)\nip_search(\"13.127.11.123\", generate_indicators)\n# RETURNS:\n# [\n# CCIndicator(created='2023-11-03T19:07:51.812746Z',\n# description='#Recon# ICMP PING',\n# id='indicator--5c46d792-93a9-435c-a04f-b843de740fe6',\n# modified='2023-11-03T19:07:51.812746Z',\n# name='CloudCover Detected IOC',\n# pattern=\"[ipv4-addr:value = '13.127.11.123']\",\n# pattern_type='stix',\n# pattern_version='2.1',\n# spec_version='2.1',\n# type='indicator',\n# valid_from='2023-11-03T19:07:51.812746Z')\n# ]\n\n# Search generator results for indicators containing \"Recon\" in the description\n# field, then get the total number found:\ngenerate_indicators = connection.get_cc_indicators_generator(private=True,\n follow_pages=True)\nindicators = description_search(\"Recon\", generate_indicators)\nlen(indicators)\n# RETURNS:\n# 264\n\n# Create a generator object that yields all indicators in the private root\n# silo default collection, grouped in pages of 1000 (default) indicators,\n# of type \"indicator\" that match the two indicator IDs given. Then combine\n# all found indicator objects into a single list:\ngenerate_indicators = connection.get_cc_indicators_generator(\n private=True,\n follow_pages=True,\n matches={\n \"type\":\n \"indicator\",\n \"id\": (\"indicator--5c46d792-93a9-435c-a04f-b843de740fe6,\"\n \"indicator--6b405c16-ac9b-4446-8d13-1cc17a4cf867\")\n })\nlist(chain(*generate_indicators))\n# RETURNS:\n# [\n# CCIndicator(created='2023-11-03T19:07:51.812746Z',\n# description='#Recon# ICMP PING',\n# id='indicator--5c46d792-93a9-435c-a04f-b843de740fe6',\n# modified='2023-11-03T19:07:51.812746Z',\n# name='CloudCover Detected IOC',\n# pattern=\"[ipv4-addr:value = '13.127.11.123']\",\n# pattern_type='stix',\n# pattern_version='2.1',\n# spec_version='2.1',\n# type='indicator',\n# valid_from='2023-11-03T19:07:51.812746Z'),\n# CCIndicator(created='2023-11-03T19:07:51.817258Z',\n# description='#Recon# ICMP PING',\n# id='indicator--6b405c16-ac9b-4446-8d13-1cc17a4cf867',\n# modified='2023-11-03T19:07:51.817258Z',\n# name='CloudCover Detected IOC',\n# pattern=\"[ipv4-addr:value = '34.218.245.10']\",\n# pattern_type='stix',\n# pattern_version='2.1',\n# spec_version='2.1',\n# type='indicator',\n# valid_from='2023-11-03T19:07:51.817258Z')\n# ]\n```\n",
"bugtrack_url": null,
"license": "",
"summary": "CloudCover minimal TAXII2.1 Python client library.",
"version": "0.1.5",
"project_urls": {
"Homepage": "https://github.com/cloudcover-cc/cc-taxii2-client"
},
"split_keywords": [
"cloudcover",
"taxii",
"taxii2",
"taxii2.1",
"stix",
"stix2.1",
"api",
"client",
"sdk"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "9598c6202305214627fe4155585fb5439553f31a1b30bcc2e90112af784416db",
"md5": "a4bd9b23af1c79ca71f1a8fed4e18e30",
"sha256": "91af22f6e5302dee443badb1d6d4d22885f59369706069c7f97669d160347427"
},
"downloads": -1,
"filename": "cc_taxii2_client-0.1.5-py3-none-any.whl",
"has_sig": false,
"md5_digest": "a4bd9b23af1c79ca71f1a8fed4e18e30",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.9",
"size": 21864,
"upload_time": "2024-01-17T12:19:07",
"upload_time_iso_8601": "2024-01-17T12:19:07.823743Z",
"url": "https://files.pythonhosted.org/packages/95/98/c6202305214627fe4155585fb5439553f31a1b30bcc2e90112af784416db/cc_taxii2_client-0.1.5-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "de3e86da72d5eb59a2513f16e04b83f13a34ac23a243f20e44f7a3c3f6dbf166",
"md5": "7fa2f020891074b48ef565ccad2277b3",
"sha256": "746c0f21a12790ebc3eecb298b696114518e23b1aa89e346f12aad64dc7ab307"
},
"downloads": -1,
"filename": "cc_taxii2_client-0.1.5.tar.gz",
"has_sig": false,
"md5_digest": "7fa2f020891074b48ef565ccad2277b3",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.9",
"size": 20678,
"upload_time": "2024-01-17T12:19:09",
"upload_time_iso_8601": "2024-01-17T12:19:09.177105Z",
"url": "https://files.pythonhosted.org/packages/de/3e/86da72d5eb59a2513f16e04b83f13a34ac23a243f20e44f7a3c3f6dbf166/cc_taxii2_client-0.1.5.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-01-17 12:19:09",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "cloudcover-cc",
"github_project": "cc-taxii2-client",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "cc-taxii2-client"
}