Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

stix2

Package Overview
Dependencies
Maintainers
4
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

stix2

Produce and consume STIX 2 JSON content

  • 3.0.1
  • PyPI
  • Socket score

Maintainers
4

|Build_Status| |Coverage| |Version| |Downloads_Badge| |Documentation_Status|

cti-python-stix2

This is an OASIS TC Open Repository <https://www.oasis-open.org/resources/open-repositories/>. See the Governance <#governance> section for more information.

This repository provides Python APIs for serializing and de-serializing STIX2 JSON content, along with higher-level APIs for common tasks, including data markings, versioning, and for resolving STIX IDs across multiple data sources.

For more information, see the documentation <https://stix2.readthedocs.io/>__ on ReadTheDocs.

Installation

Install with pip <https://pip.pypa.io/en/stable/>__:

.. code-block:: bash

$ pip install stix2

Note: The library requires Python 3.6+.

Usage

To create a STIX object, provide keyword arguments to the type's constructor. Certain required attributes of all objects, such as type or id, will be set automatically if not provided as keyword arguments.

.. code-block:: python

from stix2 import Indicator

indicator = Indicator(name="File hash for malware variant",
                      indicator_types=["malicious-activity"],
                      pattern_type="stix",
                      pattern="[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']")

To parse a STIX JSON string into a Python STIX object, use parse(). To serialize a STIX object, use serialize():

.. code-block:: python

from stix2 import parse

indicator = parse("""{
    "type": "indicator",
    "spec_version": "2.1",
    "id": "indicator--dbcbd659-c927-4f9a-994f-0a2632274394",
    "created": "2017-09-26T23:33:39.829Z",
    "modified": "2017-09-26T23:33:39.829Z",
    "name": "File hash for malware variant",
    "indicator_types": [
        "malicious-activity"
    ],
    "pattern_type": "stix",
    "pattern_version": "2.1",
    "pattern": "[file:hashes.md5 ='d41d8cd98f00b204e9800998ecf8427e']",
    "valid_from": "2017-09-26T23:33:39.829952Z"
}""")

print(indicator.serialize(pretty=True))

For more in-depth documentation, please see https://stix2.readthedocs.io/ <https://stix2.readthedocs.io/>__.

STIX 2 Technical Specification Support

This version of cti-python-stix2 brings support to STIX Version 2.1 <https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html>__ published on 10 June 2021 currently at the Committee Specification (CS) 03 level, also know as the "OASIS Standard".

The stix2 Python library supports multiple versions of the STIX 2 Technical Specification. The library will be updated to support new Committee Specification Drafts (CSDs) as they are released, but modules for these versions must be imported manually until the CSD reaches CS level. In new major releases of stix2 the import stix2 implicit import statement will be updated to automatically load the STIX Objects equivalent to the most recently supported CS. Please see the library documentation <https://stix2.readthedocs.io/en/latest/guide/ts_support.html>__ for details.

Governance

This GitHub public repository (https://github.com/oasis-open/cti-python-stix2) was proposed <https://lists.oasis-open.org/archives/cti/201702/msg00008.html>__ and approved <https://www.oasis-open.org/committees/download.php/60009/>__ [bis <https://issues.oasis-open.org/browse/TCADMIN-2549>] by the OASIS Cyber Threat Intelligence (CTI) TC <https://www.oasis-open.org/committees/cti/> as an OASIS TC Open Repository <https://www.oasis-open.org/resources/open-repositories/>__ to support development of open source resources related to Technical Committee work.

While this TC Open Repository remains associated with the sponsor TC, its development priorities, leadership, intellectual property terms, participation rules, and other matters of governance are separate and distinct <https://github.com/oasis-open/cti-python-stix2/blob/master/CONTRIBUTING.md#governance-distinct-from-oasis-tc-process>__ from the OASIS TC Process and related policies.

All contributions made to this TC Open Repository are subject to open source license terms expressed in the BSD-3-Clause License <https://www.oasis-open.org/sites/www.oasis-open.org/files/BSD-3-Clause.txt>. That license was selected as the declared "Applicable License" <https://www.oasis-open.org/resources/open-repositories/licenses> when the TC Open Repository was created.

As documented in "Public Participation Invited <https://github.com/oasis-open/cti-python-stix2/blob/master/CONTRIBUTING.md#public-participation-invited>", contributions to this OASIS TC Open Repository are invited from all parties, whether affiliated with OASIS or not. Participants must have a GitHub account, but no fees or OASIS membership obligations are required. Participation is expected to be consistent with the OASIS TC Open Repository Guidelines and Procedures <https://www.oasis-open.org/policies-guidelines/open-repositories>, the open source LICENSE <https://github.com/oasis-open/cti-python-stix2/blob/master/LICENSE>__ designated for this particular repository, and the requirement for an Individual Contributor License Agreement <https://www.oasis-open.org/resources/open-repositories/cla/individual-cla>__ that governs intellectual property.

Maintainers


TC Open Repository `Maintainers <https://www.oasis-open.org/resources/open-repositories/maintainers-guide>`__
are responsible for oversight of this project's community development
activities, including evaluation of GitHub
`pull requests <https://github.com/oasis-open/cti-python-stix2/blob/master/CONTRIBUTING.md#fork-and-pull-collaboration-model>`__
and `preserving <https://www.oasis-open.org/policies-guidelines/open-repositories#repositoryManagement>`__
open source principles of openness and fairness. Maintainers are recognized
and trusted experts who serve to implement community goals and consensus design
preferences.

Initially, the associated TC members have designated one or more persons to
serve as Maintainer(s); subsequently, participating community members may
select additional or substitute Maintainers, per `consensus agreements
<https://www.oasis-open.org/resources/open-repositories/maintainers-guide#additionalMaintainers>`__.

.. _currentmaintainers:

**Current Maintainers of this TC Open Repository**

-  `Chris Lenk <mailto:clenk@mitre.org>`__; GitHub ID:
   https://github.com/clenk/; WWW: `MITRE Corporation <http://www.mitre.org/>`__

-  `Rich Piazza <mailto:rpiazza@mitre.org>`__; GitHub ID:
   https://github.com/rpiazza/; WWW: `MITRE Corporation <https://www.mitre.org/>`__

-  `Andy Chisholm <mailto:chisholm@mitre.org>`__; GitHub ID:
   https://github.com/chisholm/; WWW: `MITRE Corporation <https://www.mitre.org/>`__

-  `Jason Keirstead <mailto:Jason.Keirstead@ca.ibm.com>`__; GitHub ID:
   https://github.com/JasonKeirstead; WWW: `IBM <http://www.ibm.com/>`__

About OASIS TC Open Repositories
--------------------------------

-  `TC Open Repositories: Overview and Resources <https://www.oasis-open.org/resources/open-repositories/>`__
-  `Frequently Asked Questions <https://www.oasis-open.org/resources/open-repositories/faq>`__
-  `Open Source Licenses <https://www.oasis-open.org/resources/open-repositories/licenses>`__
-  `Contributor License Agreements (CLAs) <https://www.oasis-open.org/resources/open-repositories/cla>`__
-  `Maintainers' Guidelines and Agreement <https://www.oasis-open.org/resources/open-repositories/maintainers-guide>`__

Feedback
--------

Questions or comments about this TC Open Repository's activities should be
composed as GitHub issues or comments. If use of an issue/comment is not
possible or appropriate, questions may be directed by email to the
Maintainer(s) `listed above <#currentmaintainers>`__. Please send general
questions about TC Open Repository participation to OASIS Staff at
repository-admin@oasis-open.org and any specific CLA-related questions
to repository-cla@oasis-open.org.

.. |Build_Status| image:: https://github.com/oasis-open/cti-python-stix2/workflows/cti-python-stix2%20test%20harness/badge.svg
   :target: https://github.com/oasis-open/cti-python-stix2/actions?query=workflow%3A%22cti-python-stix2+test+harness%22
   :alt: Build Status
.. |Coverage| image:: https://codecov.io/gh/oasis-open/cti-python-stix2/branch/master/graph/badge.svg
   :target: https://codecov.io/gh/oasis-open/cti-python-stix2
   :alt: Coverage
.. |Version| image:: https://img.shields.io/pypi/v/stix2.svg?maxAge=3600
   :target: https://pypi.python.org/pypi/stix2/
   :alt: Version
.. |Downloads_Badge| image:: https://img.shields.io/pypi/dm/stix2.svg?maxAge=3600
   :target: https://pypi.python.org/pypi/stix2/
   :alt: Downloads
.. |Documentation_Status| image:: https://readthedocs.org/projects/stix2/badge/?version=latest
   :target: https://stix2.readthedocs.io/en/latest/?badge=latest
   :alt: Documentation Status


Keywords

FAQs


Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc