2*yo 2xyo

## d3fend.ttl
:NetworkSignatureAnalysis a :NetworkTrafficAnalysis,
        owl:Class,
        owl:NamedIndividual ;
    rdfs:label "Network Signature Analysis" ;

    rdfs:subClassOf :NetworkTrafficAnalysis,
        [ a owl:Restriction ;
            owl:onProperty :analyzes ;
            owl:someValuesFrom :NetworkTraffic ] ;
    :d3fend-id "D3-NSA" ;

## Readme.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                2xyo
                / Readme.md
            
            
              Last active
              October 6, 2023 21:00
            
              
                Msticpy contributing
              
          
    Fork the current repository, then clone your fork
$ git clone https://github.com/YOUR-USERNAME/msticpy.git
$ cd msticpy
$ git remote add upstream https://github.com/microsoft/msticpy.git
# Create a branch for your feature/fix
$ git switch -c [branch-name]
$ python3.11 -m venv .venv --prompt "msticpy"
$ source .venv/bin/activate
$ pip install --upgrade pip wheel setuptools


## install.sh
# doc https://www.vagrantup.com/docs/other/wsl  & https://www.vagrantup.com/downloads
# https://github.com/splunk/attack_range_local/wiki/Ubuntu-18.04-Installation

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 20.04.4 LTS
Release:        20.04
Codename:       focal

## gist:ff5808bab4eeb9dd20adce9216a1ed6f
{

  "id": "extension-definition--d83fce45-ef58-4c6c-a3f4-1fbc32e98c6e",
  "type": "extension-definition",
  "spec_version": "2.1",
  "name": "Extension Foo 1",
  "description": "This schema adds two properties to a STIX object",
  "created": "2014-02-20T09:16:08.989000Z",
  "modified": "2014-02-20T09:16:08.989000Z",
  "created_by_ref": "identity--11b76a96-5d2b-45e0-8a5a-f6994f370731",

## opencti_indicator.py
# coding: utf-8

from __future__ import annotations

import json
from typing import Any, Dict, List, Optional, TYPE_CHECKING

if TYPE_CHECKING:
    from pycti import OpenCTIApiClient

## test.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                2xyo
                / test.md
            
            
              Created
              May 13, 2020 14:06
            
              
                opencti STIX support TEST
              
          
STIX Object
STIX Property
Summary Categories
API


Web UI


Python

Golang


Import
Export
Import
Export
Import
Export


Cyber-observable Objects


## 2.0.txt
$ stix2_validator xfe-collection_e6d351c8e832b560eb84be0f89079285.json --version 2.0
================================================================================
[-] Results for: xfe-collection_e6d351c8e832b560eb84be0f89079285.json
[X] STIX JSON: Invalid
    [!] Warning: bundle--a38af589-724f-4e03-98fc-99bf7564a9fe: {101} Custom property 'custom_objects' should have a type that starts with 'x_' followed by a source unique identifier (like a domain name with dots replaced by hyphen), a hyphen and then the name.
    [!] Warning: indicator--00d1e89b-636c-ad69-ad8f-46545b6758b8: {214} labels contains a value not in the indicator-label-ov vocabulary.
    [!] Warning: indicator--268ee28f-bfe9-164e-e626-ea46d24687f1: {214} labels contains a value not in the indicator-label-ov vocabulary.
    [X] bundle--a38af589-724f-4e03-98fc-99bf7564a9fe: objects[0]: {'id': 'indicator--00d1e89b-636c-ad69-ad8f-46545b6758b8', 'type': 'indicator', 'created': '2020-05-05T13:09:07.912Z', 'modified': '2020-05-05T13:09:07.912Z', 'lab

## console.txt
DOC https://gist.github.com/Chaser324/ce0505fbed06b947d962

git clone git@github.com:2xyo/client-python.git client-python-wheel
cd  client-python-wheel
git remote add upstream https://github.com/OpenCTI-Platform/client-python.git
git remote -v

# Fetch from upstream remote
git fetch upstream

## stix-capec-cut.json
{
    "objects": [
        {
            "definition_type": "statement",
            "definition": {
                "statement": "CAPEC is sponsored by US-CERT in the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. Copyright \u00a9 2007 - 2017, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation."
            },
            "type": "marking-definition",
            "id": "marking-definition--17d82bb2-eeeb-4898-bda5-3ddbcd2b799d",
            "created": "2019-10-11T00:37:51.719182Z"

## win10.log
vagrant up dc wef win10
Bringing machine 'dc' up with 'virtualbox' provider...
Bringing machine 'wef' up with 'virtualbox' provider...
Bringing machine 'win10' up with 'virtualbox' provider...
==> dc: Clearing any previously set forwarded ports...
==> dc: Fixed port collision for 22 => 2222. Now on port 2200.
==> dc: Clearing any previously set network interfaces...
==> dc: Preparing network interfaces based on configuration...
    dc: Adapter 1: nat
    dc: Adapter 2: hostonly
	:NetworkSignatureAnalysis a :NetworkTrafficAnalysis,
	owl:Class,
	owl:NamedIndividual ;
	rdfs:label "Network Signature Analysis" ;

	rdfs:subClassOf :NetworkTrafficAnalysis,
	[ a owl:Restriction ;
	owl:onProperty :analyzes ;
	owl:someValuesFrom :NetworkTraffic ] ;
	:d3fend-id "D3-NSA" ;
	# doc https://www.vagrantup.com/docs/other/wsl & https://www.vagrantup.com/downloads
	# https://github.com/splunk/attack_range_local/wiki/Ubuntu-18.04-Installation

	$ lsb_release -a
	No LSB modules are available.
	Distributor ID: Ubuntu
	Description: Ubuntu 20.04.4 LTS
	Release: 20.04
	Codename: focal
	{

	"id": "extension-definition--d83fce45-ef58-4c6c-a3f4-1fbc32e98c6e",
	"type": "extension-definition",
	"spec_version": "2.1",
	"name": "Extension Foo 1",
	"description": "This schema adds two properties to a STIX object",
	"created": "2014-02-20T09:16:08.989000Z",
	"modified": "2014-02-20T09:16:08.989000Z",
	"created_by_ref": "identity--11b76a96-5d2b-45e0-8a5a-f6994f370731",
	# coding: utf-8

	from __future__ import annotations

	import json
	from typing import Any, Dict, List, Optional, TYPE_CHECKING

	if TYPE_CHECKING:
	from pycti import OpenCTIApiClient
STIX Object	API				Web UI
	Python		Golang
	Import	Export	Import	Export	Import	Export
Cyber-observable Objects
	$ stix2_validator xfe-collection_e6d351c8e832b560eb84be0f89079285.json --version 2.0
	================================================================================
	[-] Results for: xfe-collection_e6d351c8e832b560eb84be0f89079285.json
	[X] STIX JSON: Invalid
	[!] Warning: bundle--a38af589-724f-4e03-98fc-99bf7564a9fe: {101} Custom property 'custom_objects' should have a type that starts with 'x_' followed by a source unique identifier (like a domain name with dots replaced by hyphen), a hyphen and then the name.
	[!] Warning: indicator--00d1e89b-636c-ad69-ad8f-46545b6758b8: {214} labels contains a value not in the indicator-label-ov vocabulary.
	[!] Warning: indicator--268ee28f-bfe9-164e-e626-ea46d24687f1: {214} labels contains a value not in the indicator-label-ov vocabulary.
	[X] bundle--a38af589-724f-4e03-98fc-99bf7564a9fe: objects[0]: {'id': 'indicator--00d1e89b-636c-ad69-ad8f-46545b6758b8', 'type': 'indicator', 'created': '2020-05-05T13:09:07.912Z', 'modified': '2020-05-05T13:09:07.912Z', 'lab
	DOC https://gist.github.com/Chaser324/ce0505fbed06b947d962

	git clone git@github.com:2xyo/client-python.git client-python-wheel
	cd client-python-wheel
	git remote add upstream https://github.com/OpenCTI-Platform/client-python.git
	git remote -v

	# Fetch from upstream remote
	git fetch upstream
	{
	"objects": [
	{
	"definition_type": "statement",
	"definition": {
	"statement": "CAPEC is sponsored by US-CERT in the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. Copyright \u00a9 2007 - 2017, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation."
	},
	"type": "marking-definition",
	"id": "marking-definition--17d82bb2-eeeb-4898-bda5-3ddbcd2b799d",
	"created": "2019-10-11T00:37:51.719182Z"
	vagrant up dc wef win10
	Bringing machine 'dc' up with 'virtualbox' provider...
	Bringing machine 'wef' up with 'virtualbox' provider...
	Bringing machine 'win10' up with 'virtualbox' provider...
	==> dc: Clearing any previously set forwarded ports...
	==> dc: Fixed port collision for 22 => 2222. Now on port 2200.
	==> dc: Clearing any previously set network interfaces...
	==> dc: Preparing network interfaces based on configuration...
	dc: Adapter 1: nat
	dc: Adapter 2: hostonly