cti-pattern-validator

cti-pattern-validator copied to clipboard

Prevent codecov workflow errors

2

clenk

Feat rebuild ANTLR bindings

2

- Update antlr generated content to use antlr 4.13.1 - Remove six ( since its no longer required ) - Updated build / test actions to use python 3.11 and...

vEpiphyte

Be flexible with antlr version?

8

I am looking to package this for Debian, and we need to depend on a given package for Python dependencies. This means that we can't always ensure a specific version,...

satta

Upgrade default pattern to 2.1

2

The change permits the usage of importing the v2.1 `Pattern` class from `stix2patterns.pattern` by default instead of v2.0. With this update, this: ``` >>> from stix2patterns.pattern import Pattern >>> p...

febrezo

No SCO property value but "hashes" is validated

1

Here is an example with `stix2-patterns==1.3.2`: ``` $ validate-patterns Enter a pattern to validate: [file:hashes.MD5 = '3858f62230ac3c915f300c664312c63f'] PASS: [file:hashes.MD5 = '3858f62230ac3c915f300c664312c63f'] Enter a pattern to validate: [file:hashes.MD5 = '3858f62230ac3c915f300c664312c63'] FAIL:...

saaj

Errors parsing content from ` cti-stix-generator`

7

I am trying to generate `Indicator` objects from the generator, and it generates the indicators successfully however whenever I try to parse their patterns with the `stix2patterns` on certain indicators...

dganev-cb

```[file:name = 'foo' AND domain-name:value = 'example.com']``` passes validation but should not. All Comparison Expressions connected by `AND` must match against the same SCO, which by definition means they must...

clenk

maximum recursion depth exceeded while calling a Python object

1

if pattern string contains more then 500 items it fails with RecursionError if hasattr(listener, "enterObservationExpressionOr"): RecursionError: maximum recursion depth exceeded while calling a Python object

jaysneg

[IOC_20200309_092215_in.json.txt](https://github.com/oasis-open/cti-pattern-validator/files/4305751/IOC_20200309_092215_in.json.txt) I tried to validate the following stix pattern: `[file:hashes.MD5 IN ('3dc0fcf6d5de198741dfba217dee2a9b','3dc0fcf6d5de198741dfba217dee2a9b')]` and received attern failed to validate: FAIL: '(3dc0fcf6d5de198741dfba217dee2a9b,3dc0fcf6d5de198741dfba217dee2a9b)' is not a valid MD5 hash. But each hash should...

danneberg

How to parse a pattern?

2

I want to parse a STIX pattern to get the key-value pairs and "AND OR" logic. Would you give some suggestions to parse a STIX pattern ? Which APIs to...

ybdesire