Stuff to automate stix documents from IoCs
adding new versions
adding a script to specify a single campaign related hash
added logics so to know which bundle shall be created depending on the options chosen


browse  log 



You can also use your local clone with git send-email.

#STIX scripts

Since I'm planning on creating reports from my personal Linux threat projects, I'm already automating some report-formatting for technical people in STIX, which is very helpful for ingesting in general systems such as MISP.

#How to

It's recommended to use a virtual environment. Evrything works on python3.

mkdir my_virtual_space
cd my_virtual_space
source bin/activate 

Then install all the requirements:

git clone https://git.sr.ht/~alienagain/Stix_stuff
pip3 intall -r requirements.txt

Then try out the hashes:

python3 from_csv/hashes.py from_csv/example_hashes.csv

or the domains:

python3 from_csv/domains.py from_csv/example_domains.csv

The files with the relationships of the example (XMRIG) will be created. Follow the docs to learn more about adding new malware and understanding the logics: