A python library for parsing, manipulating, and generating STIX v1.1.1 content.
| Source: | https://github.com/STIXProject/python-stix |
|---|---|
| Documentation: | http://stix.readthedocs.org |
| Information: | http://stix.mitre.org |
The python-stix library can be installed via the distutils setup.py script included at the root directory:
$ python setup.py install
The python-stix library is also hosted on PyPI and can be installed with pip:
$ pip install stix
The python-stix library depends on the presence of certain packages/libraries to function. Please refer to their installation documentation for installation instructions.
$ sudo apt-get install python-dev python-pip libxml2-dev libxslt-dev zlib1g-dev $ sudo pip install stix
Releases of the python-stix library will be given version numbers of the form
major.minor.update.revision, where major, minor, and update
correspond to the STIX version being supported. The revision number is used
to indicate new versions of the python-stix library itself.
The python-stix package layout is as follows:
stix/: root level packageexamples/: example python scripts that leverage the python-stix librarystix/utils/: utility classes and modules used internally by the python-stix librarystix/bindings/: generateDS generated xml-to-python bindings (leveraged for parsing and output of STIX XML content)stix/campaign/: APIs for STIX Campaign constructsstix/coa/: APIs for STIX Course Of Action constructsstix/core/: APIs for core STIX constructs (e.g., STIX Header, STIX Package)stix/common/: APIs for common STIX constructs (e.g., Structured Text, Information Source)stix/exploit_target/: APIs for STIX Exploit Target constructsstix/incident/: APIs for common Incident constructsstix/indicator/: APIs for STIX Indicator constructsstix/extensions/: APIs for STIX extensions (e.g., CIQ Identity)stix/threat_actor/: APIs for STIX Threat Actor constructsstix/ttp/: APIs for STIX TTP constructs
Please refer to examples for concrete examples of how to interact with the python-stix library