Lycan is an implementation of the OpenC2 OASIS standard for command and control messaging. The current implementation is based on CSD04.
This repository contains code developed against an earlier version of the OpenC2 language than that presented by OASIS for public review in October / November 2018 and is NOT CONSISTENT WITH THE VERSION UNDERGOING PUBLIC REVIEW. Any implementer of OpenC2 using this code should be aware that it will require updating to align with the current OpenC2 Language Specification.
import uuid, json, iptc import lycan.datamodels as openc2 from lycan.message import OpenC2Command, OpenC2Response, OpenC2Target from lycan.serializations import OpenC2MessageEncoder, OpenC2MessageDecoder # encode cmd = OpenC2Command(action=openc2.DENY, target=OpenC2Target(openc2.IP_ADDR, '18.104.22.168'), id=uuid.uuid4(), args=OpenC2Args(response_requested='complete')) msg = json.dumps(cmd, cls=OpenC2MessageEncoder) # decode cmd = json.loads(msg, cls=OpenC2MessageDecoder) if cmd.action == openc2.DENY and cmd.target == openc2.IP_ADDR: rule = iptc.Rule() rule.create_match(cmd.target.ip_addr) rule.create_target("DROP") if cmd.args.response_requested == 'complete': resp = OpenC2Response(uuid.uuid4(), cmd.id, 200) msg = json.dumps(resp, cls=OpenC2MessageEncoder)
This GitHub public repository ( https://github.com/oasis-open/openc2-lycan-python ) was created at the request of the OASIS Open Command and Control (OpenC2) TC as an OASIS TC Open Repository to support development of open source resources related to Technical Committee work.
While this TC Open Repository remains associated with the sponsor TC, its development priorities, leadership, intellectual property terms, participation rules, and other matters of governance are separate and distinct from the OASIS TC Process and related policies.
All contributions made to this TC Open Repository are subject to open source license terms expressed in the MIT License. That license was selected as the declared "Applicable License" when the TC Open Repository was created.
As documented in "Public Participation Invited", contributions to this OASIS TC Open Repository are invited from all parties, whether affiliated with OASIS or not. Participants must have a GitHub account, but no fees or OASIS membership obligations are required. Participation is expected to be consistent with the OASIS TC Open Repository Guidelines and Procedures, the open source LICENSE designated for this particular repository, and the requirement for an Individual Contributor License Agreement that governs intellectual property.
The purpose of this OASIS TC Open repository is to develop and maintain a python implementation of OpenC2, and to provide a python codebase to facilitate other prototype efforts. The python library is designed to support transformations between data-interchange formats (such as JSON) and python language objects.
The OASIS OpenC2 Technical Committee was chartered to address matters as they pertain to command and control of cyber defense technologies, and to maintain a library of prototype implementations.
Repository Maintainers may include here any clarifications — any additional sections, subsections, and paragraphs that the Maintainer(s) wish to add as descriptive text, reflecting (sub-) project status, milestones, releases, modifications to statement of purpose, etc. The project Maintainers will create and maintain this content on behalf of the participants.
TC Open Repository Maintainers are responsible for oversight of this project's community development activities, including evaluation of GitHub pull requests and preserving open source principles of openness and fairness. Maintainers are recognized and trusted experts who serve to implement community goals and consensus design preferences.
Initially, the associated TC members have designated one or more persons to serve as Maintainer(s); subsequently, participating community members may select additional or substitute Maintainers, per consensus agreements.
Questions or comments about this TC Open Repository's activities should be composed as GitHub issues or comments. If use of an issue/comment is not possible or appropriate, questions may be directed by email to the Maintainer(s) listed above. Please send general questions about TC Open Repository participation to OASIS Staff at firstname.lastname@example.org and any specific CLA-related questions to email@example.com.