A library for querying the STIX data for the MBC (Malware Behavior Catalog).
Project description
mbclib
A library for querying the STIX data for the MBC (Malware Behavior Catalog).
Progress
Currently being developed along with the mbscan.py tool.
About the Malware Behavior Catalog
The Malware Behavior Catalog (MBC) is a catalog of malware objectives and behaviors, created to support malware analysis-oriented use cases, such as labeling, similarity analysis, and standardized reporting. More info here.
Available functions
| Fetch Functions | Description |
|---|---|
| get_all_objectives | Fetches all objectives |
| get_all_behaviors | Fetches all behaviors |
| get_all_malwares | Fetches all malware |
| get_objective_by_id | Get an objective by id (x-mitre-tactic--0735bfd3-bffa-4476-9e3b-e33cc5c553e0) |
| get_objective_by_external_id | Get an objective by external id (x-mitre-tactic--0735bfd3-bffa-4476-9e3b-e33cc5c553e0) |
| get_objective_by_shortname | Get an objective by shortname (file-system-micro-objective) |
| get_behavior_by_id | Get a behavior by id (attack-pattern--001ca78e-188e-4725-9f43-706d0f487837) |
| get_behavior_by_external_id | Get a behavior by external id (B0030.001) |
| get_malware_by_id | Get a malware by id (malware--0c0d59b7-4ff0-4a09-9c64-558334485ece) |
| get_malware_by_external_id | Get a malware by external id (X0005) |
| Property functions | Description |
|---|---|
| get_mbc_external_id | Given an mbc object, return the mbc external id |
| get_parent_behavior | Get the related parent behavior for a given behavior |
| Relationship functions | Description |
|---|---|
| get_relationships_by | Get a list of related mbc objects, returned mbc object depends on the input |
| get_behaviors_used_by_malware | Get a list of behaviors used by a given malware |
| get_malwares_using_behavior | Get a list of malware that uses a given behavior |
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
mbclib-0.0.2.tar.gz
(2.9 kB
view details)
Built Distribution
mbclib-0.0.2-py3-none-any.whl
(15.2 kB
view details)
File details
Details for the file mbclib-0.0.2.tar.gz.
File metadata
- Download URL: mbclib-0.0.2.tar.gz
- Upload date:
- Size: 2.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.1 importlib_metadata/3.10.0 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.60.0 CPython/3.9.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 7fcf1cccbb5d6352d5b0c1f018de7e15b372d686535b21244ab8a67ec7008a21 |
|
| MD5 | c6da81686787e09301f6010592cb1005 |
|
| BLAKE2b-256 | e0d69b41a98a0e550791fc2a277b5b6f0068e39f18d6727eebb84881e511a121 |
File details
Details for the file mbclib-0.0.2-py3-none-any.whl.
File metadata
- Download URL: mbclib-0.0.2-py3-none-any.whl
- Upload date:
- Size: 15.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.1 importlib_metadata/3.10.0 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.60.0 CPython/3.9.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 3e650b29490442fc10f0f2862c808aaf33a21594e3ee7cf4cf1b9d29b2701e42 |
|
| MD5 | 17e29ff360d956bc4f28d1068721a880 |
|
| BLAKE2b-256 | 94b4d363da96b5e672e0490134d528e945bb9a38048f561054f3d2301a79f847 |
