or run

npx @tessl/cli init
Log in

Version

Tile

Overview

Evals

Files

Files

docs

attribute-management.mdcore-api.mddata-models.mdevent-management.mdindex.mdobject-generators.mdobject-management.mdsearch-query.mdserver-sync.mdtag-taxonomy.mduser-org-management.md

object-generators.mddocs/

0
# Object Generators & Tools
1


2
Specialized object creation tools for generating structured threat intelligence objects from various data sources including files, network data, and external analysis reports.
3


4
## Capabilities
5


6
### File Analysis Objects
7


8
Generate objects from file analysis and malware samples.
9


10
```python { .api }
11
class FileObject(AbstractMISPObjectGenerator):
12
    """Generate file objects from file data."""
13
    
14
    def __init__(self, filepath: str = None, **kwargs) -> None: ...
15
    
16
    def generate_attributes(self) -> None: ...
17


18
class PEObject(AbstractMISPObjectGenerator):
19
    """Generate PE file analysis objects."""
20
    
21
    def __init__(self, filepath: str, **kwargs) -> None: ...
22


23
class ELFObject(AbstractMISPObjectGenerator):  
24
    """Generate ELF file analysis objects."""
25
    
26
    def __init__(self, filepath: str, **kwargs) -> None: ...
27


28
class MachOObject(AbstractMISPObjectGenerator):
29
    """Generate Mach-O file analysis objects."""
30
    
31
    def __init__(self, filepath: str, **kwargs) -> None: ...
32
```
33


34
### Network Analysis Objects
35


36
Generate objects from network traffic and communications data.
37


38
```python { .api }
39
class URLObject(AbstractMISPObjectGenerator):
40
    """Generate URL analysis objects."""
41
    
42
    def __init__(self, url: str, **kwargs) -> None: ...
43


44
class DomainIPObject(AbstractMISPObjectGenerator):
45
    """Generate domain-IP relationship objects."""
46
    
47
    def __init__(self, domain: str, **kwargs) -> None: ...
48


49
class EmailObject(AbstractMISPObjectGenerator):
50
    """Generate email analysis objects."""
51
    
52
    def __init__(self, filepath: str = None, **kwargs) -> None: ...
53
```
54


55
### External Integration Objects
56


57
Generate objects from external threat intelligence sources.
58


59
```python { .api }
60
class VTReportObject(AbstractMISPObjectGenerator):
61
    """Generate VirusTotal report objects."""
62
    
63
    def __init__(self, apikey: str, indicator: str, **kwargs) -> None: ...
64


65
def make_binary_objects(filepath: str, **kwargs) -> List['MISPObject']:
66
    """Create multiple binary analysis objects from file."""
67
```
68


69
## Usage Examples
70


71
### File Object Generation
72


73
```python
74
from pymisp.tools import FileObject, PEObject
75


76
# Generate basic file object
77
file_obj = FileObject('malware.exe')
78
misp_obj = file_obj.get_object()
79


80
# Generate PE-specific object
81
pe_obj = PEObject('malware.exe')
82
pe_misp_obj = pe_obj.get_object()
83


84
# Add to event
85
misp.add_object(event_id, misp_obj)
86
misp.add_object(event_id, pe_misp_obj)
87
```
88


89
### Network Object Generation
90


91
```python
92
from pymisp.tools import URLObject, DomainIPObject
93


94
# Create URL object
95
url_obj = URLObject('http://malware.example.com/payload')
96
misp.add_object(event_id, url_obj.get_object())
97


98
# Create domain-IP object  
99
domain_obj = DomainIPObject('malware.example.com')
100
misp.add_object(event_id, domain_obj.get_object())
101
```