- Notifications
You must be signed in to change notification settings - Fork1
workingDog/taxii2lib
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
taxii2lib.js is aJavascript library thatprovides a set of classes and methods for building Javascript clients toTAXII 2.0 servers.
[1]Trusted Automated Exchange of Intelligence Information (TAXII) is an application layer protocolused to exchange cyber threat intelligence (CTI) over HTTPS.TAXII enables organizations to share CTI by defining an API that aligns with common sharing models.TAXII 2.0 Specification defines the TAXII RESTful API and its resources along with the requirements for TAXII Client and Server implementations.
The aim of this library is to assist creating TAXII 2.0 clients in Javascript, for example using frameworks such asbootstrap andreact.
taxii2lib.js usesasynchronous requeststo fetch TAXII 2.0 server resources. It has five classes, namely:
- TaxiiConnect, providing the async communications to the server.
- Server, endpoint for retrieving the discovery and api roots resources.
- Collections, endpoint for retrieving the list of collection resources.
- Collection, endpoint for retrieving a collection resource and associated objects.
- Status, endpoint for retrieving a status resource.
The following TAXII 2.0 API services are supported with these corresponding async methods:
- Server Discovery --> server.discovery()
- Get API Root Information --> server.api_roots()
- Get Collections --> collections.collections(range) and collections.get(i)
- Get a Collection --> collection.get()
- Get Objects --> collection.getObjects(filter, range)
- Add Objects --> collection.addObject(bundle)
- Get an Object --> collection.getObject(obj_id, filter)
- Get Object Manifests --> collection.getManifests(filter, range) and collection.getManifest(obj_id, filter)
- Get Status --> status.get()
Example:
// create the communication instanceconst conn = new TaxiiConnect("https://limo.anomali.com/api/v1/taxii2", "guest", "guest");// create a server endpointconst server = new Server("/taxii/", conn);// fetch the discovery info from the server server.discovery().then(discovery => console.log("----> Server discovery \n" + JSON.stringify(discovery)) );// fetch the api roots info from the serverserver.api_roots().then(apiroots => { console.log("----> Server apiroots \n" + JSON.stringify(apiroots)); apiroots.map(apiroot => console.log("----> Server apiroots apiroot \n" + JSON.stringify(apiroot)) );});See also thetestApp.js.
See theTAXII 2.0 Specification for the listof attributes of the TAXII 2.0 server responses.
Note the optionalfilter object passed to the methods collection.getObjects(filter),collection.getObject(obj_id, filter), collection.getManifests(filter) and collection.getManifest(obj_id, filter)is of the form:
{"type": "indicator,sighting"}{"id": "indicator--3600ad1b-fff1-4c98-bcc9-4de3bc2e2ffb"}{"added_after": "2016-02-01T00:00:01.000Z", "version": "2016-01-01T01:01:01.000Z"}{"type": "indicator", "version": "2016-01-01T01:01:01.000Z"}Note the optionalrange object passed to the methodscollections.collections(range), collection.getObjects(filter, range) andcollection.getManifests(filter, range) is a string of the form:
"0-100"work in progress, not fully tested.