{"id":27976461,"url":"https://github.com/misp/pytaxonomies","last_synced_at":"2025-07-11T04:04:19.376Z","repository":{"id":57456479,"uuid":"64151578","full_name":"MISP/PyTaxonomies","owner":"MISP","description":"Python module to use the MISP Taxonomies","archived":false,"fork":false,"pushed_at":"2025-06-19T20:39:21.000Z","size":506,"stargazers_count":29,"open_issues_count":2,"forks_count":6,"subscribers_count":8,"default_branch":"main","last_synced_at":"2025-06-19T21:31:09.388Z","etag":null,"topics":["information-security","machine-tags","misp-taxonomies","misp-taxonomy","pythonic","taxonomies"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MISP.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2016-07-25T16:45:13.000Z","updated_at":"2025-06-19T20:38:14.000Z","dependencies_parsed_at":"2023-10-04T22:21:23.266Z","dependency_job_id":"e8e5caaf-c514-476e-9fdd-26d2e39fe229","html_url":"https://github.com/MISP/PyTaxonomies","commit_stats":{"total_commits":144,"total_committers":5,"mean_commits":28.8,"dds":"0.11805555555555558","last_synced_commit":"b19a5bd559130235d38e74c3f9c35a77fb781bb7"},"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"purl":"pkg:github/MISP/PyTaxonomies","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MISP%2FPyTaxonomies","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MISP%2FPyTaxonomies/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MISP%2FPyTaxonomies/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MISP%2FPyTaxonomies/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MISP","download_url":"https://codeload.github.com/MISP/PyTaxonomies/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MISP%2FPyTaxonomies/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264726769,"owners_count":23654494,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["information-security","machine-tags","misp-taxonomies","misp-taxonomy","pythonic","taxonomies"],"created_at":"2025-05-08T01:27:03.062Z","updated_at":"2025-07-11T04:04:19.358Z","avatar_url":"https://github.com/MISP.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# PyTaxonomies\n\nPythonic way to work with the taxonomies defined there: https://github.com/MISP/misp-taxonomies\n\n# Usage\n\nTaxonomies and predicates are represented as immutable Python dictionaries.\n\n# Installation\n\n```\npip install pytaxonomies\n```\n\n## Basics\n\n```\nIn [1]: from pytaxonomies import Taxonomies\n\nIn [2]: taxonomies = Taxonomies()\n\nIn [3]: taxonomies.version\nOut[3]: '20160725'\n\nIn [4]: taxonomies.license\nOut[4]: 'CC-BY'\n\nIn [5]: taxonomies.description\nOut[5]: 'Manifest file of MISP taxonomies available.'\n\n# How many taxonomies have been imported\nIn [6]: len(taxonomies)\nOut[6]: 27\n\n# Names of the taxonomies\nIn [7]: list(taxonomies.keys())\nOut[7]:\n['tlp',\n 'eu-critical-sectors',\n 'dni-ism',\n 'de-vs',\n 'osint',\n 'ms-caro-malware',\n 'open-threat',\n 'circl',\n 'iep',\n 'euci',\n 'kill-chain',\n 'europol-events',\n 'veris',\n 'information-security-indicators',\n 'estimative-language',\n 'adversary',\n 'europol-incident',\n 'malware_classification',\n 'ecsirt',\n 'dhs-ciip-sectors',\n 'csirt_case_classification',\n 'nato',\n 'fr-classif',\n 'enisa',\n 'misp',\n 'admiralty-scale',\n 'ms-caro-malware-full']\n\nIn [8]: taxonomies.get('enisa').description\nOut[8]: 'The present threat taxonomy is an initial version that has been developed on the basis of available ENISA material. This material has been used as an ENISA-internal structuring aid for information collection and threat consolidation purposes. It emerged in the time period 2012-2015.'\n\nIn [9]: taxonomies.get('enisa').version\nOut[9]: 201601\n\nIn [10]: taxonomies.get('enisa').name\nOut[10]: 'enisa'\n\nIn [11]: list(taxonomies.get('enisa').keys())\nOut[11]:\n['legal',\n 'outages',\n 'eavesdropping-interception-hijacking',\n 'nefarious-activity-abuse',\n 'physical-attack',\n 'failures-malfunction',\n 'disaster',\n 'unintentional-damage']\n\nIn [12]: list(taxonomies.get('enisa').get('physical-attack'))\nOut[12]:\n['fraud-by-employees',\n 'theft',\n 'unauthorised-physical-access-or-unauthorised-entry-to-premises',\n 'theft-of-documents',\n 'information-leak-or-unauthorised-sharing',\n 'vandalism',\n 'damage-from-the-wafare',\n 'sabotage',\n 'coercion-or-extortion-or-corruption',\n 'theft-of-mobile-devices',\n 'theft-of-fixed-hardware',\n 'terrorist-attack',\n 'theft-of-backups',\n 'fraud']\n\nIn [13]: taxonomies.get('enisa').get('physical-attack').get('vandalism').value\nOut[13]: 'vandalism'\n\nIn [14]: taxonomies.get('enisa').get('physical-attack').get('vandalism').expanded\nOut[14]: 'Vandalism'\n\nIn [15]: taxonomies.get('enisa').get('physical-attack').get('vandalism').description\nOut[15]: 'Act of physically damaging IT assets.'\n\n```\n\n## Get machine tags\n\n```\nIn [1]: print(taxonomies)  # or taxonomies.all_machinetags()\n\n\u003cdisplay the machine tags for all the taxonomies\u003e\n\nIn [2]: print(taxonomies.get('circl'))  # or taxonomies.get('circl').machinetags()\ncircl:incident-classification=\"vulnerability\"\ncircl:incident-classification=\"malware\"\ncircl:incident-classification=\"fastflux\"\ncircl:incident-classification=\"system-compromise\"\ncircl:incident-classification=\"sql-injection\"\ncircl:incident-classification=\"scan\"\ncircl:incident-classification=\"XSS\"\ncircl:incident-classification=\"information-leak\"\ncircl:incident-classification=\"scam\"\ncircl:incident-classification=\"copyright-issue\"\ncircl:incident-classification=\"denial-of-service\"\ncircl:incident-classification=\"phishing\"\ncircl:incident-classification=\"spam\"\ncircl:topic=\"undefined\"\ncircl:topic=\"industry\"\ncircl:topic=\"ict\"\ncircl:topic=\"finance\"\ncircl:topic=\"services\"\ncircl:topic=\"individual\"\ncircl:topic=\"medical\"\n\n# All entries\nIn [3]: taxonomies.get('circl').amount_entries()\nOut[3]: 28\n\n# Amount predicates\nIn [3]: len(taxonomies.get('circl'))\nOut[3]: 2\n\n```\n\n## Expanded machine tag\n\n```\nIn [10]: print(taxonomies.get('circl').machinetags_expanded())\ncircl:topic=\"Individual\"\ncircl:topic=\"Services\"\ncircl:topic=\"Finance\"\ncircl:topic=\"Medical\"\ncircl:topic=\"Industry\"\ncircl:topic=\"Undefined\"\ncircl:topic=\"ICT\"\ncircl:incident-classification=\"Phishing\"\ncircl:incident-classification=\"Malware\"\ncircl:incident-classification=\"XSS\"\ncircl:incident-classification=\"Copyright issue\"\ncircl:incident-classification=\"Spam\"\ncircl:incident-classification=\"SQL Injection\"\ncircl:incident-classification=\"Scan\"\ncircl:incident-classification=\"Scam\"\ncircl:incident-classification=\"Vulnerability\"\ncircl:incident-classification=\"Denial of Service\"\ncircl:incident-classification=\"Information leak\"\ncircl:incident-classification=\"Fastflux\"\ncircl:incident-classification=\"System compromise\"\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmisp%2Fpytaxonomies","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmisp%2Fpytaxonomies","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmisp%2Fpytaxonomies/lists"}