{"id":15713762,"url":"https://github.com/synsec/crystal-stix2","last_synced_at":"2025-03-30T18:47:25.733Z","repository":{"id":73133713,"uuid":"228661344","full_name":"synsec/crystal-stix2","owner":"synsec","description":"crystal-stix2 is a STIX 2.1 implementation using Crystal language.","archived":false,"fork":false,"pushed_at":"2019-12-24T13:24:00.000Z","size":113,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-02-05T21:27:46.635Z","etag":null,"topics":["crystal","crystal-lang","crystal-language","cyber-security","stix","stix2"],"latest_commit_sha":null,"homepage":"","language":"Crystal","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/synsec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-12-17T16:51:02.000Z","updated_at":"2022-12-13T11:12:17.000Z","dependencies_parsed_at":"2023-02-28T01:15:57.459Z","dependency_job_id":null,"html_url":"https://github.com/synsec/crystal-stix2","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/synsec%2Fcrystal-stix2","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/synsec%2Fcrystal-stix2/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/synsec%2Fcrystal-stix2/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/synsec%2Fcrystal-stix2/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/synsec","download_url":"https://codeload.github.com/synsec/crystal-stix2/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246365640,"owners_count":20765546,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["crystal","crystal-lang","crystal-language","cyber-security","stix","stix2"],"created_at":"2024-10-03T21:33:18.184Z","updated_at":"2025-03-30T18:47:25.444Z","avatar_url":"https://github.com/synsec.png","language":"Crystal","funding_links":[],"categories":[],"sub_categories":[],"readme":"# crystal-stix2\n\n![](https://github.com/synsec/crystal-stix2/workflows/Crystal%20CI/badge.svg?branch=master)\n[![](https://img.shields.io/badge/cryatsl--stix2-docs-brightgreen)](https://synsec.github.io/crystal-stix2/)\n\ncrystal-stix2 is a STIX 2.1 implementation using Crystal language. This is a work in progress and API is likely to change.\n\n[Read crystal-stix2 docs](https://synsec.github.io/crystal-stix2/)\n\nStructured Threat Information Expression (STIX) is a language for expressing cyber threat and observable information. This document defines concepts that apply across all of STIX and defines the overall structure of the STIX language.\n\nSTIX 2.1 documentation is available at [http://docs.oasis-open.org/cti/stix/v2.1/stix-v2.1.html](http://docs.oasis-open.org/cti/stix/v2.1/stix-v2.1.html)\n\n## Installation\n\n1. Add the dependency to your `shard.yml`:\n\n   ```yaml\n   dependencies:\n     crystal-stix2:\n       github: synsec/crystal-stix2.git\n   ```\n\n2. Run `shards install`\n\n## Usage\n\n```crystal\nrequire \"crystal-stix2\"\n\nbundle = STIX2::Bundle.new\n\nindicator = STIX2::Indicator.new({\n      indicator_types: [\n        \"compromised\",\n        \"malicious-activity\"\n      ],\n      pattern:         \"[ ipv4-addr:value = '192.0.2.0' ]\",\n      pattern_type:    \"stix\",\n      valid_from:      \"2019-11-26T04:34:56.715000000Z\",\n    })\n    \nindicator.name = \"SSH attacker\"\nindicator.labels = [\"malicious-activity\"]\nindicator.labels \u003c\u003c [\"ip-watchlist\"]\n\nmalware = STIX2::Malware.new({\n      malware_types: [\"ransomware\"],\n      is_family:     false,\n    })\n\nrelationship = STIX2::Relationship.new({\n      relationship_type: \"indicates\",\n      source_ref:        indicator.id.to_s,\n      target_ref:        malware.id.to_s,\n    })\n\nbundle.objects \u003c\u003c [malware, indicator]\nbundle.objects \u003c\u003c relationship\n\n```\n\n\n## Features\n\nBelow is a list of features which have been implemented:\n\nSTIX Domain Objects\n- [x] Attack Pattern\n- [ ] Campaign\n- [ ] Course of Action\n- [ ] Grouping\n- [x] Identity\n- [x] Indicator\n- [x] Infrastructure\n- [ ] Intrusion Set\n- [ ] Location\n- [x] Malware\n- [ ] Malware Analysis\n- [ ] Note\n- [ ] Observed Data\n- [ ] Opinion\n- [ ] Report\n- [ ] Threat Actor\n- [ ] Tool\n- [ ] Vulnerability\n\nSTIX Relationship Objects\n- [x] Relationship\n- [ ] Sighting\n\nSTIX Cyber-observable Objects\n- [ ] Artifact Object\n- [ ] AS Object\n- [ ] Directory Object\n- [x] Domain Name Object\n- [ ] ​Email Address Object\n- [ ] ​Email Message Object\n- [ ] ​File Object\n- [x] ​IPv4 Address Object\n- [ ] ​IPv6 Address Object\n- [ ] ​MAC Address Object\n- [ ] ​Mutex Object\n- [ ] ​Network Traffic Object\n- [ ] ​Process Object\n- [ ] ​Software Object\n- [x] ​URL Object\n- [ ] ​User Account Object\n- [ ] ​Windows Registry Key Object\n- [ ] ​X.509 Certificate Object\n\nOther STIX Objects\n- [x] Bundle\n- [ ] Language Content\n- [ ] Marking Definition\n\n## Development\n\nTODO: Write development instructions here\n\n## Contributing\n\n1. Fork it (\u003chttps://github.com/synsec/crystal-stix2/fork\u003e)\n2. Create your feature branch (`git checkout -b my-new-feature`)\n3. Commit your changes (`git commit -am 'Add some feature'`)\n4. Push to the branch (`git push origin my-new-feature`)\n5. Create a new Pull Request\n\n## Contributors\n\n- [Oleksii Morozov](https://github.com/jaysneg) - creator and maintainer\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsynsec%2Fcrystal-stix2","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsynsec%2Fcrystal-stix2","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsynsec%2Fcrystal-stix2/lists"}