catch invalid cape reports

idaholab / cape2stix

This software allows for the conversion, extraction, and transformation of malware behavior data from "Malware Configuration And Payload Extraction" (CAPEv2) sandbox reports, to Structured Threat Information eXpression (STIX). This allows for further analysis to be performed, sharing of threat data, and transit to a graph database.

BSD 3-Clause "New" or "Revised" License

6 stars 2 forks source link

catch invalid cape reports #15

Closed wrbrant closed 1 year ago

wrbrant commented 1 year ago

ERROR:root:'target' Traceback (most recent call last):
cape2stix/cape2stix/scripts/convert.py", line 188, in convert
if self.content["target"]["category"] == "file": # NOTE: i don't have enough reports to test if this will ever not be true;this is for safety -wb


KeyError: 'target'                                                                                                      
CRITICAL:root:File failed to convert:

wrbrant commented 1 year ago

duplicate of first task in issue #18 , closed by commit 0723d8b7c9b5f1017efe8ba7814dc53e31fc63b9