How to run STIX2 on Ubuntu 21.04?

user1399099

1/7/23, 1:11 AM

I am new to Linux and Ubuntu. I am slowly familiarising myself with simple commands and functioning primarily on a cut and paste as per instructions.I have managed to generate json files using the mvt-ios instructions. I now have to use STIX2 for analysis of files. Any suggestions on how to setup and run STIX2 on Ubuntu 21.04. Many thanks

Following is a basic usage of check-backup:

mvt-ios check-backup --output /path/to/output/ /path/to/backup/udid/

This command will create a few JSON files containing the results from the extraction. If you do not specify a --output option, mvt-ios will just process the data without storing results on disk.

Through the --iocs argument you can specify a STIX2 file defining a list of malicious indicators to check against the records extracted from the backup by mvt. Any matches will be highlighted in the terminal output as well as saved in the output folder using a "_detected" suffix to the JSON file name.

https://oasis-open.github.io/cti-documentation/

0 + 3

21.04

N0rbert

1/7/23, 4:17 AM

What do you mean by STIX2? https://github.com/oasis-open/cti-python-stix2 ?

user1399099

1/7/23, 5:56 AM

https://oasis-open.github.io/cti-documentation/stix/intro

Knud Larsen

1/7/23, 11:16 AM

Getting Started with STIX 2.1 https://oasis-open.github.io/cti-documentation/stix/gettingstarted.html