CybOX Samples

Note: All samples are stored in the CybOX Schemas GitHub repository, and will redirect there.

Sample Description
Artifact Instance A basic example of the Artifact Object that shows how it may be used in an instance to capture network traffic.
Artifact Pattern A basic example of the Artifact Object that shows how it may be used in a pattern to search for a particular byte string in captured network traffic.
Create File Action A basic example that demonstrates how a Create File action may be captured as part of an Event.
Domain Instance A basic example of the Domain Object that shows how it may be used in an instance to capture a domain name.
Domain Pattern A basic example of the Domain Object that shows how it may be used in a pattern to search for a domain name that starts with a particular string.
Email Instance A basic example of the Email Object that shows how it may be used in an instance to capture the properties of a particular email.
Email Pattern A basic example of the Email Object that shows how it may be used in a pattern to search for an email with particular properties.
File Instance A basic example of the File Object that shows how it may be used in an instance to capture the properties of a particular email.
File Pattern A basic example of the File Object that shows how it may be used in a pattern to search for a file with particular properties.
File Pattern Regex A basic example of the File Object that shows how it may be used in a pattern to search for a file with particular properties using a regular expression.
IPv4 Address Instance A basic example of the Address Object that shows how it may be used in an instance to capture an IPv4 address.
IPv4 Address Pattern A basic example of the Address Object that shows how it may be used in a pattern to search for a particular IPv4 address using a regular expression.
IPv6 Address Instance A basic example of the Address Object that shows how it may be used in an instance to capture an IPv6 address.
IPv6 Address Pattern A basic example of the Address Object that shows how it may be used in a pattern to search for a particular IPv6 address using a regular expression.
Iran Oil A collection of CybOX Observables that were observed as part of the widespread “Iran-Oil” (among other names) campaign in 2012.
Network Connection Instance A basic example of the Network Connection Object that shows how it may be used in an instance to capture a network connection.
Network Connection Pattern A basic example of the Network Connection Object that shows how it may be used in a pattern to search for a particular network connection.
Network Connection HTTP Instance A basic example of the Network Connection Object that shows how it may be used in an instance to capture a network connection with associated HTTP traffic.
Network Connection HTTP Pattern A basic example of the Network Connection Object that shows how it may be used in a pattern to search for a network connection with particular HTTP traffic.
PDF File Instance A basic example of the PDF File Object that shows how it may be used in an instance to capture the properties of a particular PDF file.
PDF File Pattern A basic example of the PDF File Object that shows how it may be used in a pattern to search for a PDF file with particular properties.
URL Instance A basic example of the URI Object that shows how it may be used in an instance to capture a URL.
URL Pattern A basic example of the URI Object that shows how it may be used in a pattern to search for a particular URL.
X509 Certificate Instance A basic example of the X509 Certificate Object that shows how it may be used in an instance to capture the properties of a particular x509 certificate.
X509 Certificate Pattern A basic example of the X509 Certificate Object that shows how it may be used in a pattern to search for an x509 certificate with particular properties.