Posted on Sunday July 27, 2008 by Bellanov Apilli
I have now completed a program that extracts the attribute data from the policies, compiles them into lists, and writes the data to a text file that is compatible with FireEye. The program, thus far, works correctly for the simplest samples (codeA - codeD as well as pluto). JeeHyun has informed me that some of the policies contain complex names (such as those with numerous occurrences of the "true" attribute) and I am now trying to figure out a way to incorporate these attributes. I have some ideas and will discuss them with JeeHyun before attempting to implement them.