rusty_falcon 0.7.1

Rust bindings for CrowdStrike Falcon API
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111

/*
 * CrowdStrike API Specification
 *
 * Use this API specification as a reference for the API endpoints you can use to interact with your Falcon environment. These endpoints support authentication via OAuth2 and interact with detections and network containment. For detailed usage guides and examples, see our [documentation inside the Falcon console](https://falcon.crowdstrike.com/support/documentation).     To use the APIs described below, combine the base URL with the path shown for each API endpoint. For commercial cloud customers, your base URL is `https://api.crowdstrike.com`.    Each API endpoint requires authorization via an OAuth2 token. Your first API request should retrieve an OAuth2 token using the `oauth2/token` endpoint, such as `https://api.crowdstrike.com/oauth2/token`. For subsequent requests, include the OAuth2 token in an HTTP authorization header. Tokens expire after 30 minutes, after which you should make a new token request to continue making API requests.
 *
 * The version of the OpenAPI document: rolling
 *
 * Generated by: https://openapi-generator.tech
 */

#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
pub struct DomainKillChain {
    /// Free form text describing actions and objectives of the actor
    #[serde(
        rename = "actions_and_objectives",
        skip_serializing_if = "Option::is_none"
    )]
    pub actions_and_objectives: Option<String>,
    /// Free form text describing methods and tools used to communicate with and control an infected machine or network
    #[serde(
        rename = "command_and_control",
        skip_serializing_if = "Option::is_none"
    )]
    pub command_and_control: Option<String>,
    /// Free form text describing malware delivery by actor
    #[serde(rename = "delivery", skip_serializing_if = "Option::is_none")]
    pub delivery: Option<String>,
    /// Comma separated values of vulnerabilities by CVE codes that are exploited by actor
    #[serde(rename = "exploitation", skip_serializing_if = "Option::is_none")]
    pub exploitation: Option<String>,
    /// Free form text describing actor's malware installation on the asset
    #[serde(rename = "installation", skip_serializing_if = "Option::is_none")]
    pub installation: Option<String>,
    /// Legacy field, not used and empty
    #[serde(rename = "objectives", skip_serializing_if = "Option::is_none")]
    pub objectives: Option<String>,
    /// Free form text describing how targets are researched, identified and selected
    #[serde(rename = "reconnaissance", skip_serializing_if = "Option::is_none")]
    pub reconnaissance: Option<String>,
    /// Rich free form text describing actions and objectives of the actor
    #[serde(
        rename = "rich_text_actions_and_objectives",
        skip_serializing_if = "Option::is_none"
    )]
    pub rich_text_actions_and_objectives: Option<String>,
    /// Rich free form text describing methods and tools used to communicate with and control an infected machine or network
    #[serde(
        rename = "rich_text_command_and_control",
        skip_serializing_if = "Option::is_none"
    )]
    pub rich_text_command_and_control: Option<String>,
    /// Rich free form text describing malware delivery by actor
    #[serde(rename = "rich_text_delivery", skip_serializing_if = "Option::is_none")]
    pub rich_text_delivery: Option<String>,
    /// Rich text comma separated values of vulnerabilities by CVE codes that are exploited by actor
    #[serde(
        rename = "rich_text_exploitation",
        skip_serializing_if = "Option::is_none"
    )]
    pub rich_text_exploitation: Option<String>,
    /// Rich free form text describing actor's malware installation on the asset
    #[serde(
        rename = "rich_text_installation",
        skip_serializing_if = "Option::is_none"
    )]
    pub rich_text_installation: Option<String>,
    /// Legacy field, not used and empty
    #[serde(
        rename = "rich_text_objectives",
        skip_serializing_if = "Option::is_none"
    )]
    pub rich_text_objectives: Option<String>,
    /// Rich free form text describing how targets are researched, identified and selected
    #[serde(
        rename = "rich_text_reconnaissance",
        skip_serializing_if = "Option::is_none"
    )]
    pub rich_text_reconnaissance: Option<String>,
    /// Rich free form text describing weaponization of the threat/malware (couples exploit with backdoor into deliverable payload)
    #[serde(
        rename = "rich_text_weaponization",
        skip_serializing_if = "Option::is_none"
    )]
    pub rich_text_weaponization: Option<String>,
    /// Free form text describing weaponization of the threat/malware (couples exploit with backdoor into deliverable payload)
    #[serde(rename = "weaponization", skip_serializing_if = "Option::is_none")]
    pub weaponization: Option<String>,
}

impl DomainKillChain {
    pub fn new() -> DomainKillChain {
        DomainKillChain {
            actions_and_objectives: None,
            command_and_control: None,
            delivery: None,
            exploitation: None,
            installation: None,
            objectives: None,
            reconnaissance: None,
            rich_text_actions_and_objectives: None,
            rich_text_command_and_control: None,
            rich_text_delivery: None,
            rich_text_exploitation: None,
            rich_text_installation: None,
            rich_text_objectives: None,
            rich_text_reconnaissance: None,
            rich_text_weaponization: None,
            weaponization: None,
        }
    }
}