Python triage_command Beispiele

Programmiersprache: Python

Namespace / Paketname: RecordedFuture

Methode / Funktion: triage_command

Beispiele auf hotexamples.com: 3

Python triage_command - 3 Beispiele gefunden. Dies sind die am besten bewerteten Python Beispiele für die RecordedFuture.triage_command, die aus Open Source-Projekten extrahiert wurden. Sie können Beispiele bewerten, um die Qualität der Beispiele zu verbessern.

Beispiel #1

Datei anzeigen

Datei: RecordedFuture_test.py Projekt: maunicmer/content

 def test_threat_assessment_empty(self) -> None:
     """Filters away empty entities"""
     context = "phishing"
     entities = {
         "ip": ["8.8.8.8", "1.1.1.1"],
         "domain": ["www.feddoctor.com"],
         "hash": [
             "fa964842244e752950fd4ed711759382a"
             "8950e13cc2794d6f73ab7eb9169e5ee"
         ],
         "url": ["https://sites.google.com/site/unblockingnotice/"],
         "vulnerability": ["CVE-2020-8813", "CVE-2011-3874"],
         "filter":
         "yes"
     }
     resp = triage_command(self.client, entities, context)
     context = resp[0].to_context()
     self.assertIsInstance(resp[0], CommandResults)
     self.assertFalse(context["Contents"]["verdict"])
     self.assertEqual("phishing", context["Contents"]["context"])
     scores = [
         e for e in context["Contents"]['Entities'] if e['score'] == 0
     ]
     self.assertEqual(len(scores), 0,
                      "Response contains entities with zero score")  # noqa

Beispiel #2

Datei anzeigen

Datei: RecordedFuture_test.py Projekt: AVAILOTECH/x2o-demisto-content

 def test_threat_assessment(self, m) -> None:
     m.register_uri('POST',
                    'https://api.recordedfuture.com/v2/soar'
                    '/triage/contexts/phishing',
                    text=json.dumps(TRIAGE))
     context = 'phishing'
     entities = {'ip': ['8.8.8.8', '1.1.1.1'],
                 'domain': ['www.feddoctor.com'],
                 'hash': ['fa964842244e752950fd4ed711759382a'
                          '8950e13cc2794d6f73ab7eb9169e5ee'],
                 'url': ['https://sites.google.com/site/unblockingnotice/'],
                 'vulnerability': ['CVE-2020-8813', 'CVE-2011-3874']}
     resp = triage_command(self.client, entities, context)
     self.assertIsInstance(resp[len(resp) - 1], CommandResults)
     self.assertFalse(resp[len(resp) - 1].to_context()['Contents']['verdict'])
     self.assertEqual('phishing', resp[len(resp) - 1].to_context()['Contents']['context'])

Beispiel #3

Datei anzeigen

 def test_threat_assessment(self) -> None:
     context = "phishing"
     entities = {
         "ip": ["8.8.8.8", "1.1.1.1"],
         "domain": ["www.feddoctor.com"],
         "hash": [
             "fa964842244e752950fd4ed711759382a"
             "8950e13cc2794d6f73ab7eb9169e5ee"
         ],
         "url": ["https://sites.google.com/site/unblockingnotice/"],
         "vulnerability": ["CVE-2020-8813", "CVE-2011-3874"],
     }
     # mocker.patch.object(DBotScore, 'get_integration_name', return_value='Recorded Future v2')
     resp = triage_command(self.client, entities, context)
     self.assertIsInstance(resp[0], CommandResults)
     self.assertFalse(resp[0].to_context()["Contents"]["verdict"])
     self.assertEqual("phishing", resp[0].to_context()["Contents"]["context"])