Python CommonAnalysisOMS.analyze_file Beispiele

Programmiersprache: Python

Namespace / Paketname: common_analysis_oms.oms

Klasse / Typ: CommonAnalysisOMS

Methode / Funktion: analyze_file

Beispiele auf hotexamples.com: 2

Python CommonAnalysisOMS.analyze_file - 2 Beispiele gefunden. Dies sind die am besten bewerteten Python Beispiele für die common_analysis_oms.oms.CommonAnalysisOMS.analyze_file, die aus Open Source-Projekten extrahiert wurden. Sie können Beispiele bewerten, um die Qualität der Beispiele zu verbessern.

Häufig verwendete Methoden

Anzeigen Verbergen

CommonAnalysisOMS(2)

analyze_file(2)

find_malware_name(1)

get_av_scan_result(1)

scan_file(1)

Beispiel #1

Datei anzeigen

class Test(unittest.TestCase):

    def setUp(self):
        self.oms = CommonAnalysisOMS()

    def tearDown(self):
        pass

    def test_plugin_init(self):
        self.assertGreater(len(self.oms.av_list), 0, "no scanners installed, please install at least clamav")

    def test_get_av_scan_result(self):
        self.assertEqual(self.oms.get_av_scan_result({"command": "echo $filepath"}, "test"), "test\n")

    def test_find_malware_name(self):
        self.assertEqual(self.oms.find_malware_name("test string", {"re_malware_name": "str([\w]+)"}), "ing")

    def test_scan_benign(self):
        result = self.oms.scan_file(BENIGN_FILE_PATH)
        self.assertEqual(result["positives"], 0)
        self.assertTrue(True not in [result["scans"][av]["detected"] for av in result["scans"]])

    def test_scan_malicious(self):
        result = self.oms.scan_file(MALICIOUS_FILE_PATH)
        self.assertEqual(result["positives"], result['number_of_scanners'])
        self.assertTrue(False not in [result["scans"][av]["detected"] for av in result["scans"]])

    def test_analyze_file(self):
        result = self.oms.analyze_file(MALICIOUS_FILE_PATH)
        self.assertGreater(result['positives'], 0, "should be at least 1")
        self.assertIn('scans', result, "scans not in result")
        self.assertIn('plugin_version', result, "plugin_version not in results")
        self.assertAlmostEqual(result['analysis_date'], time(), msg="Time not correct. This test might fail, if you installed many AVs", delta=120)

Beispiel #2

Datei anzeigen

class AnalysisPlugin(AnalysisBasePlugin):
    '''
    This Plugin creates several hashes of the file
    '''
    NAME = 'malware_scanner'
    DEPENDENCIES = []
    MIME_BLACKLIST = ['filesystem']
    VERSION = '0.3.1'
    DESCRIPTION = 'scan for known malware'

    def __init__(self, plugin_administrator, config=None, recursive=True):
        '''
        recursive flag: If True recursively analyze included files
        default flags should be edited above. Otherwise the scheduler cannot overwrite them.
        '''
        self.config = config

        # additional init stuff can go here
        self.oms = CommonAnalysisOMS()

        super().__init__(plugin_administrator,
                         config=config,
                         recursive=recursive,
                         plugin_path=__file__)

    def process_object(self, file_object):
        '''
        This function must be implemented by the plugin.
        Analysis result must be a dict stored in file_object.processed_analysis[self.NAME]
        If you want to propagate results to parent objects store a list of strings 'summary' entry of your result dict
        '''
        result = self.oms.analyze_file(file_object.file_path)
        logging.debug(result)
        logging.debug(type(result))
        file_object.processed_analysis[self.NAME] = result
        file_object.processed_analysis[
            self.NAME]['summary'] = self._get_summary(
                file_object.processed_analysis[self.NAME])
        return file_object

    @staticmethod
    def _get_summary(results):
        summary = []
        if results['positives'] > 0:
            summary.append('Malware Found')
        return summary