def test_verify_by_crt_wrong_data(self, client_with_db):
client = client_with_db[0]
endpoint = '/verify/by_crt'
data = {'temp': 'example.com'}
headers = {'Content-Type': "application/json"}
info("POST {} with URL: {}".format(endpoint, 'example.com'))
response = client.post(BASE_PATH + endpoint,
data=json.dumps(data),
headers=headers)
j = data_to_json(response.data)
assert_equal(response.status_code, 400, "Check status code")
field = "detail"
expected_value = "'url' is a required property"
assert_dict_contains_key(
j, field,
"Check if dict contains given key - \"{}\"".format(field))
assert_equal(
j[field], expected_value,
"Check if item \"{}\" is equal to \"{}\"".format(
field, expected_value))
field = "title"
expected_value = "Bad Request"
assert_dict_contains_key(
j, field,
"Check if dict contains given key - \"{}\"".format(field))
assert_equal(
j[field], expected_value,
"Check if item \"{}\" is equal to \"{}\"".format(
field, expected_value))
def test_details_ip_wrong_ip(self, client_with_db):
client = client_with_db[0]
endpoint = '/details/ip'
data = {'ip': '721.0.0.0'}
headers = {'Content-Type': "application/json"}
info("POST {}".format(endpoint))
response = client.post(BASE_PATH + endpoint,
data=json.dumps(data),
headers=headers)
j = data_to_json(response.data)
assert_equal(response.status_code, 400, "Check status code")
field = "detail"
expected_value = "Wrong IP"
assert_dict_contains_key(
j, field,
"Check if dict contains given key - \"{}\"".format(field))
assert_equal(
j[field], expected_value,
"Check if item \"{}\" is equal to \"{}\"".format(
field, expected_value))
field = "title"
expected_value = "Bad Request"
assert_dict_contains_key(
j, field,
"Check if dict contains given key - \"{}\"".format(field))
assert_equal(
j[field], expected_value,
"Check if item \"{}\" is equal to \"{}\"".format(
field, expected_value))
def test_details_levenstein(self, client_with_db):
client = client_with_db[0]
endpoint = '/details/levenstein'
data = {'url': 'gooogle.info'}
headers = {'Content-Type': "application/json"}
info("POST {} with URL: {}".format(endpoint, 'gooogle.info'))
response = client.post(BASE_PATH + endpoint,
data=json.dumps(data),
headers=headers)
assert_equal(response.status_code, 200, "Check status code")
j = data_to_json(response.data)
field = "details"
assert_dict_contains_key(
j, field,
"Check if dict contains given key - \"{}\"".format(field))
field = "matched_keyword"
expected_value = 'google'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
assert_equal(
j['details'][field], expected_value,
"Check if item \"{}\" is equal to \"{}\"".format(
field, expected_value))
field = "levenstein_distance"
expected_value = 1
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
assert_equal(
j['details'][field], expected_value,
"Check if item \"{}\" is equal to \"{}\"".format(
field, expected_value))
def test_details_ip(self, client_with_db):
client = client_with_db[0]
endpoint = '/details/ip'
ip = '127.0.0.1'
data = {'ip': '{}'.format(ip)}
headers = {'Content-Type': "application/json"}
info("POST {}".format(endpoint))
response = client.post(BASE_PATH + endpoint,
data=json.dumps(data),
headers=headers)
assert_equal(response.status_code, 200, "Check status code")
j = data_to_json(response.data)
field = "details"
assert_dict_contains_key(
j, field,
"Check if dict contains given key - \"{}\"".format(field))
field = "ip"
expected_value = ip
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
assert_equal(
j['details'][field], expected_value,
"Check if item \"{}\" is equal to \"{}\"".format(
field, expected_value))
field = "status"
expected_value = "reserved_range"
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
assert_equal(
j['details'][field], expected_value,
"Check if item \"{}\" is equal to \"{}\"".format(
field, expected_value))
def test_verify_by_urlscan_malicious(self, client_with_db):
client = client_with_db[0]
endpoint = '/verify/by_urlscan'
malicious_url = get_test_phishing_domain()
data = {'url': '{}'.format(malicious_url)}
headers = {'Content-Type': "application/json"}
info("POST {}".format(endpoint))
response = client.post(BASE_PATH + endpoint,
data=json.dumps(data),
headers=headers)
assert_equal(response.status_code, 200, "Check status code")
if response.status_code == 202:
pytest.skip(
"urlscan.io returned status 202 - url \"{}\" is invalid".
format(malicious_url))
j = data_to_json(response.data)
field = "status"
expected_value = "malicious"
assert_dict_contains_key(
j, field,
"Check if dict contains given key - \"{}\"".format(field))
if j[field] == "good":
pytest.skip(
"urlscan.io returned malicious domain as good - url \"{}\" is invalid"
.format(malicious_url))
assert_equal(
j[field], expected_value,
"Check if item \"{}\" is equal to \"{}\"".format(
field, expected_value))
def test_add_keyword_too_short(self, client_with_db):
client = client_with_db[0]
db = client_with_db[1]
endpoint = '/server/create_db'
headers = {
"X-API-Key": AUTH_API_KEY
}
info("GET {}".format(endpoint))
response = client.get(BASE_PATH + endpoint, headers=headers)
assert_equal(response.status_code, 200, "Check status code")
endpoint = '/server/add_keyword'
headers['Content-Type'] = 'application/x-www-form-urlencoded'
data = {
'keyword': 'key'
}
info("POST {}".format(endpoint))
response = client.post(BASE_PATH + endpoint, headers=headers, data=data)
j = data_to_json(response.data)
assert_equal(response.status_code, 400, "Check status code")
field = "detail"
expected_value = "Keyword too short - min 4 signs"
assert_dict_contains_key(j, field, "Check if dict contains given key - \"{}\"".format(field))
assert_equal(j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format(field, expected_value))
field = "status"
expected_value = 400
assert_dict_contains_key(j, field, "Check if dict contains given key - \"{}\"".format(field))
assert_equal(j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format(field, expected_value))
field = "title"
expected_value = "Bad Request"
assert_dict_contains_key(j, field, "Check if dict contains given key - \"{}\"".format(field))
assert_equal(j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format(field, expected_value))
def test_details_safebrowsing_malicious(self, client_with_db):
client = client_with_db[0]
endpoint = '/details/safebrowsing'
url = 'http://malware.testing.google.test/testing/malware/'
info("URL sent - {}".format(url))
data = {'url': "{}".format(url)}
headers = {'Content-Type': "application/json"}
info("POST {}".format(endpoint))
response = client.post(BASE_PATH + endpoint,
data=json.dumps(data),
headers=headers)
assert_equal(response.status_code, 200, "Check status code")
j = data_to_json(response.data)
field = "details"
assert_dict_contains_key(
j, field,
"Check if dict contains given key - \"{}\"".format(field))
field = "url"
expected_value = url
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
assert_equal(
j['details'][field], expected_value,
"Check if item \"{}\" is equal to \"{}\"".format(
field, expected_value))
field = 'malicious'
expected_value = True
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
assert_equal(
j['details'][field], expected_value,
"Check if item \"{}\" is equal to \"{}\"".format(
field, expected_value))
def test_database_creation(self, client_with_db):
client = client_with_db[0]
endpoint = '/server/create_db'
headers = {
"X-API-Key": AUTH_API_KEY
}
info("GET {}".format(endpoint))
response = client.get(BASE_PATH + endpoint, headers=headers)
assert_equal(response.status_code, 200, "Check status code")
j = data_to_json(response.data)
field = "message"
expected_value = "Database created."
assert_dict_contains_key(j, field, "Check if dict contains given key - \"{}\"".format(field))
assert_equal(j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format(field, expected_value))
def test_details_crtsh(self, client_with_db):
client = client_with_db[0]
endpoint = '/details/crtsh'
data = {'url': 'example.com'}
headers = {'Content-Type': "application/json"}
info("POST {}".format(endpoint))
response = client.post(BASE_PATH + endpoint,
data=json.dumps(data),
headers=headers)
assert_equal(response.status_code, 200, "Check status code")
j = data_to_json(response.data)
field = "details"
assert_dict_contains_key(
j, field,
"Check if dict contains given key - \"{}\"".format(field))
field = "caid"
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = "registered_at"
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = "subject"
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = "org_name"
assert_dict_contains_key(
j['details']['subject'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = "country"
assert_dict_contains_key(
j['details']['subject'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = "issuer"
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = "common_name"
assert_dict_contains_key(
j['details']['issuer'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = "multi_dns_amount"
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
def test_verify_by_crt(self, client_with_db):
client = client_with_db[0]
endpoint = '/verify/by_crt'
data = {
'url': 'google.com'
}
headers = {
'Content-Type': "application/json"
}
info("POST {}".format(endpoint))
response = client.post(BASE_PATH + endpoint, data=json.dumps(data), headers=headers)
assert_equal(response.status_code, 200, "Check status code")
j = data_to_json(response.data)
field = "status"
expected_value = "good"
assert_dict_contains_key(j, field, "Check if dict contains given key - \"{}\"".format(field))
assert_equal(j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format(field, expected_value))
def test_details_ip_by_url_wrong_url(self, client_with_db):
client = client_with_db[0]
endpoint = '/details/ip_by_url'
data = {
'url': 'hppt://no_url'
}
headers = {
'Content-Type': "application/json"
}
info("POST {} with URL: {}".format(endpoint, 'hppt://no_url'))
response = client.post(BASE_PATH + endpoint, data=json.dumps(data), headers=headers)
j = data_to_json(response.data)
assert_equal(response.status_code, 202, "Check status code")
field = "message"
expected_value = "Correct request but it returned no data"
assert_dict_contains_key(j, field, "Check if dict contains given key - \"{}\"".format(field))
assert_equal(j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format(field, expected_value))
def test_verify_by_sfbrowsing_malicious(self, client_with_db):
client = client_with_db[0]
endpoint = '/verify/by_sfbrowsing'
data = {'url': 'http://malware.testing.google.test/testing/malware/'}
headers = {'Content-Type': "application/json"}
info("POST {} with URL: {}".format(
endpoint, 'http://malware.testing.google.test/testing/malware/'))
response = client.post(BASE_PATH + endpoint,
data=json.dumps(data),
headers=headers)
assert_equal(response.status_code, 200, "Check status code")
j = data_to_json(response.data)
field = "status"
expected_value = "malicious"
assert_dict_contains_key(
j, field,
"Check if dict contains given key - \"{}\"".format(field))
assert_equal(
j[field], expected_value,
"Check if item \"{}\" is equal to \"{}\"".format(
field, expected_value))
def test_details_ip_by_url(self, client_with_db):
client = client_with_db[0]
endpoint = '/details/ip_by_url'
data = {
'url': 'example.com'
}
headers = {
'Content-Type': "application/json"
}
info("POST {} with URL: {}".format(endpoint, 'example.com'))
response = client.post(BASE_PATH + endpoint, data=json.dumps(data), headers=headers)
assert_equal(response.status_code, 200, "Check status code")
j = data_to_json(response.data)
field = "details"
assert_dict_contains_key(j, field, "Check if dict contains given key - \"{}\"".format(field))
field = "country"
expected_value = 'US'
assert_dict_contains_key(j['details'], field, "Check if dict contains given key - \"{}\"".format(field))
assert_equal(j['details'][field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format(field, expected_value))
field = "ip"
assert_dict_contains_key(j['details'], field, "Check if dict contains given key - \"{}\"".format(field))
field = "asn"
assert_dict_contains_key(j['details'], field, "Check if dict contains given key - \"{}\"".format(field))
def test_details_whois(self, client_with_db):
client = client_with_db[0]
endpoint = '/details/whois'
url = 'example.com'
data = {'url': "{}".format(url)}
headers = {'Content-Type': "application/json"}
info("POST {}".format(endpoint))
response = client.post(BASE_PATH + endpoint,
data=json.dumps(data),
headers=headers)
assert_equal(response.status_code, 200, "Check status code")
j = data_to_json(response.data)
field = "details"
assert_dict_contains_key(
j, field,
"Check if dict contains given key - \"{}\"".format(field))
field = "registrar"
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'creation_date'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'name'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'org'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'country'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
def test_details_urlscan(self, client_with_db):
client = client_with_db[0]
endpoint = '/details/urlscan'
url = 'example.com'
data = {'url': "{}".format(url)}
headers = {'Content-Type': "application/json"}
info("POST {}".format(endpoint))
response = client.post(BASE_PATH + endpoint,
data=json.dumps(data),
headers=headers)
assert_equal(response.status_code, 200, "Check status code")
j = data_to_json(response.data)
field = "details"
assert_dict_contains_key(
j, field,
"Check if dict contains given key - \"{}\"".format(field))
field = "domain"
expected_value = url
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
assert_equal(
j['details'][field], expected_value,
"Check if item \"{}\" is equal to \"{}\"".format(
field, expected_value))
field = 'ip'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'country'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'server'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'webApps'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'no_of_requests'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'ads_blocked'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'https_requests'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'ipv6'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'malicious'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'malicious_requests'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'pointed_domains'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'unique_country_count'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
unique_country_count = j['details']['unique_country_count']
field = 'unique_countries_connected'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
unique_countries_connected = j['details']['unique_countries_connected']
assert_equal(
unique_country_count, len(unique_countries_connected),
"Check if amount of connected countries is equal to length of list of unique countries"
)
def test_details_urlscan_malicious(self, client_with_db):
if int(environ['COUNT_FAILED']) > (URLSCAN_RERUNS_MAX - 1):
pytest.skip("urlscan.io cannot finish properly")
environ['COUNT_FAILED'] = str(int(environ['COUNT_FAILED']) + 1)
client = client_with_db[0]
endpoint = '/details/urlscan'
url = get_test_phishing_domain().strip('http://')
info("URL sent - {}".format(url))
data = {'url': "{}".format(url)}
headers = {'Content-Type': "application/json"}
info("POST {}".format(endpoint))
response = client.post(BASE_PATH + endpoint,
data=json.dumps(data),
headers=headers)
# if response.status_code == 202:
# pytest.skip("urlscan.io returned status 202 - url \"{}\" is invalid".format(url))
assert_equal(response.status_code, 200, "Check status code")
j = data_to_json(response.data)
field = "details"
assert_dict_contains_key(
j, field,
"Check if dict contains given key - \"{}\"".format(field))
field = "domain"
expected_value = url
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
assert_equal(
j['details'][field], expected_value,
"Check if item \"{}\" is equal to \"{}\"".format(
field, expected_value))
field = 'ip'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'country'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'server'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'webApps'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'no_of_requests'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'ads_blocked'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'https_requests'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'ipv6'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'malicious'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
# if j['details'][field] == "good":
# pytest.skip("urlscan.io returned malicious domain as good - url \"{}\" is invalid".format(url))
field = 'malicious_requests'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'pointed_domains'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
field = 'unique_country_count'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
unique_country_count = j['details']['unique_country_count']
field = 'unique_countries_connected'
assert_dict_contains_key(
j['details'], field,
"Check if dict contains given key - \"{}\"".format(field))
unique_countries_connected = j['details']['unique_countries_connected']
assert_equal(
unique_country_count, len(unique_countries_connected),
"Check if amount of connected countries is equal to length of list of unique countries"
)
