def test_file_scan(mocker, requests_mock): mocker.patch.object(demisto, 'params', return_value=MOCK_PARAMS) mocker.patch.object(demisto, 'getFilePath', return_value=MOCK_FILE_INFO) polyswarm = PolyswarmConnector() param = {'entryID': TEST_ENTRY_ID} path_detonate_file = '/consumer/{polyswarm_community}'. \ format(polyswarm_community=demisto.params().get('polyswarm_community')) requests_mock.post(MOCK_API_URL + path_detonate_file, json=MOCK_SCAN_JSON_RESPONSE) path_url_lookup = '/consumer/{polyswarm_community}/uuid/{uuid}'. \ format(polyswarm_community=demisto.params().get('polyswarm_community'), uuid=TEST_SCAN_UUID) requests_mock.get(MOCK_API_URL + path_url_lookup, json=MOCK_LOOKUP_JSON_RESPOSE) with patch("__builtin__.open", mock_open(read_data="data")): results = polyswarm.detonate_file(param) assert results['Contents']['Positives'] == '6' assert results['Contents']['Total'] == '17' assert results['Contents']['Scan_UUID'] == TEST_SCAN_UUID assert results['Contents'][ 'Permalink'] == POLYSWARM_URL_RESULTS + '/' + TEST_SCAN_UUID assert results['Contents']['Artifact'] == TEST_ENTRY_ID
def test_url(mocker, requests_mock): mocker.patch.object(demisto, 'params', return_value=MOCK_PARAMS) polyswarm = PolyswarmConnector() param = {'url': TEST_SCAN_URL} path_url_scan = '/consumer/{polyswarm_community}'. \ format(polyswarm_community=demisto.params().get('polyswarm_community')) requests_mock.post(MOCK_API_URL + path_url_scan, json=MOCK_SCAN_JSON_RESPONSE) path_url_lookup = '/consumer/{polyswarm_community}/uuid/{uuid}'. \ format(polyswarm_community=demisto.params().get('polyswarm_community'), uuid=TEST_SCAN_UUID) requests_mock.get(MOCK_API_URL + path_url_lookup, json=MOCK_LOOKUP_JSON_RESPOSE) results = polyswarm.url_reputation(param, 'url') assert results['Contents']['Positives'] == '6' assert results['Contents']['Total'] == '17' assert results['Contents']['Scan_UUID'] == TEST_SCAN_UUID assert results['Contents'][ 'Permalink'] == POLYSWARM_URL_RESULTS + '/' + TEST_SCAN_UUID assert results['Contents']['Artifact'] == TEST_SCAN_URL
def test_file_rescan(mocker, requests_mock): mocker.patch.object(demisto, 'params', return_value=MOCK_PARAMS) polyswarm = PolyswarmConnector() param = {'hash': TEST_HASH_FILE} path_rescan = '/consumer/{polyswarm_community}/rescan/{hash_type}/{hash}'. \ format(polyswarm_community=demisto.params().get('polyswarm_community'), hash_type='sha256', hash=TEST_HASH_FILE) requests_mock.post(MOCK_API_URL + path_rescan, json=MOCK_SCAN_JSON_RESPONSE) path_url_lookup = '/consumer/{polyswarm_community}/uuid/{uuid}'. \ format(polyswarm_community=demisto.params().get('polyswarm_community'), uuid=TEST_SCAN_UUID) requests_mock.get(MOCK_API_URL + path_url_lookup, json=MOCK_LOOKUP_JSON_RESPOSE) results = polyswarm.rescan_file(param) assert results['Contents']['Positives'] == '6' assert results['Contents']['Total'] == '17' assert results['Contents']['Scan_UUID'] == TEST_SCAN_UUID assert results['Contents'][ 'Permalink'] == POLYSWARM_URL_RESULTS + '/' + TEST_SCAN_UUID assert results['Contents']['Artifact'] == TEST_HASH_FILE
def test_get_file(mocker, requests_mock): mocker.patch.object(demisto, 'params', return_value=MOCK_PARAMS) polyswarm = PolyswarmConnector() param = {'hash': TEST_HASH_FILE} path_get_file = '/download/{hash_type}/{hash}'. \ format(hash_type='sha256', hash=TEST_HASH_FILE) requests_mock.get(MOCK_API_URL + path_get_file, text='bin data response') results = polyswarm.get_file(param) assert results['File'] == TEST_HASH_FILE
def test_file(mocker, requests_mock, param): mocker.patch.object(demisto, 'params', return_value=MOCK_PARAMS) polyswarm = PolyswarmConnector() path_search_hash = '/search?hash={hash}&type={hash_type}&with_instances=true'. \ format(hash=TEST_HASH_FILE, hash_type='sha256') requests_mock.get(MOCK_API_URL + path_search_hash, json=MOCK_SEARCH_JSON_RESPONSE) results = polyswarm.file_reputation(param) assert results['Contents']['Positives'] == '7' assert results['Contents']['Total'] == '16' assert results['Contents']['Scan_UUID'] == TEST_SCAN_UUID assert results['Contents'][ 'Permalink'] == POLYSWARM_URL_RESULTS + '/' + TEST_SCAN_UUID assert results['Contents']['Artifact'] == TEST_HASH_FILE