import py.test
from csirtg_smrt import Smrt
from csirtg_smrt.rule import Rule
from csirtg_smrt.constants import REMOTE_ADDR
from pprint import pprint
rule = 'test/vxvault/vxvault.yml'
rule = Rule(path=rule)
rule.fetcher = 'file'
s = Smrt(REMOTE_ADDR, 1234, client='dummy')
def test_vxvault_urls():
rule.feeds['urls']['remote'] = 'test/vxvault/feed.txt'
x = s.process(rule, feed="urls")
x = list(x)
assert len(x) > 0
urls = set()
tags = set()
for xx in x:
urls.add(xx.indicator)
tags.add(xx.tags[0])
assert 'http://jeansowghtqq.com/85.exe' in urls
assert 'malware' in tags
import py.test
from csirtg_smrt import Smrt
from csirtg_smrt.rule import Rule
from csirtg_smrt.constants import REMOTE_ADDR
from csirtg_smrt.constants import PYVERSION
rule = 'test/zemail/zemail.yml'
rule = Rule(path=rule)
rule.fetcher = 'stdin'
s = Smrt(REMOTE_ADDR, 1234, client='dummy')
def test_zemail():
feed = 'abuse'
with open('test/zemail/single_plain_01.eml') as f:
data = f.read()
x = list(s.process(rule, feed=feed, data=data))
assert len(x) > 0
assert x[0].indicator == 'http://www.socialservices.cn/detail.php?id=9'
import py.test
from csirtg_smrt import Smrt
from csirtg_smrt.rule import Rule
from csirtg_smrt.constants import REMOTE_ADDR
from pprint import pprint
rule = 'test/spamhaus/spamhaus.yml'
rule = Rule(path=rule)
rule.fetcher = 'file'
s = Smrt(REMOTE_ADDR, 1234, client='dummy')
def test_spamhaus_drop():
rule.feeds['drop']['remote'] = 'test/spamhaus/drop.txt'
x = s.process(rule, feed="drop")
x = list(x)
assert len(list(x)) > 0
def test_spamhaus_edrop():
rule.feeds['edrop']['remote'] = 'test/spamhaus/edrop.txt'
x = s.process(rule, feed="edrop")
x = list(x)
assert len(x) > 0