Esempio n. 1
0
import py.test

from csirtg_smrt import Smrt
from csirtg_smrt.rule import Rule
from csirtg_smrt.constants import REMOTE_ADDR
from pprint import pprint

rule = 'test/vxvault/vxvault.yml'
rule = Rule(path=rule)
rule.fetcher = 'file'

s = Smrt(REMOTE_ADDR, 1234, client='dummy')


def test_vxvault_urls():
    rule.feeds['urls']['remote'] = 'test/vxvault/feed.txt'
    x = s.process(rule, feed="urls")
    x = list(x)

    assert len(x) > 0

    urls = set()
    tags = set()

    for xx in x:
        urls.add(xx.indicator)
        tags.add(xx.tags[0])

    assert 'http://jeansowghtqq.com/85.exe' in urls
    assert 'malware' in tags
Esempio n. 2
0
import py.test

from csirtg_smrt import Smrt
from csirtg_smrt.rule import Rule
from csirtg_smrt.constants import REMOTE_ADDR
from csirtg_smrt.constants import PYVERSION

rule = 'test/zemail/zemail.yml'
rule = Rule(path=rule)
rule.fetcher = 'stdin'
s = Smrt(REMOTE_ADDR, 1234, client='dummy')


def test_zemail():
    feed = 'abuse'
    with open('test/zemail/single_plain_01.eml') as f:
        data = f.read()

        x = list(s.process(rule, feed=feed, data=data))

        assert len(x) > 0

        assert x[0].indicator == 'http://www.socialservices.cn/detail.php?id=9'
import py.test

from csirtg_smrt import Smrt
from csirtg_smrt.rule import Rule
from csirtg_smrt.constants import REMOTE_ADDR
from pprint import pprint

rule = 'test/spamhaus/spamhaus.yml'
rule = Rule(path=rule)
rule.fetcher = 'file'
s = Smrt(REMOTE_ADDR, 1234, client='dummy')


def test_spamhaus_drop():
    rule.feeds['drop']['remote'] = 'test/spamhaus/drop.txt'
    x = s.process(rule, feed="drop")
    x = list(x)
    assert len(list(x)) > 0


def test_spamhaus_edrop():
    rule.feeds['edrop']['remote'] = 'test/spamhaus/edrop.txt'
    x = s.process(rule, feed="edrop")
    x = list(x)
    assert len(x) > 0