Esempi in Python per Server.hasAccessControl

Esempio n. 1

File: test_pytmfunc.py Progetto: Blue-infosec/pytm

 def test_AC09(self):
     web = Server("Web Server")
     web.hasAccessControl = False
     web.authorizesSource = False
     ThreatObj = Threat(
         next(item for item in threats_json if item["SID"] == "AC09"))
     self.assertTrue(ThreatObj.apply(web))

Esempio n. 2

File: test_pytmfunc.py Progetto: chadeckles/pytm

 def test_SC03(self):
     web = Server("Web Server")
     web.validatesInput = False
     web.sanitizesInput = False
     web.hasAccessControl = False
     threat = threats["SC03"]
     self.assertTrue(threat.apply(web))

Esempio n. 3

File: test_pytmfunc.py Progetto: Blue-infosec/pytm

 def test_AC06(self):
     web = Server("Web Server")
     web.isHardened = False
     web.hasAccessControl = False
     ThreatObj = Threat(
         next(item for item in threats_json if item["SID"] == "AC06"))
     self.assertTrue(ThreatObj.apply(web))

Esempio n. 4

 def test_SC03(self):
     web = Server("Web Server")
     web.validatesInput = False
     web.sanitizesInput = False
     web.hasAccessControl = False
     ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "SC03"))
     self.assertTrue(ThreatObj.apply(web))

Esempio n. 5

File: test_pytmfunc.py Progetto: chadeckles/pytm

 def test_AC01(self):
     web = Server("Web Server")
     process1 = Process("Process1")
     db = Datastore("DB")
     web.hasAccessControl = False
     web.authorizesSource = True
     process1.hasAccessControl = False
     process1.authorizesSource = False
     db.hasAccessControl = False
     db.authorizesSource = False
     threat = threats["AC01"]
     self.assertTrue(threat.apply(process1))
     self.assertTrue(threat.apply(web))
     self.assertTrue(threat.apply(db))

Esempio n. 6

 def test_AC01(self):
     web = Server("Web Server")
     process1 = Process("Process1")
     db = Datastore("DB")
     web.hasAccessControl = False
     web.authorizesSource = True
     process1.hasAccessControl = False
     process1.authorizesSource = False
     db.hasAccessControl = False
     db.authorizesSource = False
     ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "AC01"))
     self.assertTrue(ThreatObj.apply(process1))
     self.assertTrue(ThreatObj.apply(web))
     self.assertTrue(ThreatObj.apply(db))

Esempio n. 7

File: test_pytmfunc.py Progetto: chadeckles/pytm

 def test_AC09(self):
     web = Server("Web Server")
     web.hasAccessControl = False
     web.authorizesSource = False
     threat = threats["AC09"]
     self.assertTrue(threat.apply(web))

Esempio n. 8

File: test_pytmfunc.py Progetto: chadeckles/pytm

 def test_AC08(self):
     web = Server("Web Server")
     web.hasAccessControl = False
     threat = threats["AC08"]
     self.assertTrue(threat.apply(web))

Esempio n. 9

user = Actor("User/Browser")
user.inBoundary = machine

apigee = Element("Apigee")
apigee.inBoundary = internet
apigee.isHardened = True

apigee = Element("Apigee")
apigee.inBoundary = internet
apigee.isHardened = True

server = Server("Apps Server")
server.inBoundary = apps_vpc
server.isHardened = True
server.hasAccessControl = True
server.encodesOutput = True

db = Datastore("MySQL DB")
db.isHardened = True
db.hasAccessControl = True
db.inBoundary = apps_vpc
db.inBoundary = rds_boundary
db.isSQL = True
db.inScope = True
db.onAWS = True
db.isShared = True
db.storesSensitiveData = False

redis = Datastore("Redis")
redis.isHardened = True