def test_cve_updated(self):
self.asset_2 = create_asset('10.10.10.11')
self.cve_2 = create_cve('CVE-2017-0003')
create_vulnerability(self.asset, self.cve)
create_vulnerability(self.asset, self.cve_2)
create_vulnerability(self.asset_2, self.cve)
create_vulnerability(self.asset_2, self.cve_2)
self.assertEqual(Search().index(VulnerabilityDocument.Index.name).count(), 4)
self.cve.access_vector_v2 = metrics.AccessVectorV2.LOCAL
self.cve.save()
thread_pool_executor.wait_for_all()
self.assertEqual(Search().index(VulnerabilityDocument.Index.name).count(), 4)
result_1 = VulnerabilityDocument.search().filter('term', cve__id=self.cve.id).execute()
self.assertEqual(len(result_1.hits), 2)
self.assertEqual(result_1.hits[0].cve.access_vector_v2, self.cve.access_vector_v2)
self.assertEqual(result_1.hits[1].cve.access_vector_v2, self.cve.access_vector_v2)
result_2 = VulnerabilityDocument.search().filter('term', cve__id=self.cve_2.id).execute()
self.assertEqual(len(result_2.hits), 2)
self.assertEqual(result_2.hits[0].cve.access_vector_v2, self.cve_2.access_vector_v2)
self.assertEqual(result_2.hits[1].cve.access_vector_v2, self.cve_2.access_vector_v2)
def test_call_update_exploits(self, get_file):
self.assertEqual(Search().index(CveDocument.Index.name).count(), 2)
get_file.return_value = self.data
update_exploits()
get_file.assert_called_once_with(
'https://www.cve-search.org/feeds/via4.json')
thread_pool_executor.wait_for_all()
self.assertEqual(Search().index(CveDocument.Index.name).count(), 2)
cve = CveDocument.search().filter(
'term',
id='CVE-2017-0008').sort('-modified_date').execute().hits[0]
prev_modified_date = cve.modified_date
self.assertEqual(len(cve.exploits), 1)
self.assertEqual(cve.exploits,
[{
'id': '44904',
'url': 'https://www.exploit-db.com/exploits/44904'
}])
update_exploits()
thread_pool_executor.wait_for_all()
self.assertEqual(Search().index(CveDocument.Index.name).count(), 2)
cve = CveDocument.search().filter(
'term',
id='CVE-2017-0008').sort('-modified_date').execute().hits[0]
self.assertEqual(cve.modified_date, prev_modified_date)
self.assertEqual(len(cve.exploits), 1)
self.assertEqual(cve.exploits,
[{
'id': '44904',
'url': 'https://www.exploit-db.com/exploits/44904'
}])
def test_asset_updated(self):
self.asset_2 = create_asset('10.10.10.11')
create_vulnerability(self.asset, self.cve)
create_vulnerability(self.asset_2, self.cve)
self.cve_2 = create_cve('CVE-2017-0003')
create_vulnerability(self.asset, self.cve_2)
create_vulnerability(self.asset_2, self.cve_2)
self.assertEqual(Search().index(VulnerabilityDocument.Index.name).count(), 4)
self.asset.confidentiality_requirement = AssetImpact.HIGH
self.asset.integrity_requirement = AssetImpact.HIGH
self.asset.save()
thread_pool_executor.wait_for_all()
self.assertEqual(Search().index(VulnerabilityDocument.Index.name).count(), 4)
result_1 = VulnerabilityDocument.search().filter(
'term', asset__ip_address=self.asset.ip_address).execute()
self.assertEqual(len(result_1.hits), 2)
self.assertEqual(result_1.hits[0].asset.confidentiality_requirement, self.asset.confidentiality_requirement)
self.assertEqual(result_1.hits[0].asset.integrity_requirement, self.asset.integrity_requirement)
self.assertEqual(result_1.hits[1].asset.confidentiality_requirement, self.asset.confidentiality_requirement)
self.assertEqual(result_1.hits[1].asset.integrity_requirement, self.asset.integrity_requirement)
result_2 = VulnerabilityDocument.search().filter(
'term', asset__ip_address=self.asset_2.ip_address).execute()
self.assertEqual(len(result_2.hits), 2)
self.assertEqual(result_2.hits[0].asset.confidentiality_requirement, self.asset_2.confidentiality_requirement)
self.assertEqual(result_2.hits[0].asset.integrity_requirement, self.asset_2.integrity_requirement)
self.assertEqual(result_2.hits[1].asset.confidentiality_requirement, self.asset_2.confidentiality_requirement)
self.assertEqual(result_2.hits[1].asset.integrity_requirement, self.asset_2.integrity_requirement)
def test_should_not_update(self):
self.assertEqual(Search().index(CveDocument.Index.name).count(), 2)
with open(get_fixture_location(__file__,
'nvdcve-1.0-2017.json')) as handle:
CveFactory.process(handle)
thread_pool_executor.wait_for_all()
self.assertEqual(Search().index(CveDocument.Index.name).count(), 2)
def update_assets(self, mock_api):
mock_api().get_assets.return_value = self.hosts
mock_api().get_users.return_value = self.users
_update_assets(self.config_id)
self.assertEqual(2, Search().index(AssetDocument.Index.name).count())
self.assertEqual(AssetDocument.search().filter('term', ip_address='10.0.0.23').count(), 1)
self.assertEqual(AssetDocument.search().filter('term', ip_address='10.0.0.25').count(), 1)
_update_assets(self.config_id)
self.assertEqual(2, Search().index(AssetDocument.Index.name).count())
def test_call(self, get_file):
file = open(get_fixture_location(__file__, 'nvdcve-1.0-2017.json'))
get_file.return_value = file
update_cve(2017)
get_file.assert_called_once_with(
'https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2017.json.gz')
self.assertEqual(Search().index(CveDocument.Index.name).count(), 2)
def test_call(self, get_file):
file = open(get_fixture_location(__file__, 'cwec_v2.12.xml'))
get_file.return_value = file
update_cwe()
get_file.assert_called_once_with(
'https://cwe.mitre.org/data/xml/cwec_v2.12.xml.zip')
self.assertEqual(Search().index(CweDocument.Index.name).count(), 2)
def _snapshot_documents(name: str, index: str) -> None:
docs = []
LOGGER.info(F'Creating snapshot for {index} {name}')
for current in Search(index=index).scan():
current.snapshot_date = now()
docs.append(current.to_dict())
if docs:
bulk(get_connection(), docs, refresh=True, index=F'{index}.{name}')
LOGGER.info(F'Snapshot for {index} {name} done')
def test_should_not_update(self):
self.assertEqual(Search().index(CweDocument.Index.name).count(), 2)
with open(get_fixture_location(__file__, 'cwec_v2.12.xml')) as handle:
CWEFactory.process(handle)
thread_pool_executor.wait_for_all()
self.assertEqual(Search().index(CweDocument.Index.name).count(), 2)
def test_call_nok(self, get_file):
get_file.return_value = None
update_cve(2017)
self.assertEqual(Search().index(CveDocument.Index.name).count(), 0)
def test_cve_count(self):
self.assertEqual(Search().index(CveDocument.Index.name).count(), 2)