async def test_get_containers_performance_analysis(): ts = time.perf_counter() bprint('Test: Get Containers Performance Analysis') # Semaphore, PageSize semaphores = range(1, 100, 5) page_sizes = range(1, 100, 10) stats = [] for semaphore in semaphores: for page_size in range(1, 100, 10): async with PhantomApiClient( cfg=f'{getenv("CFG_HOME")}/phantom_api_client.toml', sem=semaphore) as pac: tts = time.perf_counter() results = await pac.get_containers( ContainerFilter(page_size=page_size)) recs = len(results.success) dur = time.perf_counter() - tts stat = f'| {semaphore}\t| {page_size}\t| {recs}\t| {dur:f}\t| {recs / dur:f}\t|' stats.append(stat) print(stat) with open(realpath('./data/get_containers_stats_2019-07-30.txt')) as sfile: sfile.writelines(stats) bprint(f'-> Completed in {(time.perf_counter() - ts) / 60:f} minutes.')
async def test_post_managed_account(): ts = time.perf_counter() bprint('Test: Post Managed Account') async with PasswordSafeApiClient( cfg=f'{getenv("CFG_HOME")}/password_safe_api_client_dev.toml' ) as psac: results = await psac.post_records(model=ManagedAccount( systemID=33, AccountName='Test McTesterton', DistinguishedName= 'uid=s.McTest,ou=Test,ou=apps,ou=b2e,dc=test53,dc=com', ApiEnabled=True, ReleaseDuration=120, MaxReleaseDuration=1440, ISAReleaseDuration=120, MaxConcurrentRequests=1, AutoManagementFlag=True, CheckPasswordFlag=True, ResetPasswordOnMismatchFlag=True, ChangePasswordAfterAnyReleaseFlag=True, ChangeFrequencyType='xdays', ChangeFrequencyDays=30, ChangeTime='01:00')) assert type(results) is Results assert len(results.success) == 1 assert not results.failure print('Cookie:') tprint(results) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_put_tag(): ts = time.perf_counter() bprint('Test: Put Tag') async with BricataApiClient( cfg=f'{getenv("CFG_HOME")}/bricata_api_client.toml') as bac: tag = TagRequest(name='sea_test', color='#ff9800', icon='fas fa-grimace') results = await bac.put_tag(tag=tag) assert type(results) is Results assert not results.failure results = await bac.get_tags() assert type(results) is Results assert len(results.success) >= 1 assert not results.failure tags = [t['name'] for t in results.success] assert 'sea_test' in tags # Check if tag was created tprint(results) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_delete_many_artifacts(): ts = time.perf_counter() bprint('Test: Delete Many Artifacts') async with PhantomApiClient( cfg=f'{getenv("CFG_HOME")}/phantom_api_client.toml') as pac: results = await pac.get_records( ArtifactQuery(filter={'_filter_type': '"test"'})) ids = [c['id'] for c in results.success] aids = [choice(ids), choice(ids)] # print(results) while aids[0] == aids[1]: aids[1] = choice(ids) results = await pac.delete_records( query=[ArtifactQuery(id=aid) for aid in aids]) assert type(results) is Results assert len(results.success) == 2 assert not results.failure assert results.success[0]['success'] tprint(results) print('\nVerify Results from Phantom') results = await pac.get_records(query=ArtifactQuery( filter={'_filter_id__in': str(aids)})) assert not results.success assert not results.failure tprint(results) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_delete_one_artifact(): ts = time.perf_counter() bprint('Test: Delete One Artifact') async with PhantomApiClient( cfg=f'{getenv("CFG_HOME")}/phantom_api_client.toml') as pac: results = await pac.get_records( ArtifactQuery(filter={'_filter_type': '"test"'})) ids = [c['id'] for c in results.success] aid = choice(ids) results = await pac.delete_records(query=[ArtifactQuery(id=aid)]) # print(results) assert type(results) is Results assert len(results.success) == 1 assert not results.failure assert results.success tprint(results) print('\nVerify Results from Phantom') results = await pac.get_records(query=ArtifactQuery( filter={'_filter_id': aid})) assert not results.success assert not results.failure tprint(results) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_all_container_artifacts_date_filtered(): # TODO: This is hard to test since we don't know what artifacts we'll encounter. ts = time.perf_counter() bprint('Test: Get All Container Artifacts Date Filtered') async with PhantomApiClient( cfg=f'{getenv("CFG_HOME")}/phantom_api_client.toml') as pac: f = {'_filter_type': '"test"'} results = await pac.get_record_count(ArtifactQuery(filter=f)) unfiltered = results.success[0]['count'] assert unfiltered print(f'Found {unfiltered} unfiltered containers.') results = await pac.get_records( ArtifactQuery(date_filter_start='2019-09-10', date_filter_field='create_time', filter=f)) filtered = len(results.success) print(f'Found {filtered} filtered containers.') assert type(results) is Results assert len(results.success) >= 1 assert not results.failure assert unfiltered > filtered tprint(results, top=5) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_delete_one_container(): ts = time.perf_counter() bprint('Test: Delete One Container') async with PhantomApiClient( cfg=f'{getenv("CFG_HOME")}/phantom_api_client.toml') as pac: results = await pac.get_records(query=ContainerQuery( filter={'_filter_tenant': 2})) ids = [c['id'] for c in results.success] assert ids # Need containers to test cid = choice(ids) results = await pac.delete_records(query=ContainerQuery(id=cid)) # print(results) assert type(results) is Results assert len(results.success) == 1 assert not results.failure assert results.success tprint(results) print('\nVerify Results from Phantom') results = await pac.get_records(query=ContainerQuery( filter={'_filter_id': cid})) assert not results.success assert not results.failure tprint(results) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_all_containers_filtered(): ts = time.perf_counter() bprint('Test: Get All Containers Filtered') async with PhantomApiClient( cfg=f'{getenv("CFG_HOME")}/phantom_api_client_prod.toml') as pac: # f = {'_filter_container_type': '"case"'} f = {'_filter_tenant': 0} # results = await pac.get_container_count(query=ContainerQuery(filter=f)) # count = results.success[0]['count'] # print('count:', count) results = await pac.get_containers(query=ContainerQuery(filter=f)) # print(results) ids = list(set([r['id'] for r in results.success])) print('unique_ids:', len(ids)) assert type(results) is Results assert len(results.success) >= 1 assert not results.failure tprint(results, top=5) # dedup = frozenset(item.items()), item) for item in results.sucess) # dedup = (frozenset(item.items()),item for item in results.success) # dedup = dict((frozenset(item.items()), item) for item in results.success).values() # print('tdedsup', type(dedup)) # print('dedup0', dedup[0]) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_create_many_artifacts(): ts = time.perf_counter() bprint('Test: Create Many Artifacts') async with PhantomApiClient( cfg=f'{getenv("CFG_HOME")}/phantom_api_client_prod.toml') as pac: container = generate_container(artifact_count=2) results = await pac.get_records( ContainerQuery(filter={'_filter_tenant': 2})) ids = [c['id'] for c in results.success] cid = choice(ids) print(f'Container: {cid}') container[0].update_id(cid) response_results, request_results = await pac.create_artifacts( container) # print(response_results) assert type(response_results) is Results assert len(request_results) == 1 assert len(response_results.success) == 2 assert not response_results.failure assert response_results.success[0]['success'] tprint(response_results, request_results, top=5) # todo: check for creation within phantom bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_create_many_containers(): ts = time.perf_counter() bprint('Test: Create Many Containers') async with PhantomApiClient( cfg=f'{getenv("CFG_HOME")}/phantom_api_client.toml') as pac: response_results, request_results = await pac.create_containers( generate_container(container_count=2)) # print(response_results) assert type(response_results) is Results assert len(request_results) == 2 assert len(response_results.success) == 2 assert not response_results.failure assert response_results.success[0]['success'] tprint(response_results, request_results) print('\nVerify Results from Phantom') ids = [r['id'] for r in response_results.success] results = await pac.get_records(query=ContainerQuery( filter={'_filter_id__in': str(ids)})) tprint(results) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_update_one_container(): ts = time.perf_counter() bprint('Test: Update One Container') async with PhantomApiClient( cfg=f'{getenv("CFG_HOME")}/phantom_api_client.toml') as pac: results = await pac.get_records(query=ContainerQuery( page=0, page_size=20, filter={'_filter_tenant': 2})) old_container = choice(results.success) print(f'Container Prior Update\n\t-> {old_container}') container = generate_container()[0] container.clear() container.name = 'Update Test' container.update_id(old_container['id']) results = await pac.update_records(container) # print(response_results) assert type(results) is Results assert len(results.success) == 1 assert not results.failure assert results.success assert results.success[0]['success'] tprint(results) results = await pac.get_records(query=ContainerQuery( id=old_container['id'])) print(f'Container After Update\n\t-> {results.success[0]}') bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_all_containers_date_filtered(): ts = time.perf_counter() bprint('Test: Get All Containers Date Filtered') async with PhantomApiClient( cfg=f'{getenv("CFG_HOME")}/phantom_api_client.toml') as pac: results = await pac.get_record_count( ContainerQuery(filter={'_filter_tenant': 2})) try: unfiltered = results.success[0]['count'] except IndexError: unfiltered = 0 print(f'Found {unfiltered} unfiltered containers.') results = await pac.get_records( query=ContainerQuery(date_filter_start='2019-10-01', date_filter_field='create_time', filter={'_filter_tenant': 2})) filtered = len(results.success) print(f'Found {filtered} filtered containers.') assert type(results) is Results assert len(results.success) >= 1 assert not results.failure assert unfiltered > filtered tprint(results, top=5) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_update_one_artifact(): ts = time.perf_counter() bprint('Test: Update One Artifact') async with PhantomApiClient( cfg=f'{getenv("CFG_HOME")}/phantom_api_client.toml') as pac: container = generate_container(artifact_count=1)[0] artifact = container.artifacts[0] rid = artifact.data['request_id'] artifact.clear() artifact.data = {'request_id': rid} artifact.name = 'Update Test' results = await pac.get_records( ArtifactQuery(filter={'_filter_type': '"test"'})) ids = [c['id'] for c in results.success] aid = choice(ids) artifact.update_id(aid) print(f'Artifact: {aid}\n\t->{artifact}') results = await pac.update_records(requests=[artifact]) # print(response_results) assert type(results) is Results assert len(results.success) == 1 assert not results.failure assert results.success assert results.success[0]['success'] tprint(results) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_login(): ts = time.perf_counter() bprint('Test: Login') async with ExabeamApiClient(cfg=f'{getenv("CFG_HOME")}/exabeam_api_client.toml') as eac: results = await eac.login() assert type(results) is Results assert len(results.success) >= 1 assert not results.failure tprint(results, top=5) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_alerts_filtered(): ts = time.perf_counter() bprint('Test: Get Alerts, Filtered') async with BricataApiClient(cfg=f'{getenv("CFG_HOME")}/bricata_api_client.toml') as bac: af = AlertsFilter(tags='ATO') results = await bac.get_alerts(af) # assert type(results) is Results # assert len(results.success) >= 1 # assert not results.failure tprint(results, top=5) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_one_container_audit_data(): ts = time.perf_counter() bprint('Test: Get One Container Audit Data') async with PhantomApiClient(cfg=f'{getenv("CFG_HOME")}/phantom_api_client.toml') as pac: results = await pac.get_records(query=AuditQuery(container=130416)) # print(results) assert type(results) is Results assert len(results.success) >= 1 assert not results.failure tprint(results, top=5) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_notable_users(): ts = time.perf_counter() bprint('Test: Get Notable Users') async with ExabeamApiClient( cfg=f'{getenv("CFG_HOME")}/exabeam_api_client.toml') as eac: results = await eac.get_notable_users(query=NotableUsersQuery(num=10)) assert type(results) is Results assert len(results.success) >= 1 assert not results.failure tprint(results, top=5) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_tags(): ts = time.perf_counter() bprint('Test: Get Tags') async with BricataApiClient( cfg=f'{getenv("CFG_HOME")}/bricata_api_client.toml') as bac: results = await bac.get_tags() assert type(results) is Results assert len(results.success) >= 1 assert not results.failure tprint(results) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_request_debug(): ts = time.perf_counter() bprint('Test: Request Debug') async with BaseApiClient() as bac: async with aio.ClientSession() as session: response = await session.get('https://www.google.com', ssl=False) results = await bac.request_debug(response=response) assert type(results) is str print('Results:\n', results) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_user_count(): ts = time.perf_counter() bprint('Test: Get User Count') async with PhantomApiClient(cfg=f'{getenv("CFG_HOME")}/phantom_api_client.toml') as pac: results = await pac.get_record_count(query=UserQuery()) # print(results) assert type(results) is Results assert len(results.success) >= 1 assert not results.failure tprint(results) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_alerts(): ts = time.perf_counter() bprint('Test: Get Alerts') async with BricataApiClient(cfg=f'{getenv("CFG_HOME")}/bricata_api_client.toml') as bac: results = await bac.get_records(AlertQuery()) # print('results:\n\t', results) assert type(results) is Results assert len(results.success) >= 1 assert not results.failure tprint(results, top=5) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_all_computers(): ts = time.perf_counter() bprint('Test: Get All Computers') async with LDAPApiClient( cfg=f'{getenv("CFG_HOME")}/ldap_api_client.toml') as adac: results = await adac.get_computers() # print(results) assert type(results) is Results assert len(results.success) >= 1 assert not results.failure tprint(results, top=5) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_one_case(): ts = time.perf_counter() bprint('Test: Get One Container') async with PhishlabsApiClient( cfg=f'{getenv("CFG_HOME")}/phishlabs_api_client.toml') as plac: results = await plac.get_cases(case_id='<insert_case-id_here>') # print(results) assert type(results) is Results assert len(results.success) == 1 assert not results.failure tprint(results) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_all_artifacts_count(): ts = time.perf_counter() bprint('Test: Get All Artifacts Count') async with PhantomApiClient( cfg=f'{getenv("CFG_HOME")}/phantom_api_client.toml') as pac: results = await pac.get_record_count(ArtifactQuery()) # print(results) assert type(results) is Results assert len(results.success) >= 1 assert not results.failure tprint(results) # Should return all artifacts across all containers bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_cases_count_filtered(): ts = time.perf_counter() bprint('Test: Get Cases Count Filtered') async with PhishlabsApiClient( cfg=f'{getenv("CFG_HOME")}/phishlabs_api_client.toml') as plac: results = await plac.get_case_count(query=Query(caseType=['Phishing'])) # print(results) assert type(results) is Results assert len(results.success) == 1 assert not results.failure tprint(results) # Should return all cases across all cases bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_logout(): ts = time.perf_counter() bprint('Test: Logout') async with PasswordSafeApiClient( cfg=f'{getenv("CFG_HOME")}/password_safe_api_client_dev.toml' ) as psac: results = await psac.authenticate(direction='out') assert type(results) is Results assert len(results.success) == 1 assert not results.failure tprint(results) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_login(): ts = time.perf_counter() bprint('Test: Login') async with BricataApiClient(cfg=f'{getenv("CFG_HOME")}/bricata_api_client.toml') as bac: results = await bac.login() assert type(results) is Results assert len(results.success) == 1 assert not results.failure print('Header:', bac.header) tprint(results) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_one_attahment(): ts = time.perf_counter() bprint('Test: Get One Attachment') # todo: write me async with PhishlabsApiClient( cfg=f'{getenv("CFG_HOME")}/phishlabs_api_client.toml') as plac: results = await plac.get_case_count() # print(results) assert type(results) is Results assert len(results.success) == 1 assert not results.failure tprint(results) # Should return all cases bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_check_invalid_credentials(): ts = time.perf_counter() bprint('Test: Check Invalid Credentials') async with LDAPApiClient(cfg=f'{getenv("CFG_HOME")}/ldap_api_client.toml', autoconnect=False) as adac: results = await adac.check_credentials(username='******', password='******') # print(f'results: {results}') assert type(results) is Results assert len(results.failure) == 1 assert not results.success tprint(results) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_all_users_filtered(): ts = time.perf_counter() bprint('Test: Get All Users Filtered') async with LDAPApiClient( cfg=f'{getenv("CFG_HOME")}/ldap_api_client.toml') as adac: results = await adac.get_records( Query(search_base=adac.cfg['Defaults']['SearchBase'], search_filter='(cn=t24620a)')) # print(results) assert type(results) is Results assert len(results.success) >= 1 assert not results.failure tprint(results, top=5) bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')