def test_parse_some_findings_csv_bytes(self):
"""This tests is designed to test the parser with different read modes"""
testfile = open(
path.join(path.dirname(__file__),
"../scans/nessus/nessus_many_vuln2-all.csv"))
parser = NessusCSVParser()
findings = parser.get_findings(testfile, self.create_test())
for finding in findings:
for endpoint in finding.unsaved_endpoints:
endpoint.clean()
testfile = open(
path.join(path.dirname(__file__),
"../scans/nessus/nessus_many_vuln2-all.csv"), "rt")
parser = NessusCSVParser()
findings = parser.get_findings(testfile, self.create_test())
for finding in findings:
for endpoint in finding.unsaved_endpoints:
endpoint.clean()
testfile = open(
path.join(path.dirname(__file__),
"../scans/nessus/nessus_many_vuln2-all.csv"), "rb")
parser = NessusCSVParser()
findings = parser.get_findings(testfile, self.create_test())
for finding in findings:
for endpoint in finding.unsaved_endpoints:
endpoint.clean()
def test_parse_some_findings_csv_bytes(self):
"""This tests is designed to test the parser with different read modes"""
testfile = open("dojo/unittests/scans/nessus/nessus_many_vuln2-all.csv")
parser = NessusCSVParser()
findings = parser.get_findings(testfile, self.create_test())
testfile = open("dojo/unittests/scans/nessus/nessus_many_vuln2-all.csv", "rt")
parser = NessusCSVParser()
findings = parser.get_findings(testfile, self.create_test())
testfile = open("dojo/unittests/scans/nessus/nessus_many_vuln2-all.csv", "rb")
parser = NessusCSVParser()
findings = parser.get_findings(testfile, self.create_test())
def test_parse_some_findings_csv(self):
"""Test one report provided by a user"""
testfile = open(
path.join(path.dirname(__file__),
"../scans/nessus/nessus_many_vuln.csv"))
parser = NessusCSVParser()
findings = parser.get_findings(testfile, self.create_test())
for finding in findings:
for endpoint in finding.unsaved_endpoints:
endpoint.clean()
self.assertEqual(4, len(findings))
for i in [0, 1, 2, 3]:
finding = findings[i]
self.assertIn(finding.severity, Finding.SEVERITIES)
self.assertEqual("Medium", finding.severity)
self.assertEqual(0, finding.cwe)
# check some data
finding = findings[0]
self.assertEqual("CVE-2004-2761", finding.cve)
self.assertEqual(1, len(finding.unsaved_endpoints))
self.assertEqual("10.1.1.1", finding.unsaved_endpoints[0].host)
self.assertEqual("AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
finding.cvssv3)
# TODO work on component attributes for Nessus CSV parser
self.assertIsNotNone(finding.component_name)
self.assertEqual("md5", finding.component_name)
# this vuln have 'CVE-2013-2566,CVE-2015-2808' as CVE
# current implementation return the first
finding = findings[3]
self.assertEqual("CVE-2013-2566", finding.cve)
def test_parse_some_findings_csv2_all(self):
"""Test that use a report with all columns of Nessus Pro 8.13.1 (#257)"""
testfile = open("dojo/unittests/scans/nessus/nessus_many_vuln2-all.csv")
parser = NessusCSVParser()
findings = parser.get_findings(testfile, self.create_test())
self.assertEqual(29, len(findings))
finding = findings[0]
self.assertIn(finding.severity, Finding.SEVERITIES)
self.assertEqual('Info', finding.severity)
self.assertIsNone(finding.cve)
self.assertEqual(0, finding.cwe)
self.assertEqual('HTTP Server Type and Version', finding.title)
finding = findings[25]
self.assertIn(finding.severity, Finding.SEVERITIES)
self.assertEqual('SSL Certificate Signed Using Weak Hashing Algorithm (Known CA)', finding.title)
self.assertEqual('Info', finding.severity)
self.assertEqual('CVE-2004-2761', finding.cve)
def test_parse_some_findings_csv2_all(self):
"""Test that use a report with all columns of Nessus Pro 8.13.1 (#257)"""
testfile = open(
path.join(path.dirname(__file__),
"../scans/nessus/nessus_many_vuln2-all.csv"))
parser = NessusCSVParser()
findings = parser.get_findings(testfile, self.create_test())
for finding in findings:
for endpoint in finding.unsaved_endpoints:
endpoint.clean()
self.assertEqual(29, len(findings))
finding = findings[0]
self.assertIn(finding.severity, Finding.SEVERITIES)
self.assertEqual("Info", finding.severity)
self.assertIsNone(finding.cve)
self.assertEqual(0, finding.cwe)
self.assertEqual("HTTP Server Type and Version", finding.title)
finding = findings[25]
self.assertIn(finding.severity, Finding.SEVERITIES)
self.assertEqual(
"SSL Certificate Signed Using Weak Hashing Algorithm (Known CA)",
finding.title)
self.assertEqual("Info", finding.severity)
self.assertEqual("CVE-2004-2761", finding.cve)
