def test_hostname_length():
report = NmapReport()
report.hosts = [
Host(ip_address('192.168.1.1'),
hostname='delvesecurity.com',
ports=[Port(port=53)]),
Host(ip_address('192.168.1.2'), hostname='', ports=[Port(port=53)]),
Host(ip_address('192.168.1.3'), hostname=None, ports=[Port(port=53)]),
]
report.add_feature(HostnameLengthFeature())
array = report.generate_matrix_representation()
assert array.shape == (3, 1)
assert array[0, 0] == len('delvesecurity.com')
assert array[1, 0] == 0
assert array[2, 0] == 0
def test_hostname_entropy():
report = NmapReport()
report.hosts = [
Host(ip_address('192.168.1.1'),
hostname='9ba3e58904.delvesecurity.com',
ports=[Port(port=53)]),
Host(ip_address('192.168.1.2'),
hostname='subdomain1.delvesecurity.com',
ports=[Port(port=53)]),
Host(ip_address('192.168.1.3'),
hostname='subdomain2.delvesecurity.com',
ports=[Port(port=53)]),
Host(ip_address('192.168.1.4'), hostname=None, ports=[Port(port=53)])
]
report.add_feature(HostnameEntropyFeature())
array = report.generate_matrix_representation()
assert array.shape == (4, 1)
assert array[0, 0] <= array[1, 0]
assert array[1, 0] == array[2, 0]
assert array[3, 0] == 0
def test_windows_domain_count():
report = NmapReport()
report.hosts = [
Host(ip_address('192.168.1.1'),
ports=[
Port(port=53, service='domain'),
Port(port=88, service='kerberos'),
Port(port=135, service='msrpc'),
Port(port=139, service='netbios-ssn')
]),
Host(ip_address('192.168.1.2'),
ports=[
Port(port=135, service='msrpc'),
Port(port=139, service='netbios-ssn')
])
]
report.add_feature(CommonWindowsDomainAdminFeature())
report.add_feature(CommonWindowsDomainMemberFeature())
array = report.generate_matrix_representation()
assert array.shape == (2, 2)
assert array[0, 0] == 2
assert array[0, 1] == 2
assert array[1, 0] == 0
assert array[1, 1] == 2
def test_open_port_count():
report = NmapReport()
report.hosts = [
Host(ip_address('192.168.1.1'),
ports=[
Port(port=22, protocol='tcp', state='open'),
Port(port=21, protocol='tcp', state='open')
]),
Host(ip_address('192.168.1.2'),
ports=[
Port(port=443, protocol='tcp', state='open'),
Port(port=8080, protocol='tcp', state='closed')
])
]
report.add_feature(OpenPortCountFeature())
array = report.generate_matrix_representation()
assert array.shape == (2, 1)
assert array[0, 0] == 2
assert array[1, 0] == 1
def test_db_count():
report = NmapReport()
report.hosts = [
Host(ip_address('192.168.1.1'),
ports=[
Port(port=3306, service='mysql'),
Port(port=3307, service='sql')
]),
Host(ip_address('192.168.1.2'),
ports=[
Port(port=9999, service='redis'),
Port(port=22, service='ssh')
])
]
report.add_feature(DatabaseCountFeature())
array = report.generate_matrix_representation()
assert array.shape == (2, 1)
assert array[0, 0] == 2
assert array[1, 0] == 1
def test_http_servers_count():
report = NmapReport()
report.hosts = [
Host(ip_address('192.168.1.1'),
ports=[
Port(port=80, service='http'),
Port(port=8080, service='http')
]),
Host(ip_address('192.168.1.2'),
ports=[
Port(port=443, service='https'),
Port(port=22, service='ssh')
])
]
report.add_feature(HttpServerCountFeature())
array = report.generate_matrix_representation()
assert array.shape == (2, 1)
assert array[0, 0] == 2
assert array[1, 0] == 1
def test_banner_length():
report = NmapReport()
report.hosts = [
Host(ip_address('192.168.1.1'),
ports=[
Port(port=22, software='OpenSSH Version 1'),
Port(port=80, software='VMware Authentication Daemon')
]),
Host(ip_address('192.168.1.2'),
ports=[
Port(port=22, software=None),
Port(port=35000, state='open', service='http')
])
]
report.add_feature(MaxBannerLengthFeature())
array = report.generate_matrix_representation()
assert array.shape == (2, 1)
assert array[0, 0] == len('VMware Authentication Daemon')
assert array[1, 0] == 0
def test_banner_count():
report = NmapReport()
report.hosts = [
Host(ip_address('192.168.1.1'),
ports=[
Port(port=22, name='ssh', software='OpenSSH'),
Port(port=80, state='open')
]),
Host(ip_address('192.168.1.2'),
ports=[
Port(port=8080, service='http'),
Port(port=80, service='http')
])
]
report.add_feature(BannerCountFeature())
array = report.generate_matrix_representation()
assert array.shape == (2, 1)
assert array[0, 0] == 1
assert array[1, 0] == 0
def test_named_port_count():
report = NmapReport()
report.hosts = [
Host(ip_address('192.168.1.1'),
ports=[
Port(port=22, protocol='tcp', service='ssh'),
Port(port=80, protocol='tcp', service='http')
]),
Host(ip_address('192.168.1.2'),
ports=[
Port(port=22, protocol='tcp', service='unknown'),
Port(port=222, protocol='tcp', service='ssh')
])
]
report.add_feature(NamedServiceCountFeature())
array = report.generate_matrix_representation()
assert array.shape == (2, 1)
assert array[0, 0] == 2
assert array[1, 0] == 1
def test_add_host_info():
output_manager = OutputManager(verbosity=2)
host = Host(ipv4=ip_address('8.8.8.8'), hostname='the.hive')
host.add_port(Port(88))
output_manager.add_host_info(rank=1,
score=0,
host=host,
features={'feature1', 123})
assert output_manager.data['host_info'][0]['host'] == "8.8.8.8"
assert output_manager.data['host_info'][0]['hostname'] == "the.hive"
assert output_manager.data['host_info'][0]['features'] == {'feature1', 123}
assert len(output_manager.data['host_info'][0]['ports']) == 1
assert output_manager.data['host_info'][0]['ports'][0]['port'] == 88
def test_port_entropy():
report = NmapReport()
report.hosts = [
Host(ip_address('192.168.1.1'),
ports=[Port(port=53),
Port(port=88),
Port(port=135)]),
Host(ip_address('192.168.1.2'),
ports=[Port(port=53),
Port(port=88),
Port(port=135)]),
Host(ip_address('192.168.1.3'),
ports=[Port(port=53),
Port(port=88),
Port(port=135)]),
Host(ip_address('192.168.1.4'),
ports=[Port(port=53),
Port(port=88),
Port(port=135)]),
Host(ip_address('192.168.1.6'),
ports=[Port(port=1), Port(port=2),
Port(port=3)]),
]
report.add_feature(PortEntropyFeature())
array = report.generate_matrix_representation()
assert array.shape == (5, 1)
assert array[1, 0] == array[0, 0]
assert array[2, 0] == array[0, 0]
assert array[3, 0] == array[0, 0]
assert array[4, 0] < array[0, 0]