def test_AC10(self): web = Server("Web Server") web.usesLatestTLSversion = False web.implementsAuthenticationScheme = False web.authorizesSource = False threat = threats["AC10"] self.assertTrue(threat.apply(web))
def test_CR03(self): process1 = Process("Process1") web = Server("Web Server") process1.implementsAuthenticationScheme = False web.implementsAuthenticationScheme = False threat = threats["CR03"] self.assertTrue(threat.apply(process1)) self.assertTrue(threat.apply(web))
def test_AC10(self): web = Server("Web Server") web.usesLatestTLSversion = False web.implementsAuthenticationScheme = False web.authorizesSource = False ThreatObj = Threat( next(item for item in threats_json if item["SID"] == "AC10")) self.assertTrue(ThreatObj.apply(web))
def test_CR03(self): process1 = Process("Process1") web = Server("Web Server") process1.implementsAuthenticationScheme = False web.implementsAuthenticationScheme = False ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "CR03")) self.assertTrue(ThreatObj.apply(process1)) self.assertTrue(ThreatObj.apply(web))
def test_AC10(self): user = Actor("User") web = Server("Web Server") web.minTLSVersion = TLSVersion.TLSv11 web.implementsAuthenticationScheme = False web.authorizesSource = False user_to_web = Dataflow(user, web, "User enters comments (*)") user_to_web.protocol = "HTTPS" user_to_web.isEncrypted = True user_to_web.tlsVersion = TLSVersion.SSLv3 web.inputs = [user_to_web] threat = threats["AC10"] self.assertTrue(threat.apply(web))