Python StackHawkParser примеры использования

Пример #1

 def test_that_a_scan_import_updates_the_test_description(self):
     testfile = open("unittests/scans/stackhawk/stackhawk_zero_vul.json")
     parser = StackHawkParser()
     test = Test()
     parser.get_findings(testfile, test)
     testfile.close()
     self.assertEqual(
         test.description,
         'View scan details here: ' +
         '[https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27]' +
         '(https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27)'
     )

Пример #2

 def test_that_a_scan_with_endpoints_in_differing_statuses_does_not_mark_as_risk_accepted_or_false_positive(self):
     testfile = open("unittests/scans/stackhawk/stackhawk_one_vuln_all_endpoints_have_different_status.json")
     parser = StackHawkParser()
     findings = parser.get_findings(testfile, Test())
     testfile.close()
     self.__assertAllEndpointsAreClean(findings)
     self.assertEqual(1, len(findings))
     self.__assertFindingEquals(
         findings[0],
         "Cookie Slack Detector",
         self.__test_datetime,
         "Secured Application",
         "Development",
         "Low",
         "https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/90027",
         "90027",
         "3",
         False,
         False
     )

Пример #3

    def test_stackhawk_parser_with_one_high_vuln_has_one_findings(self):
        testfile = open("unittests/scans/stackhawk/stackhawk_one_vul.json")
        parser = StackHawkParser()
        findings = parser.get_findings(testfile, Test())
        testfile.close()
        self.__assertAllEndpointsAreClean(findings)
        self.assertEqual(1, len(findings))

        finding = findings[0]

        self.__assertFindingEquals(
            finding,
            "Anti CSRF Tokens Scanner",
            self.__test_datetime,
            "Secured Application",
            "Development",
            "High",
            "https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/20012",
            "20012",
            "10",
            False,
            False
        )

Пример #4

    def test_stackhawk_parser_with_many_vuln_has_many_findings_and_removes_duplicates(self):
        testfile = open("unittests/scans/stackhawk/stackhawk_many_vul.json")
        parser = StackHawkParser()
        findings = parser.get_findings(testfile, Test())
        testfile.close()
        self.__assertAllEndpointsAreClean(findings)
        self.assertEqual(6, len(findings))

        self.__assertFindingEquals(
            findings[0],
            "Cookie Slack Detector",
            self.__test_datetime,
            "Secured Application",
            "Development",
            "Low",
            "https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/90027",
            "90027",
            "10",
            False,
            False
        )

        self.__assertFindingEquals(
            findings[1],
            "Proxy Disclosure",
            self.__test_datetime,
            "Secured Application",
            "Development",
            "Medium",
            "https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/40025",
            "40025",
            "10",
            False,
            False
        )

        self.__assertFindingEquals(
            findings[2],
            "Anti CSRF Tokens Scanner",
            self.__test_datetime,
            "Secured Application",
            "Development",
            "High",
            "https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/20012",
            "20012",
            "10",
            False,
            False
        )

        self.__assertFindingEquals(
            findings[3],
            "Cross Site Scripting Weakness (Reflected in JSON Response)",
            self.__test_datetime,
            "Secured Application",
            "Development",
            "High",
            "https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/40012",
            "40012",
            "1",
            False,
            False
        )

        self.__assertFindingEquals(
            findings[4],
            "Content Security Policy (CSP) Header Not Set",
            self.__test_datetime,
            "Secured Application",
            "Development",
            "Medium",
            "https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/10038",
            "10038",
            "12",
            False,
            False
        )

        self.__assertFindingEquals(
            findings[5],
            "Permissions Policy Header Not Set",
            self.__test_datetime,
            "Secured Application",
            "Development",
            "Low",
            "https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/10063",
            "10063",
            "12",
            False,
            False
        )

Пример #5

 def test_stackhawk_parser_with_no_vuln_has_no_findings(self):
     testfile = open("unittests/scans/stackhawk/stackhawk_zero_vul.json")
     parser = StackHawkParser()
     findings = parser.get_findings(testfile, Test())
     testfile.close()
     self.assertEqual(0, len(findings))

Пример #6

 def test_parser_ensures_data_is_for_stackhawk_before_parsing(self):
     testfile = open("unittests/scans/stackhawk/oddly_familiar_json_that_isnt_us.json")
     parser = StackHawkParser()
     with self.assertRaises(ValueError):
         parser.get_findings(testfile, Test())

Пример #7

 def test_invalid_json_format(self):
     testfile = open("unittests/scans/stackhawk/invalid.json")
     parser = StackHawkParser()
     with self.assertRaises(ValueError):
         parser.get_findings(testfile, Test())