Пример #1
0
class EnrichmentTestCase(unittest.TestCase):
    """Test case for DNS methods."""

    formats = ['json', 'xml', 'csv', 'text', 'table']

    def setup_class(self):
        self.patcher = patch('passivetotal.api.Client._get', fake_request)
        self.patcher.start()
        self.client = EnrichmentRequest('--No-User--', '--No-Key--')

    def teardown_class(self):
        self.patcher.stop()

    def test_enrichment(self):
        """Test various actions for enrichment."""
        payload = {'query': 'passivetotal.org'}
        response = self.client.get_enrichment(**payload)
        assert (response['queryValue'])

    def test_process_enrichment(self):
        """Test processing enrichment data."""
        payload = {'query': 'passivetotal.org'}
        response = self.client.get_enrichment(**payload)
        wrapped = Response(response)
        assert (wrapped.queryValue) == 'passivetotal.org'

    def test_osint(self):
        """Test getting unique passive DNS records."""
        payload = {'query': 'xxxvideotube.org'}
        response = self.client.get_osint(**payload)
        wrapped = Response(response)
        assert (response['results'])
        record = wrapped.results.pop(0)
        record = Response(record)
        assert (record.source) == 'RiskIQ'
        assert (
            record.sourceUrl
        ) == "https://www.riskiq.com/blog/riskiq-labs/post/a-brief-encounter-with-slempo"

    def test_malware(self):
        """Test processing malware."""
        payload = {'query': 'noorno.com'}
        response = self.client.get_malware(**payload)
        wrapped = Response(response)
        assert (response['results'])
        record = wrapped.results.pop(0)
        record = Response(record)
        assert (record.source) == 'Threatexpert'
        assert (record.sample) == "7ebf1e2d0c89b1c8124275688c9e8e98"

    def test_subdomains(self):
        """Test processing subdomains."""
        payload = {'query': '*.passivetotal.org'}
        response = self.client.get_subdomains(**payload)
        wrapped = Response(response)
        assert (wrapped.queryValue) == '*.passivetotal.org'
        assert ('www' in wrapped.subdomains)
Пример #2
0
class EnrichmentTestCase(unittest.TestCase):

    """Test case for DNS methods."""

    formats = ['json', 'xml', 'csv', 'text', 'table']

    def setup_class(self):
        self.patcher = patch('passivetotal.api.Client._get', fake_request)
        self.patcher.start()
        self.client = EnrichmentRequest('--No-User--', '--No-Key--')

    def teardown_class(self):
        self.patcher.stop()

    def test_enrichment(self):
        """Test various actions for enrichment."""
        payload = {'query': 'passivetotal.org'}
        response = self.client.get_enrichment(**payload)
        assert(response['queryValue'])

    def test_process_enrichment(self):
        """Test processing enrichment data."""
        payload = {'query': 'passivetotal.org'}
        response = self.client.get_enrichment(**payload)
        wrapped = Response(response)
        assert (wrapped.queryValue) == 'passivetotal.org'

    def test_osint(self):
        """Test getting unique passive DNS records."""
        payload = {'query': 'xxxvideotube.org'}
        response = self.client.get_osint(**payload)
        wrapped = Response(response)
        assert (response['results'])
        record = wrapped.results.pop(0)
        record = Response(record)
        assert (record.source) == 'RiskIQ'
        assert (record.sourceUrl) == "https://www.riskiq.com/blog/riskiq-labs/post/a-brief-encounter-with-slempo"

    def test_malware(self):
        """Test processing malware."""
        payload = {'query': 'noorno.com'}
        response = self.client.get_malware(**payload)
        wrapped = Response(response)
        assert (response['results'])
        record = wrapped.results.pop(0)
        record = Response(record)
        assert (record.source) == 'Threatexpert'
        assert (record.sample) == "7ebf1e2d0c89b1c8124275688c9e8e98"

    def test_subdomains(self):
        """Test processing subdomains."""
        payload = {'query': '*.passivetotal.org'}
        response = self.client.get_subdomains(**payload)
        wrapped = Response(response)
        assert (wrapped.queryValue) == '*.passivetotal.org'
        assert ('www' in wrapped.subdomains)
Пример #3
0
    def run(self):
        Analyzer.run(self)

        data = self.getData()

        try:
            # enrichment service
            if self.service == 'enrichment':
                enrichment_request = EnrichmentRequest(username=self.username, api_key=self.api_key)
                result = enrichment_request.get_enrichment(query=data)
                self.report(result)

            # malware service
            elif self.service == 'malware':
                enrichment_request = EnrichmentRequest(username=self.username, api_key=self.api_key)
                result = enrichment_request.get_malware(query=data)
                self.report(result)

            # osint service
            elif self.service == 'osint':
                enrichment_request = EnrichmentRequest(username=self.username, api_key=self.api_key)
                result = enrichment_request.get_osint(query=data)
                self.report(result)

            # passive dns service
            elif self.service == 'passive_dns':
                dns_request = DnsRequest(username=self.username, api_key=self.api_key)
                result = dns_request.get_passive_dns(query=data)
                self.report(result)

            # ssl certificate details service
            elif self.service == 'ssl_certificate_details':
                ssl_request = SslRequest(username=self.username, api_key=self.api_key)
                result = ssl_request.get_ssl_certificate_details(query=data)
                self.report(result)

            # ssl certificate history service
            elif self.service == 'ssl_certificate_history':
                ssl_request = SslRequest(username=self.username, api_key=self.api_key)
                result = ssl_request.get_ssl_certificate_history(query=data)
                self.report(result)

            # unique resolutions service
            elif self.service == 'unique_resolutions':
                dns_request = DnsRequest(username=self.username, api_key=self.api_key)
                result = dns_request.get_unique_resolutions(query=data)
                self.report(result)

            # whois details service
            elif self.service == 'whois_details':
                whois_request = WhoisRequest(username=self.username, api_key=self.api_key)
                result = whois_request.get_whois_details(query=data)
                self.report(result)

            else:
                self.error('Unknown PassiveTotal service')

        except Exception as e:
            self.unexpectedError(e)
Пример #4
0
    def run(self):
        data = self.get_data()

        try:
            # enrichment service
            if self.service == 'enrichment':
                enrichment_request = EnrichmentRequest(username=self.username,
                                                       api_key=self.api_key)
                result = enrichment_request.get_enrichment(query=data)
                self.report(result)

            # malware service
            elif self.service == 'malware':
                enrichment_request = EnrichmentRequest(username=self.username,
                                                       api_key=self.api_key)
                result = enrichment_request.get_malware(query=data)
                self.report(result)

            # osint service
            elif self.service == 'osint':
                enrichment_request = EnrichmentRequest(username=self.username,
                                                       api_key=self.api_key)
                result = enrichment_request.get_osint(query=data)
                self.report(result)

            # passive dns service
            elif self.service == 'passive_dns':
                dns_request = DnsRequest(username=self.username,
                                         api_key=self.api_key)
                result = dns_request.get_passive_dns(query=data)
                self.report(result)

            # ssl certificate details service
            elif self.service == 'ssl_certificate_details':
                ssl_request = SslRequest(username=self.username,
                                         api_key=self.api_key)
                result = ssl_request.get_ssl_certificate_details(query=data)
                self.report(result)

            # ssl certificate history service
            elif self.service == 'ssl_certificate_history':
                ssl_request = SslRequest(username=self.username,
                                         api_key=self.api_key)
                result = ssl_request.get_ssl_certificate_history(query=data)
                print(len(result['results']))
                if len(result['results']
                       ) == 1 and result['results'][0]['ipAddresses'] == 'N/A':
                    print("ok")
                    self.report({'results': []})
                else:
                    self.report(result)

            # unique resolutions service
            elif self.service == 'unique_resolutions':
                dns_request = DnsRequest(username=self.username,
                                         api_key=self.api_key)
                result = dns_request.get_unique_resolutions(query=data)
                self.report(result)

            # whois details service
            elif self.service == 'whois_details':
                whois_request = WhoisRequest(username=self.username,
                                             api_key=self.api_key)
                result = whois_request.get_whois_details(query=data)
                self.report(result)

            # components service
            elif self.service == 'components':
                host_attr_request = HostAttributeRequest(
                    username=self.username, api_key=self.api_key)
                result = host_attr_request.get_components(query=data)
                self.report(result)

            # trackers service
            elif self.service == 'trackers':
                host_attr_request = HostAttributeRequest(
                    username=self.username, api_key=self.api_key)
                result = host_attr_request.get_trackers(query=data)
                self.report(result)

            # host pairs service
            elif self.service == 'host_pairs':
                host_attr_request = HostAttributeRequest(
                    username=self.username, api_key=self.api_key)
                result = host_attr_request.get_host_pairs(query=data,
                                                          direction='parents')
                children = host_attr_request.get_host_pairs(
                    query=data, direction='children')
                result['totalRecords'] += children['totalRecords']
                result['results'] = result['results'] + children['results']
                self.report(result)

            else:
                self.error('Unknown PassiveTotal service')

        except Exception as e:
            self.unexpectedError(e)