Python Server.encodesOutput примеры использования

Пример #1

Файл: test_pytmfunc.py Проект: chadeckles/pytm

 def test_HA03(self):
     web = Server("Web Server")
     web.validatesHeaders = False
     web.encodesOutput = False
     web.isHardened = False
     threat = threats["HA03"]
     self.assertTrue(threat.apply(web))

Пример #2

Файл: test_pytmfunc.py Проект: chadeckles/pytm

 def test_SC04(self):
     web = Server("Web Server")
     web.sanitizesInput = False
     web.validatesInput = False
     web.encodesOutput = False
     threat = threats["SC04"]
     self.assertTrue(threat.apply(web))

Пример #3

Файл: test_pytmfunc.py Проект: Blue-infosec/pytm

 def test_INP18(self):
     web = Server("Web Server")
     web.sanitizesInput = False
     web.encodesOutput = False
     ThreatObj = Threat(
         next(item for item in threats_json if item["SID"] == "INP18"))
     self.assertTrue(ThreatObj.apply(web))

Пример #4

Файл: test_pytmfunc.py Проект: Blue-infosec/pytm

 def test_SC02(self):
     web = Server("Web Server")
     web.validatesInput = False
     web.encodesOutput = False
     ThreatObj = Threat(
         next(item for item in threats_json if item["SID"] == "SC02"))
     self.assertTrue(ThreatObj.apply(web))

Пример #5

 def test_HA03(self):
     web = Server("Web Server")
     web.validatesHeaders = False
     web.encodesOutput = False
     web.isHardened = False
     ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "HA03"))
     self.assertTrue(ThreatObj.apply(web))

Пример #6

Файл: test_pytmfunc.py Проект: chadeckles/pytm

 def test_INP29(self):
     web = Server("Web Server")
     process1 = Process("Process")
     web.validatesInput = False
     web.sanitizesInput = False
     web.encodesOutput = False
     process1.validatesInput = False
     process1.sanitizesInput = False
     process1.encodesOutput = False
     threat = threats["INP29"]
     self.assertTrue(threat.apply(process1))
     self.assertTrue(threat.apply(web))

Пример #7

Файл: test_pytmfunc.py Проект: Blue-infosec/pytm

 def test_INP29(self):
     web = Server("Web Server")
     process1 = Process("Process")
     web.validatesInput = False
     web.sanitizesInput = False
     web.encodesOutput = False
     process1.validatesInput = False
     process1.sanitizesInput = False
     process1.encodesOutput = False
     ThreatObj = Threat(
         next(item for item in threats_json if item["SID"] == "INP29"))
     self.assertTrue(ThreatObj.apply(process1))
     self.assertTrue(ThreatObj.apply(web))

Пример #8

Файл: test_pytmfunc.py Проект: izar/pytm

    def test_exclude_threats_ignore(self):
        random.seed(0)

        TM.reset()

        excluded_threat = "INP03"
        remaining_threat = "AA01"

        TM._threatsExcluded = [excluded_threat]

        tm = TM("my test tm", description="aaa")
        web = Server("Web")
        web.sanitizesInput = False
        web.encodesOutput = False
        self.assertTrue(threats[excluded_threat].apply(web))
        self.assertTrue(threats[remaining_threat].apply(web))

        tm.resolve()

        self.assertNotIn(excluded_threat, [t.threat_id for t in tm.findings])
        self.assertIn(remaining_threat, [t.threat_id for t in tm.findings])

Пример #9

Файл: test_pytmfunc.py Проект: chadeckles/pytm

 def test_INP18(self):
     web = Server("Web Server")
     web.sanitizesInput = False
     web.encodesOutput = False
     threat = threats["INP18"]
     self.assertTrue(threat.apply(web))

Пример #10

 def test_INP03(self):
     web = Server('Web')
     web.sanitizesInput = False
     web.encodesOutput = False
     threat = threats["INP03"]
     self.assertTrue(threat.apply(web))

Пример #11

tm.mergeResponses = True

internet = Boundary("Internet")
server_db = Boundary("Server/DB")
server_db.levels = [2]
vpc = Boundary("AWS VPC")

user = Actor("User")
user.inBoundary = internet
user.levels = [2]

web = Server("Web Server")
web.OS = "Ubuntu"
web.isHardened = True
web.sanitizesInput = False
web.encodesOutput = True
web.authorizesSource = False
web.sourceFiles = ["pytm/json.py", "docs/template.md"]

db = Datastore("SQL Database")
db.OS = "CentOS"
db.isHardened = False
db.inBoundary = server_db
db.isSQL = True
db.inScope = True
db.maxClassification = Classification.RESTRICTED
db.levels = [2]

secretDb = Datastore("Real Identity Database")
secretDb.OS = "CentOS"
secretDb.sourceFiles = ["pytm/pytm.py"]

Пример #12

user = Actor("User/Browser")
user.inBoundary = machine

apigee = Element("Apigee")
apigee.inBoundary = internet
apigee.isHardened = True

apigee = Element("Apigee")
apigee.inBoundary = internet
apigee.isHardened = True

server = Server("Apps Server")
server.inBoundary = apps_vpc
server.isHardened = True
server.hasAccessControl = True
server.encodesOutput = True

db = Datastore("MySQL DB")
db.isHardened = True
db.hasAccessControl = True
db.inBoundary = apps_vpc
db.inBoundary = rds_boundary
db.isSQL = True
db.inScope = True
db.onAWS = True
db.isShared = True
db.storesSensitiveData = False

redis = Datastore("Redis")
redis.isHardened = True
redis.inBoundary = apps_vpc