def test_verify_by_crt_wrong_data(self, client_with_db): client = client_with_db[0] endpoint = '/verify/by_crt' data = {'temp': 'example.com'} headers = {'Content-Type': "application/json"} info("POST {} with URL: {}".format(endpoint, 'example.com')) response = client.post(BASE_PATH + endpoint, data=json.dumps(data), headers=headers) j = data_to_json(response.data) assert_equal(response.status_code, 400, "Check status code") field = "detail" expected_value = "'url' is a required property" assert_dict_contains_key( j, field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal( j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format( field, expected_value)) field = "title" expected_value = "Bad Request" assert_dict_contains_key( j, field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal( j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format( field, expected_value))
def test_details_ip_wrong_ip(self, client_with_db): client = client_with_db[0] endpoint = '/details/ip' data = {'ip': '721.0.0.0'} headers = {'Content-Type': "application/json"} info("POST {}".format(endpoint)) response = client.post(BASE_PATH + endpoint, data=json.dumps(data), headers=headers) j = data_to_json(response.data) assert_equal(response.status_code, 400, "Check status code") field = "detail" expected_value = "Wrong IP" assert_dict_contains_key( j, field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal( j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format( field, expected_value)) field = "title" expected_value = "Bad Request" assert_dict_contains_key( j, field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal( j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format( field, expected_value))
def test_details_levenstein(self, client_with_db): client = client_with_db[0] endpoint = '/details/levenstein' data = {'url': 'gooogle.info'} headers = {'Content-Type': "application/json"} info("POST {} with URL: {}".format(endpoint, 'gooogle.info')) response = client.post(BASE_PATH + endpoint, data=json.dumps(data), headers=headers) assert_equal(response.status_code, 200, "Check status code") j = data_to_json(response.data) field = "details" assert_dict_contains_key( j, field, "Check if dict contains given key - \"{}\"".format(field)) field = "matched_keyword" expected_value = 'google' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal( j['details'][field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format( field, expected_value)) field = "levenstein_distance" expected_value = 1 assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal( j['details'][field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format( field, expected_value))
def test_details_ip(self, client_with_db): client = client_with_db[0] endpoint = '/details/ip' ip = '127.0.0.1' data = {'ip': '{}'.format(ip)} headers = {'Content-Type': "application/json"} info("POST {}".format(endpoint)) response = client.post(BASE_PATH + endpoint, data=json.dumps(data), headers=headers) assert_equal(response.status_code, 200, "Check status code") j = data_to_json(response.data) field = "details" assert_dict_contains_key( j, field, "Check if dict contains given key - \"{}\"".format(field)) field = "ip" expected_value = ip assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal( j['details'][field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format( field, expected_value)) field = "status" expected_value = "reserved_range" assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal( j['details'][field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format( field, expected_value))
def test_verify_by_urlscan_malicious(self, client_with_db): client = client_with_db[0] endpoint = '/verify/by_urlscan' malicious_url = get_test_phishing_domain() data = {'url': '{}'.format(malicious_url)} headers = {'Content-Type': "application/json"} info("POST {}".format(endpoint)) response = client.post(BASE_PATH + endpoint, data=json.dumps(data), headers=headers) assert_equal(response.status_code, 200, "Check status code") if response.status_code == 202: pytest.skip( "urlscan.io returned status 202 - url \"{}\" is invalid". format(malicious_url)) j = data_to_json(response.data) field = "status" expected_value = "malicious" assert_dict_contains_key( j, field, "Check if dict contains given key - \"{}\"".format(field)) if j[field] == "good": pytest.skip( "urlscan.io returned malicious domain as good - url \"{}\" is invalid" .format(malicious_url)) assert_equal( j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format( field, expected_value))
def test_add_keyword_too_short(self, client_with_db): client = client_with_db[0] db = client_with_db[1] endpoint = '/server/create_db' headers = { "X-API-Key": AUTH_API_KEY } info("GET {}".format(endpoint)) response = client.get(BASE_PATH + endpoint, headers=headers) assert_equal(response.status_code, 200, "Check status code") endpoint = '/server/add_keyword' headers['Content-Type'] = 'application/x-www-form-urlencoded' data = { 'keyword': 'key' } info("POST {}".format(endpoint)) response = client.post(BASE_PATH + endpoint, headers=headers, data=data) j = data_to_json(response.data) assert_equal(response.status_code, 400, "Check status code") field = "detail" expected_value = "Keyword too short - min 4 signs" assert_dict_contains_key(j, field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal(j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format(field, expected_value)) field = "status" expected_value = 400 assert_dict_contains_key(j, field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal(j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format(field, expected_value)) field = "title" expected_value = "Bad Request" assert_dict_contains_key(j, field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal(j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format(field, expected_value))
def test_details_safebrowsing_malicious(self, client_with_db): client = client_with_db[0] endpoint = '/details/safebrowsing' url = 'http://malware.testing.google.test/testing/malware/' info("URL sent - {}".format(url)) data = {'url': "{}".format(url)} headers = {'Content-Type': "application/json"} info("POST {}".format(endpoint)) response = client.post(BASE_PATH + endpoint, data=json.dumps(data), headers=headers) assert_equal(response.status_code, 200, "Check status code") j = data_to_json(response.data) field = "details" assert_dict_contains_key( j, field, "Check if dict contains given key - \"{}\"".format(field)) field = "url" expected_value = url assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal( j['details'][field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format( field, expected_value)) field = 'malicious' expected_value = True assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal( j['details'][field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format( field, expected_value))
def test_database_creation(self, client_with_db): client = client_with_db[0] endpoint = '/server/create_db' headers = { "X-API-Key": AUTH_API_KEY } info("GET {}".format(endpoint)) response = client.get(BASE_PATH + endpoint, headers=headers) assert_equal(response.status_code, 200, "Check status code") j = data_to_json(response.data) field = "message" expected_value = "Database created." assert_dict_contains_key(j, field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal(j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format(field, expected_value))
def test_details_crtsh(self, client_with_db): client = client_with_db[0] endpoint = '/details/crtsh' data = {'url': 'example.com'} headers = {'Content-Type': "application/json"} info("POST {}".format(endpoint)) response = client.post(BASE_PATH + endpoint, data=json.dumps(data), headers=headers) assert_equal(response.status_code, 200, "Check status code") j = data_to_json(response.data) field = "details" assert_dict_contains_key( j, field, "Check if dict contains given key - \"{}\"".format(field)) field = "caid" assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = "registered_at" assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = "subject" assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = "org_name" assert_dict_contains_key( j['details']['subject'], field, "Check if dict contains given key - \"{}\"".format(field)) field = "country" assert_dict_contains_key( j['details']['subject'], field, "Check if dict contains given key - \"{}\"".format(field)) field = "issuer" assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = "common_name" assert_dict_contains_key( j['details']['issuer'], field, "Check if dict contains given key - \"{}\"".format(field)) field = "multi_dns_amount" assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field))
def test_verify_by_crt(self, client_with_db): client = client_with_db[0] endpoint = '/verify/by_crt' data = { 'url': 'google.com' } headers = { 'Content-Type': "application/json" } info("POST {}".format(endpoint)) response = client.post(BASE_PATH + endpoint, data=json.dumps(data), headers=headers) assert_equal(response.status_code, 200, "Check status code") j = data_to_json(response.data) field = "status" expected_value = "good" assert_dict_contains_key(j, field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal(j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format(field, expected_value))
def test_details_ip_by_url_wrong_url(self, client_with_db): client = client_with_db[0] endpoint = '/details/ip_by_url' data = { 'url': 'hppt://no_url' } headers = { 'Content-Type': "application/json" } info("POST {} with URL: {}".format(endpoint, 'hppt://no_url')) response = client.post(BASE_PATH + endpoint, data=json.dumps(data), headers=headers) j = data_to_json(response.data) assert_equal(response.status_code, 202, "Check status code") field = "message" expected_value = "Correct request but it returned no data" assert_dict_contains_key(j, field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal(j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format(field, expected_value))
def test_verify_by_sfbrowsing_malicious(self, client_with_db): client = client_with_db[0] endpoint = '/verify/by_sfbrowsing' data = {'url': 'http://malware.testing.google.test/testing/malware/'} headers = {'Content-Type': "application/json"} info("POST {} with URL: {}".format( endpoint, 'http://malware.testing.google.test/testing/malware/')) response = client.post(BASE_PATH + endpoint, data=json.dumps(data), headers=headers) assert_equal(response.status_code, 200, "Check status code") j = data_to_json(response.data) field = "status" expected_value = "malicious" assert_dict_contains_key( j, field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal( j[field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format( field, expected_value))
def test_details_ip_by_url(self, client_with_db): client = client_with_db[0] endpoint = '/details/ip_by_url' data = { 'url': 'example.com' } headers = { 'Content-Type': "application/json" } info("POST {} with URL: {}".format(endpoint, 'example.com')) response = client.post(BASE_PATH + endpoint, data=json.dumps(data), headers=headers) assert_equal(response.status_code, 200, "Check status code") j = data_to_json(response.data) field = "details" assert_dict_contains_key(j, field, "Check if dict contains given key - \"{}\"".format(field)) field = "country" expected_value = 'US' assert_dict_contains_key(j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal(j['details'][field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format(field, expected_value)) field = "ip" assert_dict_contains_key(j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = "asn" assert_dict_contains_key(j['details'], field, "Check if dict contains given key - \"{}\"".format(field))
def test_details_whois(self, client_with_db): client = client_with_db[0] endpoint = '/details/whois' url = 'example.com' data = {'url': "{}".format(url)} headers = {'Content-Type': "application/json"} info("POST {}".format(endpoint)) response = client.post(BASE_PATH + endpoint, data=json.dumps(data), headers=headers) assert_equal(response.status_code, 200, "Check status code") j = data_to_json(response.data) field = "details" assert_dict_contains_key( j, field, "Check if dict contains given key - \"{}\"".format(field)) field = "registrar" assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'creation_date' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'name' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'org' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'country' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field))
def test_details_urlscan(self, client_with_db): client = client_with_db[0] endpoint = '/details/urlscan' url = 'example.com' data = {'url': "{}".format(url)} headers = {'Content-Type': "application/json"} info("POST {}".format(endpoint)) response = client.post(BASE_PATH + endpoint, data=json.dumps(data), headers=headers) assert_equal(response.status_code, 200, "Check status code") j = data_to_json(response.data) field = "details" assert_dict_contains_key( j, field, "Check if dict contains given key - \"{}\"".format(field)) field = "domain" expected_value = url assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal( j['details'][field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format( field, expected_value)) field = 'ip' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'country' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'server' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'webApps' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'no_of_requests' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'ads_blocked' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'https_requests' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'ipv6' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'malicious' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'malicious_requests' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'pointed_domains' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'unique_country_count' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) unique_country_count = j['details']['unique_country_count'] field = 'unique_countries_connected' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) unique_countries_connected = j['details']['unique_countries_connected'] assert_equal( unique_country_count, len(unique_countries_connected), "Check if amount of connected countries is equal to length of list of unique countries" )
def test_details_urlscan_malicious(self, client_with_db): if int(environ['COUNT_FAILED']) > (URLSCAN_RERUNS_MAX - 1): pytest.skip("urlscan.io cannot finish properly") environ['COUNT_FAILED'] = str(int(environ['COUNT_FAILED']) + 1) client = client_with_db[0] endpoint = '/details/urlscan' url = get_test_phishing_domain().strip('http://') info("URL sent - {}".format(url)) data = {'url': "{}".format(url)} headers = {'Content-Type': "application/json"} info("POST {}".format(endpoint)) response = client.post(BASE_PATH + endpoint, data=json.dumps(data), headers=headers) # if response.status_code == 202: # pytest.skip("urlscan.io returned status 202 - url \"{}\" is invalid".format(url)) assert_equal(response.status_code, 200, "Check status code") j = data_to_json(response.data) field = "details" assert_dict_contains_key( j, field, "Check if dict contains given key - \"{}\"".format(field)) field = "domain" expected_value = url assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) assert_equal( j['details'][field], expected_value, "Check if item \"{}\" is equal to \"{}\"".format( field, expected_value)) field = 'ip' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'country' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'server' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'webApps' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'no_of_requests' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'ads_blocked' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'https_requests' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'ipv6' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'malicious' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) # if j['details'][field] == "good": # pytest.skip("urlscan.io returned malicious domain as good - url \"{}\" is invalid".format(url)) field = 'malicious_requests' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'pointed_domains' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) field = 'unique_country_count' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) unique_country_count = j['details']['unique_country_count'] field = 'unique_countries_connected' assert_dict_contains_key( j['details'], field, "Check if dict contains given key - \"{}\"".format(field)) unique_countries_connected = j['details']['unique_countries_connected'] assert_equal( unique_country_count, len(unique_countries_connected), "Check if amount of connected countries is equal to length of list of unique countries" )