示例#1
0
 def test_parse_file_with_no_vuln_has_no_findings(self):
     testfile = open(
         "dojo/unittests/scans/qualys_infrascan_webgui/qualys_infrascan_webgui_0.xml"
     )
     parser = QualysInfrascanWebguiParser()
     findings = parser.get_findings(testfile, Test())
     self.assertEqual(0, len(findings))
示例#2
0
    def test_parse_file_with_one_vuln_has_one_findings(self):
        testfile = open(
            "dojo/unittests/scans/qualys_infrascan_webgui/qualys_infrascan_webgui_1.xml"
        )
        parser = QualysInfrascanWebguiParser()
        findings = parser.get_findings(testfile, Test())
        for finding in findings:
            for endpoint in finding.unsaved_endpoints:
                endpoint.clean()
        self.assertEqual(1, len(findings))

        finding = findings[0]
        self.assertEqual("Oracle Java SE Critical Patch Update - January 2015", finding.title)
        self.assertEqual("Critical", finding.severity)  # Negligible is translated to Informational
        self.assertEqual(datetime(2019, 4, 2, 10, 14, 53, tzinfo=pytz.utc), finding.date)
示例#3
0
    def test_parse_file_with_one_vuln_has_one_findings(self):
        testfile = open(
            "dojo/unittests/scans/qualys_infrascan_webgui/qualys_infrascan_webgui_1.xml"
        )
        parser = QualysInfrascanWebguiParser()
        findings = parser.get_findings(testfile, Test())
        self.assertEqual(1, len(findings))

        findings = findings[0]
        self.assertEqual(
            findings.title,
            "Oracle Java SE Critical Patch Update - January 2015")
        self.assertEqual(
            findings.severity,
            "Critical")  # Negligible is translated to Informational
示例#4
0
 def test_parse_file_with_finding_no_dns(self):
     testfile = open(
         "dojo/unittests/scans/qualys_infrascan_webgui/qualys_infrascan_webgui_3.xml"
     )
     parser = QualysInfrascanWebguiParser()
     findings = parser.get_findings(testfile, Test())
     self.assertEqual(1, len(findings))
     # finding 0
     finding = findings[0]
     self.assertEqual(
         "UDP Constant IP Identification Field Fingerprinting Vulnerability",
         finding.title)
     self.assertEqual("Low", finding.severity)
     self.assertEqual(datetime(2019, 4, 2, 10, 14, 53, tzinfo=pytz.utc),
                      finding.date)
     self.assertEqual(1, len(finding.unsaved_endpoints))
     unsaved_endpoint = finding.unsaved_endpoints[0]
     self.assertEqual('10.1.10.1', unsaved_endpoint.host)
示例#5
0
 def test_parse_file_with_multiple_vuln_has_multiple_findings(self):
     testfile = open(
         "dojo/unittests/scans/qualys_infrascan_webgui/qualys_infrascan_webgui_multiple.xml"
     )
     parser = QualysInfrascanWebguiParser()
     findings = parser.get_findings(testfile, Test())
     for finding in findings:
         for endpoint in finding.unsaved_endpoints:
             endpoint.clean()
     self.assertEqual(6, len(findings))
     # finding 0
     finding = findings[0]
     self.assertEqual("UDP Constant IP Identification Field Fingerprinting Vulnerability", finding.title)
     self.assertEqual("Low", finding.severity)
     self.assertEqual(datetime(2019, 4, 2, 10, 14, 53, tzinfo=pytz.utc), finding.date)
     # finding 4
     finding = findings[4]
     self.assertEqual("Hidden RPC Services", finding.title)
     self.assertEqual("Low", finding.severity)
     self.assertEqual(datetime(2019, 4, 2, 10, 14, 53, tzinfo=pytz.utc), finding.date)
     self.assertEqual("Some impact\n\n", finding.impact)