Skip to content

Commit 1fc3ad4

Browse files
MislavReversingLabsMislavReversingLabs
committed
Add tests
1 parent d53bc82 commit 1fc3ad4

File tree

1 file changed

+218
-16
lines changed

1 file changed

+218
-16
lines changed

tests/test_ticloud.py

Lines changed: 218 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,11 @@
66
URLThreatIntelligence, AnalyzeURL, DomainThreatIntelligence, IPThreatIntelligence, FileUpload, DeleteFile, \
77
ReanalyzeFile, DataChangeSubscription, DynamicAnalysis, CertificateIndex, RansomwareIndicators, NewMalwareFilesFeed, \
88
NewMalwareURIFeed, ImpHashSimilarity, YARAHunting, YARARetroHunting, TAXIIRansomwareFeed, CustomerUsage, \
9-
NetworkReputation, FileReputationUserOverride, NetworkReputationUserOverride, \
9+
NetworkReputation, FileReputationUserOverride, NetworkReputationUserOverride, MalwareFamilyDetection, \
10+
VerticalFeedsStatistics, VerticalFeedsSearch, CertificateAnalytics, CertificateThumbprintSearch, \
11+
NewMalwarePlatformFiltered, NewFilesFirstScan, NewFilesFirstAndRescan, FilesWithDetectionChanges, \
12+
MWPChangeEventsFeed, CvesExploitedInTheWild, NewExploitOrCveSamplesFoundInWildHourly, \
13+
NewExploitAndCveSamplesFoundInWildDaily, NewWhitelistedFiles, ChangesWhitelistedFiles, \
1014
CLASSIFICATIONS, AVAILABLE_PLATFORMS, RHA1_TYPE_MAP, \
1115
resolve_hash_type, calculate_hash, NotFoundError
1216
from ReversingLabs.SDK.helper import WrongInputError, BadGatewayError, DEFAULT_USER_AGENT
@@ -1168,60 +1172,258 @@ def test_query(self, requests_mock):
11681172

11691173

11701174
class TestMalwareFamilyDetection:
1171-
pass
1175+
@classmethod
1176+
def setup_class(cls):
1177+
cls.malware_family = MalwareFamilyDetection(HOST, USERNAME, PASSWORD)
1178+
1179+
def test_query(self, requests_mock):
1180+
self.malware_family.get_malware_family(hash_type="SHA1", hash_value=SHA1)
1181+
1182+
expected_url = f"{HOST}/api/malware/family/detection/v1/query/sha1/{SHA1}"
1183+
1184+
requests_mock.get.assert_called_with(
1185+
url=expected_url,
1186+
auth=(USERNAME, PASSWORD),
1187+
verify=True,
1188+
proxies=None,
1189+
headers={"User-Agent": DEFAULT_USER_AGENT},
1190+
params=None
1191+
)
11721192

11731193

11741194
class TestVerticalFeedsStatistics:
1175-
pass
1195+
@classmethod
1196+
def setup_class(cls):
1197+
cls.verticalstats = VerticalFeedsStatistics(HOST, USERNAME, PASSWORD)
1198+
1199+
def test_wrong_input(self):
1200+
with pytest.raises(WrongInputError, match=r"The all_time parameter can not be used together with weeks."):
1201+
self.verticalstats.feed_query(
1202+
category="financial",
1203+
filter="counts",
1204+
weeks=5,
1205+
all_time=True
1206+
)
1207+
1208+
def test_query(self, requests_mock):
1209+
self.verticalstats.feed_query(
1210+
category="financial",
1211+
filter="counts",
1212+
weeks=5,
1213+
all_time=False
1214+
)
1215+
1216+
expected_url = f"{HOST}/api/feed/malware/detection/family/v2/statistics/category/financial/counts"
1217+
1218+
requests_mock.get.assert_called_with(
1219+
url=expected_url,
1220+
auth=(USERNAME, PASSWORD),
1221+
verify=True,
1222+
proxies=None,
1223+
headers={"User-Agent": DEFAULT_USER_AGENT},
1224+
params={"format": "json", "weeks": 5}
1225+
)
11761226

11771227

11781228
class TestVerticalFeedsSearch:
1179-
pass
1229+
@classmethod
1230+
def setup_class(cls):
1231+
cls.verticalsearch = VerticalFeedsSearch(HOST, USERNAME, PASSWORD)
1232+
1233+
def test_wrong_input(self):
1234+
with pytest.raises(WrongInputError, match=r"if timestamp is used, time_value needs to be a unix timestamp"):
1235+
self.verticalsearch.feed_query(time_format="timestamp", time_value="2024-05-15T22:12:32", family_name="aaa")
1236+
1237+
with pytest.raises(WrongInputError, match=r"if utc is used, time_value needs to be in format 'YYYY-MM-DDThh:mm:ss'"):
1238+
self.verticalsearch.feed_query(time_format="utc", time_value="12345678", family_name="aaa")
11801239

11811240

11821241
class TestCertificateAnalytics:
1183-
pass
1242+
@classmethod
1243+
def setup_class(cls):
1244+
cls.analytics = CertificateAnalytics(HOST, USERNAME, PASSWORD)
1245+
1246+
def test_query(self, requests_mock):
1247+
self.analytics.get_certificate_analytics(certificate_thumbprints=SHA1)
1248+
1249+
expected_url = f"{HOST}/api/certificate/analytics/v1/query/thumbprint/{SHA1}?format=json"
1250+
1251+
requests_mock.get.assert_called_with(
1252+
url=expected_url,
1253+
auth=(USERNAME, PASSWORD),
1254+
verify=True,
1255+
proxies=None,
1256+
headers={"User-Agent": DEFAULT_USER_AGENT},
1257+
params=None
1258+
)
11841259

11851260

11861261
class TestCertificateThumbprintSearch:
1187-
pass
1262+
@classmethod
1263+
def setup_class(cls):
1264+
cls.thumbsearch = CertificateThumbprintSearch(HOST, USERNAME, PASSWORD)
1265+
1266+
def test_wrong_input(self):
1267+
with pytest.raises(WrongInputError, match=r"Both next_page_common_name and next_page_thumbprint parameters need to be used"):
1268+
self.thumbsearch.search_common_names(common_name="aaaa", next_page_common_name="bbb")
11881269

11891270

11901271
class TestNewMalwarePlatformFiltered:
1191-
pass
1272+
@classmethod
1273+
def setup_class(cls):
1274+
cls.new_malware = NewMalwarePlatformFiltered(HOST, USERNAME, PASSWORD)
1275+
1276+
def test_query(self, requests_mock):
1277+
self.new_malware.feed_query(
1278+
time_format="timestamp",
1279+
time_value="12345678"
1280+
)
1281+
1282+
expected_url = f"{HOST}/api/feed/malware/detection/platform/v1/query/timestamp/12345678?sample_available=false&limit=1000&format=json"
1283+
1284+
requests_mock.get.assert_called_with(
1285+
url=expected_url,
1286+
auth=(USERNAME, PASSWORD),
1287+
verify=True,
1288+
proxies=None,
1289+
headers={"User-Agent": DEFAULT_USER_AGENT},
1290+
params=None
1291+
)
11921292

11931293

11941294
class TestNewFilesFirstScan:
1195-
pass
1295+
@classmethod
1296+
def setup_class(cls):
1297+
cls.new_files = NewFilesFirstScan(HOST, USERNAME, PASSWORD)
1298+
1299+
def test_wrong_input(self):
1300+
with pytest.raises(WrongInputError, match=r"if timestamp is used, time_value needs to be a unix timestamp"):
1301+
self.new_files.feed_query(time_format="timestamp", time_value="2024-05-15T22:12:32")
1302+
1303+
with pytest.raises(WrongInputError, match=r"if utc is used, time_value needs to be in format 'YYYY-MM-DDThh:mm:ss'"):
1304+
self.new_files.feed_query(time_format="utc", time_value="12345678")
11961305

11971306

11981307
class TestNewFilesFirstAndRescan:
1199-
pass
1308+
@classmethod
1309+
def setup_class(cls):
1310+
cls.new_files = NewFilesFirstAndRescan(HOST, USERNAME, PASSWORD)
1311+
1312+
def test_wrong_input(self):
1313+
with pytest.raises(WrongInputError, match=r"if timestamp is used, time_value needs to be a unix timestamp"):
1314+
self.new_files.feed_query(time_format="timestamp", time_value="2024-05-15T22:12:32")
1315+
1316+
with pytest.raises(WrongInputError, match=r"if utc is used, time_value needs to be in format 'YYYY-MM-DDThh:mm:ss'"):
1317+
self.new_files.feed_query(time_format="utc", time_value="12345678")
12001318

12011319

12021320
class TestFilesWithDetectionChanges:
1203-
pass
1321+
@classmethod
1322+
def setup_class(cls):
1323+
cls.files_changes = FilesWithDetectionChanges(HOST, USERNAME, PASSWORD)
1324+
1325+
def test_wrong_input(self):
1326+
with pytest.raises(WrongInputError, match=r"if timestamp is used, time_value needs to be a unix timestamp"):
1327+
self.files_changes.feed_query(time_format="timestamp", time_value="2024-05-15T22:12:32")
1328+
1329+
with pytest.raises(WrongInputError, match=r"if utc is used, time_value needs to be in format 'YYYY-MM-DDThh:mm:ss'"):
1330+
self.files_changes.feed_query(time_format="utc", time_value="12345678")
12041331

12051332

12061333
class TestMWPChangeEventsFeed:
1207-
pass
1334+
@classmethod
1335+
def setup_class(cls):
1336+
cls.mwp_events = MWPChangeEventsFeed(HOST, USERNAME, PASSWORD)
1337+
1338+
def test_wrong_input(self):
1339+
with pytest.raises(WrongInputError, match=r"If the timestamp time_format is used, time_value parameter must be a Unix"):
1340+
self.mwp_events.pull_with_timestamp(time_format="timestamp", time_value="2024-05-15T22:12:32")
1341+
1342+
with pytest.raises(WrongInputError, match=r"If the utc time_format is used, time_value parameter must be written in the"):
1343+
self.mwp_events.pull_with_timestamp(time_format="utc", time_value="12345678")
12081344

12091345

12101346
class TestCvesExploitedInTheWild:
1211-
pass
1347+
@classmethod
1348+
def setup_class(cls):
1349+
cls.cves = CvesExploitedInTheWild(HOST, USERNAME, PASSWORD)
1350+
1351+
def test_wrong_input(self):
1352+
with pytest.raises(WrongInputError, match=r"if timestamp is used, time_value needs to be a unix timestamp"):
1353+
self.cves.pull_daily_cve_report(time_format="timestamp", time_value="2024-05-15T22:12:32")
1354+
1355+
with pytest.raises(WrongInputError, match=r"If the date format is used, time_value must be provided as 'YYY-MM-DD'"):
1356+
self.cves.pull_daily_cve_report(time_format="date", time_value="12345678")
12121357

12131358

12141359
class TestNewExploitOrCveSamplesFoundInWildHourly:
1215-
pass
1360+
@classmethod
1361+
def setup_class(cls):
1362+
cls.hourly = NewExploitOrCveSamplesFoundInWildHourly(HOST, USERNAME, PASSWORD)
1363+
1364+
def test_query(self, requests_mock):
1365+
self.hourly.latest_hourly_exploit_list_query(sample_available=True, active_cve=True)
1366+
1367+
expected_url = f"{HOST}/api/feed/malware/detection/exploit/hourly/v2/query/latest"
1368+
1369+
requests_mock.get.assert_called_with(
1370+
url=expected_url,
1371+
auth=(USERNAME, PASSWORD),
1372+
verify=True,
1373+
proxies=None,
1374+
headers={"User-Agent": DEFAULT_USER_AGENT},
1375+
params={
1376+
"sample_available": "true",
1377+
"active_cve": "true",
1378+
"format": "json"
1379+
}
1380+
)
12161381

12171382

12181383
class TestNewExploitAndCveSamplesFoundInWildDaily:
1219-
pass
1384+
@classmethod
1385+
def setup_class(cls):
1386+
cls.daily = NewExploitAndCveSamplesFoundInWildDaily(HOST, USERNAME, PASSWORD)
1387+
1388+
def test_query(self, requests_mock):
1389+
self.daily.latest_daily_exploit_list_query(sample_available=True)
1390+
1391+
expected_url = f"{HOST}/api/feed/malware/exploit/daily/v1/query/latest"
1392+
1393+
requests_mock.get.assert_called_with(
1394+
url=expected_url,
1395+
auth=(USERNAME, PASSWORD),
1396+
verify=True,
1397+
proxies=None,
1398+
headers={"User-Agent": DEFAULT_USER_AGENT},
1399+
params={
1400+
"sample_available": "true",
1401+
"format": "json"
1402+
}
1403+
)
12201404

12211405

12221406
class TestNewWhitelistedFiles:
1223-
pass
1407+
@classmethod
1408+
def setup_class(cls):
1409+
cls.whitelisted = NewWhitelistedFiles(HOST, USERNAME, PASSWORD)
1410+
1411+
def test_wrong_input(self):
1412+
with pytest.raises(WrongInputError, match=r"if timestamp is used, time_value needs to be a unix timestamp"):
1413+
self.whitelisted.feed_query(time_format="timestamp", time_value="2024-05-15T22:12:32")
1414+
1415+
with pytest.raises(WrongInputError, match=r"if utc is used, time_value needs to be in format 'YYYY-MM-DDThh:mm:ss'"):
1416+
self.whitelisted.feed_query(time_format="utc", time_value="12345678")
12241417

12251418

12261419
class TestChangesWhitelistedFiles:
1227-
pass
1420+
@classmethod
1421+
def setup_class(cls):
1422+
cls.changes = ChangesWhitelistedFiles(HOST, USERNAME, PASSWORD)
1423+
1424+
def test_wrong_input(self):
1425+
with pytest.raises(WrongInputError, match=r"if timestamp is used, time_value needs to be a unix timestamp"):
1426+
self.changes.feed_query(time_format="timestamp", time_value="2024-05-15T22:12:32")
1427+
1428+
with pytest.raises(WrongInputError, match=r"if utc is used, time_value needs to be in format 'YYYY-MM-DDThh:mm:ss'"):
1429+
self.changes.feed_query(time_format="utc", time_value="12345678")

0 commit comments

Comments
 (0)