From a591138020b4a878ea92c2a19d2a349843f4295f Mon Sep 17 00:00:00 2001 From: chrisr3d Date: Fri, 4 Oct 2019 16:07:19 +0200 Subject: [PATCH] add: Added tests for some expansion modules without API key required - More tests to come --- tests/test_expansions.py | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tests/test_expansions.py b/tests/test_expansions.py index af90213..f737de9 100644 --- a/tests/test_expansions.py +++ b/tests/test_expansions.py @@ -24,11 +24,31 @@ class TestExpansions(unittest.TestCase): return data return data['results'][0]['values'] + def test_btc_steroids(self): + query = {"module": "btc_steroids", "btc": "1ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA"} + reponse = self.misp_modules_post(query) + self.assertTrue(self.get_values(response)[0].startswith('\n\nAddress:\t1ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA\nBalance:\t0.0000000000 BTC (+0.0005355700 BTC / -0.0005355700 BTC)')) + + def test_btc_scam_check(self): + query = {"module": "btc_scam_check", "btc": "1ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA"} + response = slef.misp_modules_post(query) + self.assertEqual(self.get_values(response), '1es14c7qlb5cyhlmuekctxlgc1fv2ti9da fraudolent bitcoin address') + + def test_countrycode(self): + query = {"module": "countrycode", "domain": "www.circl.lu"} + reponse = self.misp_modules_post(query) + self.assertEqual(self.get_values(response), ['Luxembourg']) + def test_cve(self): query = {"module": "cve", "vulnerability": "CVE-2010-3333", "config": {"custom_API": "https://cve.circl.lu/api/cve/"}} response = self.misp_modules_post(query) self.assertTrue(self.get_values(response).startswith("Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3")) + def test_dbl_spamhaus(self): + query = {"module": "dbl_spamhaus", "domain": "language.wikaba.com"} + response = self.misp_modules_post(query) + self.assertEqual(self.get_values(response), 'language.wikaba.com - abused legit malware') + def test_dns(self): query = {"module": "dns", "hostname": "www.circl.lu", "config": {"nameserver": "8.8.8.8"}} response = self.misp_modules_post(query)