Modules for expansion services, import and export in MISP http://misp.github.io/misp-modules
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

76 lines
2.7 KiB

#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import unittest
import requests
import base64
import json
import os
from pymisp import MISPEvent, EncodeUpdate
class TestModules(unittest.TestCase):
def setUp(self):
self.maxDiff = None
self.headers = {'Content-Type': 'application/json'}
self.url = "http://127.0.0.1:6666/"
def test_introspection(self):
response = requests.get(self.url + "modules")
print(response.json())
def test_cve(self):
with open('tests/bodycve.json', 'r') as f:
response = requests.post(self.url + "query", data=f.read())
print(response.json())
def test_dns(self):
with open('tests/body.json', 'r') as f:
response = requests.post(self.url + "query", data=f.read())
print(response.json())
with open('tests/body_timeout.json', 'r') as f:
response = requests.post(self.url + "query", data=f.read())
print(response.json())
def test_stix(self):
with open("tests/stix.xml", "rb") as f:
content = base64.b64encode(f.read())
data = json.dumps({"module": "stiximport",
"data": content.decode('utf-8'),
"config": {"max_size": "15000"},
})
response = requests.post(self.url + "query", data=data)
print('STIX', response.json())
def test_virustotal(self):
# This can't actually be tested without disclosing a private
# API key. This will attempt to run with a .gitignored keyfile
# and pass if it can't find one
if not os.path.exists("tests/bodyvirustotal.json"):
return
with open("tests/bodyvirustotal.json", "r") as f:
response = requests.post(self.url + "query", data=f.read()).json()
assert(response)
def test_sign(self):
event = MISPEvent()
event.load('tests/57c4445b-c548-4654-af0b-4be3950d210f.json')
data = {'module': 'sign',
'config': {'uid': '5832bfa8-76d0-4bdb-a221-46fa950d210f', 'passphrase': 'misptestorg'},
'mispevent': json.dumps(event, cls=EncodeUpdate)}
try:
signed_event = requests.post(self.url + "query", data=json.dumps(data)).json()
event.load(signed_event)
data = {'module': 'verify',
'config': {'uid': '5832bfa8-76d0-4bdb-a221-46fa950d210f'},
'mispevent': json.dumps(event, cls=EncodeUpdate)}
verified = requests.post(self.url + "query", data=json.dumps(data))
assert(verified)
except:
pass
if __name__ == '__main__':
unittest.main()