54 lines
1.4 KiB
Python
54 lines
1.4 KiB
Python
from applepy.checks.mitre import _attack_technique_url, augment_mitre_worksheet
|
|
from applepy.dedupe import dedupe_by_id
|
|
from applepy.findings import Finding, Severity
|
|
|
|
|
|
def test_dedupe_by_id() -> None:
|
|
a = Finding(
|
|
id="x",
|
|
title="t",
|
|
category="c",
|
|
severity=Severity.LOW,
|
|
description="d",
|
|
evidence="e",
|
|
worksheet="W",
|
|
)
|
|
b = Finding(
|
|
id="x",
|
|
title="other",
|
|
category="c",
|
|
severity=Severity.HIGH,
|
|
description="d",
|
|
evidence="e",
|
|
worksheet="W",
|
|
)
|
|
out = dedupe_by_id([a, b])
|
|
assert len(out) == 1
|
|
assert out[0].title == "t"
|
|
|
|
|
|
def test_attack_technique_url_subtechnique() -> None:
|
|
assert _attack_technique_url("T1548.001") == "https://attack.mitre.org/techniques/T1548/001/"
|
|
|
|
|
|
def test_attack_technique_url_parent() -> None:
|
|
assert _attack_technique_url("T1059") == "https://attack.mitre.org/techniques/T1059/"
|
|
|
|
|
|
def test_augment_mitre_adds_rows() -> None:
|
|
f = Finding(
|
|
id="f1",
|
|
title="t",
|
|
category="c",
|
|
severity=Severity.INFORMATIONAL,
|
|
description="d",
|
|
evidence="e",
|
|
worksheet="Core",
|
|
mitre_techniques=("T1082",),
|
|
)
|
|
findings: list[Finding] = [f]
|
|
augment_mitre_worksheet(findings)
|
|
assert any(x.id == "map-T1082" for x in findings)
|
|
assert any(x.id == "map-summary" for x in findings)
|
|
assert any(x.id.startswith("map-defer-") for x in findings)
|