threatinator 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/CHANGELOG.md +23 -0
- data/CONTRIBUTING.md +119 -0
- data/Gemfile +28 -0
- data/LICENSE +165 -0
- data/README.md +45 -0
- data/Rakefile +45 -0
- data/VERSION +1 -0
- data/bin/threatinator +5 -0
- data/lib/threatinator.rb +3 -0
- data/lib/threatinator/action.rb +14 -0
- data/lib/threatinator/actions/list.rb +2 -0
- data/lib/threatinator/actions/list/action.rb +53 -0
- data/lib/threatinator/actions/list/config.rb +10 -0
- data/lib/threatinator/actions/run.rb +2 -0
- data/lib/threatinator/actions/run/action.rb +45 -0
- data/lib/threatinator/actions/run/config.rb +32 -0
- data/lib/threatinator/actions/run/coverage_observer.rb +54 -0
- data/lib/threatinator/actions/run/output_config.rb +59 -0
- data/lib/threatinator/cli.rb +13 -0
- data/lib/threatinator/cli/action_builder.rb +33 -0
- data/lib/threatinator/cli/list_action_builder.rb +19 -0
- data/lib/threatinator/cli/parser.rb +113 -0
- data/lib/threatinator/cli/run_action_builder.rb +41 -0
- data/lib/threatinator/config.rb +6 -0
- data/lib/threatinator/config/base.rb +35 -0
- data/lib/threatinator/config/feed_search.rb +25 -0
- data/lib/threatinator/decoder.rb +24 -0
- data/lib/threatinator/decoders/gzip.rb +30 -0
- data/lib/threatinator/event.rb +27 -0
- data/lib/threatinator/event_builder.rb +41 -0
- data/lib/threatinator/exceptions.rb +61 -0
- data/lib/threatinator/feed.rb +82 -0
- data/lib/threatinator/feed_builder.rb +156 -0
- data/lib/threatinator/feed_registry.rb +47 -0
- data/lib/threatinator/feed_runner.rb +118 -0
- data/lib/threatinator/fetcher.rb +22 -0
- data/lib/threatinator/fetchers/http.rb +46 -0
- data/lib/threatinator/filter.rb +12 -0
- data/lib/threatinator/filters/block.rb +18 -0
- data/lib/threatinator/filters/comments.rb +16 -0
- data/lib/threatinator/filters/whitespace.rb +19 -0
- data/lib/threatinator/output.rb +50 -0
- data/lib/threatinator/parser.rb +23 -0
- data/lib/threatinator/parsers/csv.rb +7 -0
- data/lib/threatinator/parsers/csv/parser.rb +77 -0
- data/lib/threatinator/parsers/getline.rb +8 -0
- data/lib/threatinator/parsers/getline/parser.rb +45 -0
- data/lib/threatinator/parsers/json.rb +8 -0
- data/lib/threatinator/parsers/json/adapters/oj.rb +65 -0
- data/lib/threatinator/parsers/json/parser.rb +45 -0
- data/lib/threatinator/parsers/json/record.rb +20 -0
- data/lib/threatinator/parsers/xml.rb +8 -0
- data/lib/threatinator/parsers/xml/node.rb +79 -0
- data/lib/threatinator/parsers/xml/node_builder.rb +39 -0
- data/lib/threatinator/parsers/xml/parser.rb +44 -0
- data/lib/threatinator/parsers/xml/path.rb +70 -0
- data/lib/threatinator/parsers/xml/pattern.rb +53 -0
- data/lib/threatinator/parsers/xml/record.rb +14 -0
- data/lib/threatinator/parsers/xml/sax_document.rb +64 -0
- data/lib/threatinator/plugin_loader.rb +115 -0
- data/lib/threatinator/plugins/output/csv.rb +47 -0
- data/lib/threatinator/plugins/output/null.rb +17 -0
- data/lib/threatinator/plugins/output/rubydebug.rb +16 -0
- data/lib/threatinator/property_definer.rb +101 -0
- data/lib/threatinator/record.rb +22 -0
- data/lib/threatinator/registry.rb +53 -0
- data/lib/threatinator/util.rb +15 -0
- data/spec/feeds/ET_compromised-ip_reputation_spec.rb +50 -0
- data/spec/feeds/alienvault-ip_reputation_spec.rb +50 -0
- data/spec/feeds/arbor_fastflux-domain_reputation_spec.rb +50 -0
- data/spec/feeds/arbor_ssh-ip_reputation_spec.rb +50 -0
- data/spec/feeds/autoshun_shunlist_spec.rb +42 -0
- data/spec/feeds/blocklist_de_apache-ip_reputation_spec.rb +50 -0
- data/spec/feeds/blocklist_de_bots-ip_reputation_spec.rb +50 -0
- data/spec/feeds/blocklist_de_ftp-ip_reputation_spec.rb +50 -0
- data/spec/feeds/blocklist_de_imap-ip_reputation_spec.rb +50 -0
- data/spec/feeds/blocklist_de_pop3-ip_reputation_spec.rb +50 -0
- data/spec/feeds/blocklist_de_proftpd-ip_reputation_spec.rb +50 -0
- data/spec/feeds/blocklist_de_sip-ip_reputation_spec.rb +50 -0
- data/spec/feeds/blocklist_de_ssh-ip_reputation_spec.rb +50 -0
- data/spec/feeds/blocklist_de_strongips-ip_reputation_spec.rb +50 -0
- data/spec/feeds/ciarmy-ip_reputation_spec.rb +50 -0
- data/spec/feeds/cruzit-ip_reputation_spec.rb +50 -0
- data/spec/feeds/dan_me_uk_torlist-ip_reputation_spec.rb +50 -0
- data/spec/feeds/data/ET_compromised-ip_reputation.txt +11 -0
- data/spec/feeds/data/alienvault-ip_reputation.txt +18 -0
- data/spec/feeds/data/arbor_domainlist.txt +11 -0
- data/spec/feeds/data/arbor_ssh.txt +16 -0
- data/spec/feeds/data/autoshun_shunlist.csv +20 -0
- data/spec/feeds/data/blocklist_de_apache-ip-reputation.txt +17 -0
- data/spec/feeds/data/blocklist_de_bots-ip-reputation.txt +15 -0
- data/spec/feeds/data/blocklist_de_ftp-ip-reputation.txt +7 -0
- data/spec/feeds/data/blocklist_de_imap-ip-reputation.txt +8 -0
- data/spec/feeds/data/blocklist_de_pop3-ip-reputation.txt +11 -0
- data/spec/feeds/data/blocklist_de_proftpd-ip-reputation.txt +12 -0
- data/spec/feeds/data/blocklist_de_sip-ip-reputation.txt +9 -0
- data/spec/feeds/data/blocklist_de_ssh-ip-reputation.txt +10 -0
- data/spec/feeds/data/blocklist_de_strongips-ip-reputation.txt +11 -0
- data/spec/feeds/data/ciarmy-ip-reputation.txt +11 -0
- data/spec/feeds/data/cruzit-ip-reputation.txt +14 -0
- data/spec/feeds/data/dan_me_uk_torlist-ip-reputation.txt +11 -0
- data/spec/feeds/data/dshield_topattackers.xml +4 -0
- data/spec/feeds/data/feodo_domainlist.txt +18 -0
- data/spec/feeds/data/feodo_iplist.txt +20 -0
- data/spec/feeds/data/infiltrated_iplist.txt +16 -0
- data/spec/feeds/data/malc0de_domainlist.txt +18 -0
- data/spec/feeds/data/malc0de_iplist.txt +14 -0
- data/spec/feeds/data/mirc_domainlist.txt +31 -0
- data/spec/feeds/data/nothink_irc_iplist.txt +14 -0
- data/spec/feeds/data/nothink_ssh_iplist.txt +10 -0
- data/spec/feeds/data/openbl_iplist.txt +12 -0
- data/spec/feeds/data/palevo_domainlist.txt +25 -0
- data/spec/feeds/data/palevo_iplist.txt +24 -0
- data/spec/feeds/data/phishtank-sample.json.gz +0 -0
- data/spec/feeds/data/spyeye_domainlist.txt +16 -0
- data/spec/feeds/data/spyeye_iplist.txt +19 -0
- data/spec/feeds/data/t-arend-de_ssh_iplist.txt +17 -0
- data/spec/feeds/data/the_haleys_ssh_iplist.txt +12 -0
- data/spec/feeds/data/yourcmc_ssh-ip_reputation.txt +27 -0
- data/spec/feeds/data/zeus-ip_reputation.txt +285 -0
- data/spec/feeds/data/zeus_domainlist.txt +27 -0
- data/spec/feeds/dshield_attackers-top1000_spec.rb +43 -0
- data/spec/feeds/feodo-domain_reputation_spec.rb +50 -0
- data/spec/feeds/feodo-ip_reputation_spec.rb +50 -0
- data/spec/feeds/infiltrated-ip_reputation_spec.rb +50 -0
- data/spec/feeds/malc0de-domain_reputation_spec.rb +50 -0
- data/spec/feeds/malc0de-ip_reputation_spec.rb +50 -0
- data/spec/feeds/mirc-domain_reputation_spec.rb +50 -0
- data/spec/feeds/nothink_irc-ip_reputation_spec.rb +50 -0
- data/spec/feeds/nothink_ssh-ip_reputation_spec.rb +50 -0
- data/spec/feeds/openbl-ip_reputation_spec.rb +50 -0
- data/spec/feeds/palevo-domain_reputation_spec.rb +50 -0
- data/spec/feeds/palevo-ip_reputation_spec.rb +50 -0
- data/spec/feeds/phishtank_spec.rb +45 -0
- data/spec/feeds/spyeye-domain_reputation_spec.rb +50 -0
- data/spec/feeds/spyeye-ip_reputation_spec.rb +50 -0
- data/spec/feeds/t-arend-de_ssh-ip_reputation_spec.rb +50 -0
- data/spec/feeds/the_haleys_ssh-ip_reputation_spec.rb +50 -0
- data/spec/feeds/yourcmc_ssh-ip_reputation_spec.rb +50 -0
- data/spec/feeds/zeus-domain_reputation_spec.rb +50 -0
- data/spec/feeds/zeus-ip_reputation_spec.rb +50 -0
- data/spec/fixtures/feed/provider1/feed1.feed +6 -0
- data/spec/fixtures/parsers/test.xml +13 -0
- data/spec/fixtures/parsers/test_self_closing.xml +20 -0
- data/spec/fixtures/plugins/bad/threatinator/plugins/test_error1/plugin.rb +1 -0
- data/spec/fixtures/plugins/bad/threatinator/plugins/test_missing1/plugin.rb +0 -0
- data/spec/fixtures/plugins/fake.rb +19 -0
- data/spec/fixtures/plugins/good/threatinator/plugins/test_type1/plugin_a.rb +8 -0
- data/spec/fixtures/plugins/good/threatinator/plugins/test_type1/plugin_b.rb +8 -0
- data/spec/fixtures/plugins/good/threatinator/plugins/test_type2/plugin_c.rb +8 -0
- data/spec/fixtures/plugins/good/threatinator/plugins/test_type2/plugin_d.rb +8 -0
- data/spec/fixtures/plugins/good/threatinator/plugins/test_type3/plugin_e.rb +8 -0
- data/spec/fixtures/plugins/good/threatinator/plugins/test_type3/plugin_f.rb +8 -0
- data/spec/spec_helper.rb +52 -0
- data/spec/support/bad_feeds/missing_fetcher.feed +7 -0
- data/spec/support/bad_feeds/missing_name.feed +6 -0
- data/spec/support/bad_feeds/missing_parser.feed +3 -0
- data/spec/support/bad_feeds/missing_provider.feed +5 -0
- data/spec/support/factories/event.rb +27 -0
- data/spec/support/factories/feed.rb +32 -0
- data/spec/support/factories/feed_builder.rb +65 -0
- data/spec/support/factories/feed_registry.rb +8 -0
- data/spec/support/factories/output.rb +11 -0
- data/spec/support/factories/record.rb +17 -0
- data/spec/support/factories/xml_node.rb +33 -0
- data/spec/support/helpers/io.rb +11 -0
- data/spec/support/helpers/models.rb +13 -0
- data/spec/support/shared/action_builder.rb +47 -0
- data/spec/support/shared/decoder.rb +70 -0
- data/spec/support/shared/feeds.rb +218 -0
- data/spec/support/shared/fetcher.rb +48 -0
- data/spec/support/shared/filter.rb +14 -0
- data/spec/support/shared/io-like.rb +7 -0
- data/spec/support/shared/output.rb +120 -0
- data/spec/support/shared/parsers.rb +51 -0
- data/spec/support/shared/record.rb +111 -0
- data/spec/threatinator/actions/list/action_spec.rb +93 -0
- data/spec/threatinator/actions/run/action_spec.rb +89 -0
- data/spec/threatinator/actions/run/config_spec.rb +39 -0
- data/spec/threatinator/actions/run/coverage_observer_spec.rb +116 -0
- data/spec/threatinator/actions/run/output_config_spec.rb +89 -0
- data/spec/threatinator/cli/list_action_builder_spec.rb +57 -0
- data/spec/threatinator/cli/run_action_builder_spec.rb +133 -0
- data/spec/threatinator/cli_spec.rb +175 -0
- data/spec/threatinator/config/base_spec.rb +39 -0
- data/spec/threatinator/config/feed_search_spec.rb +76 -0
- data/spec/threatinator/decoders/gzip_spec.rb +75 -0
- data/spec/threatinator/event_builder_spec.rb +33 -0
- data/spec/threatinator/event_spec.rb +30 -0
- data/spec/threatinator/feed_builder_spec.rb +636 -0
- data/spec/threatinator/feed_registry_spec.rb +198 -0
- data/spec/threatinator/feed_runner_spec.rb +155 -0
- data/spec/threatinator/feed_spec.rb +169 -0
- data/spec/threatinator/fetcher_spec.rb +12 -0
- data/spec/threatinator/fetchers/http_spec.rb +32 -0
- data/spec/threatinator/filter_spec.rb +13 -0
- data/spec/threatinator/filters/block_spec.rb +16 -0
- data/spec/threatinator/filters/comments_spec.rb +13 -0
- data/spec/threatinator/filters/whitespace_spec.rb +12 -0
- data/spec/threatinator/parser_spec.rb +13 -0
- data/spec/threatinator/parsers/csv/parser_spec.rb +202 -0
- data/spec/threatinator/parsers/getline/parser_spec.rb +83 -0
- data/spec/threatinator/parsers/json/parser_spec.rb +106 -0
- data/spec/threatinator/parsers/json/record_spec.rb +30 -0
- data/spec/threatinator/parsers/xml/node_spec.rb +335 -0
- data/spec/threatinator/parsers/xml/parser_spec.rb +263 -0
- data/spec/threatinator/parsers/xml/path_spec.rb +209 -0
- data/spec/threatinator/parsers/xml/pattern_spec.rb +72 -0
- data/spec/threatinator/parsers/xml/record_spec.rb +27 -0
- data/spec/threatinator/plugin_loader_spec.rb +238 -0
- data/spec/threatinator/plugins/output/csv_spec.rb +46 -0
- data/spec/threatinator/plugins/output/null_spec.rb +17 -0
- data/spec/threatinator/plugins/output/rubydebug_spec.rb +37 -0
- data/spec/threatinator/property_definer_spec.rb +155 -0
- data/spec/threatinator/record_spec.rb +19 -0
- data/spec/threatinator/registry_spec.rb +97 -0
- data/spec/threatinator/runner_spec.rb +273 -0
- metadata +376 -0
@@ -0,0 +1,50 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe 'feeds/zeus-ip_reputation.feed', :feed do
|
4
|
+
let(:provider) { 'abuse_ch' }
|
5
|
+
let(:name) { 'zeus_ip_reputation' }
|
6
|
+
|
7
|
+
it_fetches_url 'https://zeustracker.abuse.ch/blocklist.php?download=ipblocklist'
|
8
|
+
|
9
|
+
describe_parsing_the_file feed_data('zeus-ip_reputation.txt') do
|
10
|
+
it "should have parsed 10 records" do
|
11
|
+
expect(num_records_parsed).to eq(279)
|
12
|
+
end
|
13
|
+
it "should have filtered 8 records" do
|
14
|
+
expect(num_records_filtered).to eq(6)
|
15
|
+
end
|
16
|
+
it "should have missed 0 records" do
|
17
|
+
expect(num_records_missed).to eq(0)
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
describe_parsing_a_record '109.229.210.250' do
|
22
|
+
it "should have parsed" do
|
23
|
+
expect(status).to eq(:parsed)
|
24
|
+
end
|
25
|
+
it "should have parsed 1 event" do
|
26
|
+
expect(events.count).to eq(1)
|
27
|
+
end
|
28
|
+
describe 'event 0' do
|
29
|
+
subject { events[0] }
|
30
|
+
its(:type) { is_expected.to be(:c2) }
|
31
|
+
its(:ipv4s) { is_expected.to match_array(['109.229.210.250']) }
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
describe_parsing_a_record '141.105.67.94' do
|
36
|
+
it "should have parsed" do
|
37
|
+
expect(status).to eq(:parsed)
|
38
|
+
end
|
39
|
+
it "should have parsed 1 event" do
|
40
|
+
expect(events.count).to eq(1)
|
41
|
+
end
|
42
|
+
describe 'event 0' do
|
43
|
+
subject { events[0] }
|
44
|
+
its(:type) { is_expected.to be(:c2) }
|
45
|
+
its(:ipv4s) { is_expected.to match_array(['141.105.67.94']) }
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
|
@@ -0,0 +1 @@
|
|
1
|
+
asldkfj
|
File without changes
|
@@ -0,0 +1,19 @@
|
|
1
|
+
require 'threatinator/output'
|
2
|
+
module FakeOutputPlugins
|
3
|
+
class Plugin1 < Threatinator::Output
|
4
|
+
class Config < superclass::Config
|
5
|
+
attribute :foo
|
6
|
+
end
|
7
|
+
end
|
8
|
+
class Plugin2 < Threatinator::Output
|
9
|
+
class Config < superclass::Config
|
10
|
+
attribute :bar
|
11
|
+
end
|
12
|
+
end
|
13
|
+
class Plugin3 < Threatinator::Output
|
14
|
+
class Config < superclass::Config
|
15
|
+
attribute :woof
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,52 @@
|
|
1
|
+
require 'rubygems'
|
2
|
+
require 'bundler'
|
3
|
+
Bundler.setup :default, :test
|
4
|
+
|
5
|
+
require 'pathname'
|
6
|
+
SPEC_ROOT = Pathname.new(__FILE__).dirname.expand_path
|
7
|
+
PROJECT_ROOT = SPEC_ROOT.join('../').expand_path
|
8
|
+
SUPPORT_ROOT = SPEC_ROOT.join('support')
|
9
|
+
|
10
|
+
FEEDS_ROOT = PROJECT_ROOT.join('feeds')
|
11
|
+
FEED_DATA_ROOT = SPEC_ROOT.join('feeds', 'data')
|
12
|
+
|
13
|
+
FIXTURES_ROOT = SPEC_ROOT.join('fixtures')
|
14
|
+
PARSER_FIXTURES = FIXTURES_ROOT.join('parsers')
|
15
|
+
PLUGIN_FIXTURES = FIXTURES_ROOT.join('plugins')
|
16
|
+
FEED_FIXTURES = FIXTURES_ROOT.join('feed')
|
17
|
+
|
18
|
+
require 'webmock/rspec'
|
19
|
+
require 'simplecov'
|
20
|
+
require 'rspec/its'
|
21
|
+
|
22
|
+
formatters = [
|
23
|
+
SimpleCov::Formatter::HTMLFormatter
|
24
|
+
]
|
25
|
+
|
26
|
+
begin
|
27
|
+
require 'simplecov-vim/formatter'
|
28
|
+
formatters << SimpleCov::Formatter::VimFormatter
|
29
|
+
rescue ::LoadError
|
30
|
+
end
|
31
|
+
|
32
|
+
SimpleCov.formatters = formatters
|
33
|
+
SimpleCov.start do
|
34
|
+
project_root = RSpec::Core::RubyProject.root
|
35
|
+
add_filter PROJECT_ROOT.join('spec').to_s
|
36
|
+
add_filter PROJECT_ROOT.join('.gem').to_s
|
37
|
+
add_filter PROJECT_ROOT.join('.git').to_s
|
38
|
+
end
|
39
|
+
|
40
|
+
require 'factory_girl'
|
41
|
+
Dir.glob(SUPPORT_ROOT.join('**','*.rb')).sort.each { |f| require f}
|
42
|
+
|
43
|
+
RSpec.configure do |config|
|
44
|
+
config.include FactoryGirl::Syntax::Methods
|
45
|
+
config.include IOHelpers
|
46
|
+
config.extend FeedHelpers::FeedHelperMethods, :feed
|
47
|
+
|
48
|
+
config.expect_with :rspec do |c|
|
49
|
+
c.syntax = :expect
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
@@ -0,0 +1,27 @@
|
|
1
|
+
require 'threatinator/event'
|
2
|
+
|
3
|
+
FactoryGirl.define do
|
4
|
+
factory :event, class: Threatinator::Event do
|
5
|
+
feed_name 'my_feed_name'
|
6
|
+
feed_provider 'my_provider'
|
7
|
+
type :scanning
|
8
|
+
ipv4s { [ ] }
|
9
|
+
fqdns { [ ] }
|
10
|
+
|
11
|
+
initialize_with {
|
12
|
+
ret = new()
|
13
|
+
ret.feed_name = feed_name
|
14
|
+
ret.feed_provider = feed_provider
|
15
|
+
ret.type = type
|
16
|
+
ipv4s.each do |ipv4|
|
17
|
+
ret.add_ipv4(ipv4)
|
18
|
+
end
|
19
|
+
fqdns.each do |fqdn|
|
20
|
+
ret.add_fqdn(fqdn)
|
21
|
+
end
|
22
|
+
ret
|
23
|
+
}
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
|
@@ -0,0 +1,32 @@
|
|
1
|
+
require 'threatinator/feed'
|
2
|
+
require 'threatinator/parser'
|
3
|
+
require 'threatinator/fetcher'
|
4
|
+
require 'threatinator/fetchers/http'
|
5
|
+
|
6
|
+
FactoryGirl.define do
|
7
|
+
factory :feed, class: Threatinator::Feed do
|
8
|
+
sequence(:provider) { |n| "provider_#{n}" }
|
9
|
+
sequence(:name) { |n| "name_#{n}" }
|
10
|
+
fetcher_builder { lambda { Threatinator::Fetcher.new({}) } }
|
11
|
+
parser_builder { lambda { Threatinator::Parser.new({}) } }
|
12
|
+
filter_builders { [] }
|
13
|
+
decoder_builders { [] }
|
14
|
+
parser_block { lambda { |*args| } }
|
15
|
+
|
16
|
+
initialize_with { new(attributes) }
|
17
|
+
|
18
|
+
trait :http do
|
19
|
+
url { "https://foobar/#{provider}/#{name}.data" }
|
20
|
+
fetcher_builder { lambda { Threatinator::Fetchers::Http.new({url: url}) } }
|
21
|
+
end
|
22
|
+
|
23
|
+
trait :mini do
|
24
|
+
http
|
25
|
+
sequence(:url) { |n| "http://x#{n}" }
|
26
|
+
sequence(:provider) { |n| "x#{n}" }
|
27
|
+
sequence(:name) { |n| "x#{n}" }
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
end
|
32
|
+
|
@@ -0,0 +1,65 @@
|
|
1
|
+
require 'threatinator/feed_builder'
|
2
|
+
|
3
|
+
FactoryGirl.define do
|
4
|
+
factory :feed_builder, class: Threatinator::FeedBuilder do
|
5
|
+
initialize_with do
|
6
|
+
builder = new()
|
7
|
+
attributes.each_pair do |sym, val|
|
8
|
+
next if val.nil?
|
9
|
+
if val.kind_of?(::Proc)
|
10
|
+
builder.send(sym, &val)
|
11
|
+
else
|
12
|
+
builder.send(sym, val)
|
13
|
+
end
|
14
|
+
end
|
15
|
+
builder
|
16
|
+
end
|
17
|
+
|
18
|
+
trait :provider do
|
19
|
+
provider 'FakeSecureCo'
|
20
|
+
end
|
21
|
+
|
22
|
+
trait :name do
|
23
|
+
name 'MaliciousDataFeed'
|
24
|
+
end
|
25
|
+
|
26
|
+
trait :http do
|
27
|
+
fetch_http "http://foo.com/bar"
|
28
|
+
end
|
29
|
+
|
30
|
+
trait :parse_eachline do
|
31
|
+
parse_eachline { lambda { |line| } }
|
32
|
+
end
|
33
|
+
|
34
|
+
trait :without_provider do
|
35
|
+
name
|
36
|
+
parse_eachline
|
37
|
+
http
|
38
|
+
end
|
39
|
+
|
40
|
+
trait :without_name do
|
41
|
+
provider
|
42
|
+
parse_eachline
|
43
|
+
http
|
44
|
+
end
|
45
|
+
|
46
|
+
trait :without_parser do
|
47
|
+
name
|
48
|
+
provider
|
49
|
+
http
|
50
|
+
end
|
51
|
+
|
52
|
+
trait :without_fetcher do
|
53
|
+
name
|
54
|
+
provider
|
55
|
+
parse_eachline
|
56
|
+
end
|
57
|
+
|
58
|
+
trait :buildable do
|
59
|
+
name
|
60
|
+
provider
|
61
|
+
parse_eachline
|
62
|
+
http
|
63
|
+
end
|
64
|
+
end
|
65
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
require 'threatinator/record'
|
2
|
+
|
3
|
+
FactoryGirl.define do
|
4
|
+
factory :record, class: Threatinator::Record do
|
5
|
+
data { "some data" }
|
6
|
+
|
7
|
+
line_number 1
|
8
|
+
pos_start 0
|
9
|
+
pos_end 9
|
10
|
+
|
11
|
+
initialize_with {
|
12
|
+
new(attributes[:data], attributes)
|
13
|
+
}
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
|
@@ -0,0 +1,33 @@
|
|
1
|
+
require 'threatinator/parsers/xml/node'
|
2
|
+
|
3
|
+
FactoryGirl.define do
|
4
|
+
factory :xml_node, class: Threatinator::Parsers::XML::Node do
|
5
|
+
name { "foo" }
|
6
|
+
attrs { { } }
|
7
|
+
text { "" }
|
8
|
+
children { [] }
|
9
|
+
|
10
|
+
initialize_with {
|
11
|
+
new(name, attrs: attrs, text: text, children: children)
|
12
|
+
}
|
13
|
+
|
14
|
+
trait(:with_attrs) do
|
15
|
+
attrs { {
|
16
|
+
attr1: "val1",
|
17
|
+
attr2: "val2"
|
18
|
+
} }
|
19
|
+
end
|
20
|
+
|
21
|
+
trait(:with_children) do
|
22
|
+
children { [
|
23
|
+
build(:xml_node, name: "child1"),
|
24
|
+
build(:xml_node, name: "child2"),
|
25
|
+
build(:xml_node, name: "child3"),
|
26
|
+
] }
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
end
|
31
|
+
|
32
|
+
|
33
|
+
|