scythe-ttp 0.16.0__tar.gz → 0.17.1__tar.gz

{scythe_ttp-0.16.0/scythe_ttp.egg-info → scythe_ttp-0.17.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: scythe-ttp
-Version: 0.16.0
+Version: 0.17.1
 Summary: An extensible framework for emulating attacker TTPs with Selenium.
 Author-email: EpykLab <cyber@epyklab.com>
 Classifier: Programming Language :: Python :: 3
@@ -35,6 +35,7 @@ Requires-Dist: urllib3==2.4.0
 Requires-Dist: websocket-client==1.8.0
 Requires-Dist: wsproto==1.2.0
 Requires-Dist: typer
+Requires-Dist: shellingham
 Dynamic: license-file
 
 <h1 align="center">Scythe</h1>

scythe_ttp-0.17.1/VERSION

@@ -0,0 +1 @@
+0.17.1

{scythe_ttp-0.16.0 → scythe_ttp-0.17.1}/pyproject.toml

@@ -40,7 +40,8 @@ dependencies = [
     "urllib3==2.4.0",
     "websocket-client==1.8.0",
     "wsproto==1.2.0",
-    "typer"
+    "typer",
+    "shellingham"
 ]
 # Remove the static version line entirely
 
@@ -52,4 +53,4 @@ packages = {find = {exclude = ["tests*", "examples*"]}}
 
 [tool.setuptools.dynamic]
 version = {file = "VERSION"}  # Fix this to point to your actual VERSION file
-dependencies = {file = "requirements.txt"}  # Keep if using; otherwise remove if sticking with static deps list
+dependencies = {file = "requirements.txt"}  # Keep if using; otherwise remove if sticking with static deps list

{scythe_ttp-0.16.0 → scythe_ttp-0.17.1}/scythe/cli/main.py

@@ -68,6 +68,19 @@ def check_version_in_response_header(args) -> bool:
 def scythe_test_definition(args) -> bool:
     # TODO: implement your test using Scythe primitives.
     # Example placeholder that simply passes.
+    
+    # Example usage with TTPExecutor:
+    # from scythe.core.executor import TTPExecutor
+    # executor = TTPExecutor(ttp=my_ttp, target_url=args.url)
+    # executor.run()
+    # return executor.was_successful()  # Returns True if all results matched expectations
+    
+    # Example usage with JourneyExecutor:
+    # from scythe.journeys.executor import JourneyExecutor
+    # executor = JourneyExecutor(journey=my_journey, target_url=args.url)
+    # executor.run()
+    # return executor.was_successful()  # Returns True if journey succeeded as expected
+    
     return True
 
 
@@ -83,6 +96,138 @@ def main():
         dest='gate_versions',
         help='Gate versions to test against')
 
+    # Core Application Parameters
+    parser.add_argument(
+        '--protocol',
+        default='https',
+        choices=['http', 'https'],
+        help='Protocol to use (http/https, default: https)')
+    parser.add_argument(
+        '--port',
+        type=int,
+        help='Port number for the target application')
+
+    # Authentication Parameters
+    parser.add_argument(
+        '--username',
+        help='Username for authentication')
+    parser.add_argument(
+        '--password',
+        help='Password for authentication')
+    parser.add_argument(
+        '--token',
+        help='Bearer token or API key')
+    parser.add_argument(
+        '--auth-type',
+        choices=['basic', 'bearer', 'form'],
+        help='Authentication method (basic, bearer, form, etc.)')
+    parser.add_argument(
+        '--credentials-file',
+        help='Path to file containing multiple user credentials')
+
+    # Test Data Parameters
+    parser.add_argument(
+        '--users-file',
+        help='Path to CSV file containing user data')
+    parser.add_argument(
+        '--emails-file',
+        help='Path to text file containing email addresses')
+    parser.add_argument(
+        '--payload-file',
+        help='Path to file containing test payloads')
+    parser.add_argument(
+        '--data-file',
+        help='Generic path to test data file')
+
+    # Execution Control Parameters
+    parser.add_argument(
+        '--batch-size',
+        type=int,
+        default=10,
+        help='Number of operations per batch (default: 10)')
+    parser.add_argument(
+        '--max-batches',
+        type=int,
+        help='Maximum number of batches to run')
+    parser.add_argument(
+        '--workers',
+        type=int,
+        help='Number of concurrent workers/threads')
+    parser.add_argument(
+        '--replications',
+        type=int,
+        help='Number of test replications for load testing')
+    parser.add_argument(
+        '--timeout',
+        type=int,
+        help='Request timeout in seconds')
+    parser.add_argument(
+        '--delay',
+        type=float,
+        help='Delay between requests in seconds')
+
+    # Browser/Execution Parameters
+    parser.add_argument(
+        '--headless',
+        action='store_true',
+        help='Run browser in headless mode (flag)')
+    parser.add_argument(
+        '--browser',
+        choices=['chrome', 'firefox', 'safari', 'edge'],
+        help='Browser type (chrome, firefox, etc.)')
+    parser.add_argument(
+        '--user-agent',
+        help='Custom user agent string')
+    parser.add_argument(
+        '--proxy',
+        help='Proxy server URL')
+    parser.add_argument(
+        '--proxy-file',
+        help='Path to file containing proxy list')
+
+    # Output and Reporting Parameters
+    parser.add_argument(
+        '--output-dir',
+        help='Directory for output files')
+    parser.add_argument(
+        '--report-format',
+        choices=['json', 'csv', 'html'],
+        help='Report format (json, csv, html)')
+    parser.add_argument(
+        '--log-level',
+        choices=['debug', 'info', 'warning', 'error'],
+        help='Logging level (debug, info, warning, error)')
+    parser.add_argument(
+        '--verbose',
+        action='store_true',
+        help='Enable verbose output (flag)')
+    parser.add_argument(
+        '--silent',
+        action='store_true',
+        help='Suppress output except errors (flag)')
+
+    # Test Control Parameters
+    parser.add_argument(
+        '--fail-fast',
+        action='store_true',
+        help='Stop immediately on first failure (flag)')
+    parser.add_argument(
+        '--dry-run',
+        action='store_true',
+        help='Validate configuration without executing tests (flag)')
+    parser.add_argument(
+        '--test-type',
+        choices=['load', 'security', 'functional'],
+        help='Type of test to run (load, security, functional)')
+    parser.add_argument(
+        '--iterations',
+        type=int,
+        help='Number of test iterations')
+    parser.add_argument(
+        '--duration',
+        type=int,
+        help='Test duration in seconds')
+
     args = parser.parse_args()
 
     if check_url_available(args.url):
@@ -226,10 +371,8 @@ def _create_test(project_root: str, name: str) -> str:
 
     return filepath
 
-
-_VERSION_RE = re.compile(r"X-SCYTHE-TARGET-VERSION\s*[:=]\s*([\w\.-]+)")
-_DETECTED_LIST_RE = re.compile(r"Detected target versions: \[?([^\]]*)\]?")
-
+_VERSION_RE = re.compile(r"['\"]?X-Scythe-Target-Version['\"]?\s*:\s*['\"]?([\w.-]+)['\"]?")
+_DETECTED_LIST_RE = re.compile(r"Target versions detected:\s*\[?([^]]*)\]?")
 
 def _parse_version_from_output(output: str) -> Optional[str]:
     m = _VERSION_RE.search(output)
@@ -240,7 +383,7 @@ def _parse_version_from_output(output: str) -> Optional[str]:
     if m:
         inner = m.group(1)
         # extract first version-like token
-        mv = re.search(r"[\d]+(?:\.[\w\-]+)+", inner)
+        mv = re.search(r"\d+(?:\.[\w\-]+)+", inner)
         if mv:
             return mv.group(0)
     return None

{scythe_ttp-0.16.0 → scythe_ttp-0.17.1}/scythe/core/executor.py

@@ -40,6 +40,7 @@ class TTPExecutor:
         self.driver = None
         self.results = []
         self.header_extractor = HeaderExtractor()
+        self.has_test_failures = False  # Track if any test had unexpected results
 
     def _setup_driver(self):
         """Initializes the WebDriver."""
@@ -134,10 +135,12 @@ class TTPExecutor:
                         else:
                             version_info = f" | Version: {target_version}" if target_version else ""
                             self.logger.warning(f"UNEXPECTED SUCCESS: '{payload}' (expected to fail){version_info}")
+                            self.has_test_failures = True  # Mark as failure when result differs from expected
                     else:
                         consecutive_failures += 1
                         if self.ttp.expected_result:
                             self.logger.info(f"EXPECTED FAILURE: '{payload}' (security control working)")
+                            self.has_test_failures = True  # Mark as failure when result differs from expected
                         else:
                             self.logger.info(f"EXPECTED FAILURE: '{payload}'")
 
@@ -212,3 +215,18 @@ class TTPExecutor:
                 self.logger.info("No successes detected (expected to find vulnerabilities).")
             else:
                 self.logger.info("No successes detected (security controls working as expected).")
+        
+        # Log overall test status
+        if self.has_test_failures:
+            self.logger.error("\n✗ TEST FAILED: One or more test results differed from expected")
+        else:
+            self.logger.info("\n✓ TEST PASSED: All test results matched expectations")
+    
+    def was_successful(self) -> bool:
+        """
+        Check if all test results matched expectations.
+        
+        Returns:
+            True if all test results matched expectations, False otherwise
+        """
+        return not self.has_test_failures

{scythe_ttp-0.16.0 → scythe_ttp-0.17.1}/scythe/journeys/executor.py

@@ -406,6 +406,12 @@ class JourneyExecutor:
         else:
             self.logger.info("\nNo X-SCYTHE-TARGET-VERSION headers detected in responses.")
         
+        # Log overall test status (similar to TTPExecutor)
+        if self.was_successful():
+            self.logger.info("\n✓ TEST PASSED: Journey results matched expectations")
+        else:
+            self.logger.error("\n✗ TEST FAILED: Journey results differed from expected")
+        
         self.logger.info("="*60)
     
     def get_results(self) -> Optional[Dict[str, Any]]:

{scythe_ttp-0.16.0 → scythe_ttp-0.17.1/scythe_ttp.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: scythe-ttp
-Version: 0.16.0
+Version: 0.17.1
 Summary: An extensible framework for emulating attacker TTPs with Selenium.
 Author-email: EpykLab <cyber@epyklab.com>
 Classifier: Programming Language :: Python :: 3
@@ -35,6 +35,7 @@ Requires-Dist: urllib3==2.4.0
 Requires-Dist: websocket-client==1.8.0
 Requires-Dist: wsproto==1.2.0
 Requires-Dist: typer
+Requires-Dist: shellingham
 Dynamic: license-file
 
 <h1 align="center">Scythe</h1>

{scythe_ttp-0.16.0 → scythe_ttp-0.17.1}/scythe_ttp.egg-info/requires.txt

@@ -19,3 +19,4 @@ urllib3==2.4.0
 websocket-client==1.8.0
 wsproto==1.2.0
 typer
+shellingham

{scythe_ttp-0.16.0 → scythe_ttp-0.17.1}/tests/test_expected_results.py

@@ -296,6 +296,63 @@ class TestExpectedResults(unittest.TestCase):
         
         self.assertTrue(ttp_pass.expected_result)
         self.assertFalse(ttp_fail.expected_result)
+    
+    @patch('scythe.core.executor.webdriver.Chrome')
+    def test_was_successful_with_expected_results(self, mock_webdriver):
+        """Test was_successful() returns True when all results match expectations."""
+        mock_webdriver.return_value = self.mock_driver
+        
+        # Test with expected successes
+        ttp = MockTTP(
+            name="Test TTP",
+            description="Test description",
+            expected_result=True,
+            success_results=[True, True]
+        )
+        
+        executor = TTPExecutor(ttp=ttp, target_url="http://test.com", headless=True)
+        executor.run()
+        
+        # Should return True since results matched expectations
+        self.assertTrue(executor.was_successful())
+    
+    @patch('scythe.core.executor.webdriver.Chrome')
+    def test_was_successful_with_unexpected_results(self, mock_webdriver):
+        """Test was_successful() returns False when results don't match expectations."""
+        mock_webdriver.return_value = self.mock_driver
+        
+        # Test with unexpected successes (expected to fail but succeeded)
+        ttp = MockTTP(
+            name="Test TTP",
+            description="Test description",
+            expected_result=False,
+            success_results=[True]
+        )
+        
+        executor = TTPExecutor(ttp=ttp, target_url="http://test.com", headless=True)
+        executor.run()
+        
+        # Should return False since we got unexpected success
+        self.assertFalse(executor.was_successful())
+    
+    @patch('scythe.core.executor.webdriver.Chrome')
+    def test_was_successful_with_unexpected_failures(self, mock_webdriver):
+        """Test was_successful() returns False when expected success but got failure."""
+        mock_webdriver.return_value = self.mock_driver
+        
+        # Test expecting success but getting failure
+        ttp = MockTTP(
+            name="Test TTP",
+            description="Test description",
+            expected_result=True,
+            success_results=[False, False]
+        )
+        
+        executor = TTPExecutor(ttp=ttp, target_url="http://test.com", headless=True)
+        executor.run()
+        
+        # Should return False since we expected success but got failures
+        self.assertFalse(executor.was_successful())
 
 
 if __name__ == '__main__':

scythe_ttp-0.16.0/VERSION

@@ -1 +0,0 @@
-0.16.0