PyPI - scythe-ttp - Versions diffs - 0.9.2__tar.gz → 0.11.0__tar.gz - Mend

scythe-ttp 0.9.2tar.gz → 0.11.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of scythe-ttp might be problematic. Click here for more details.

Files changed (52) hide show

{scythe_ttp-0.9.2/scythe_ttp.egg-info → scythe_ttp-0.11.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: scythe-ttp
-Version: 0.9.2
+Version: 0.11.0
 Summary: An extensible framework for emulating attacker TTPs with Selenium.
 Home-page: https://github.com/EpykLab/scythe
 Author: EpykLab
@@ -96,6 +96,7 @@ Scythe operates on the principle that robust systems must be tested under advers
 ### 📊 **Professional Reporting**
 * **Clear Result Indicators**: ✓ Expected outcomes, ✗ Unexpected results
 * **Comprehensive Logging**: Detailed execution tracking and analysis
+* **Version Detection**: Automatic extraction of X-SCYTHE-TARGET-VERSION headers
 * **Performance Metrics**: Timing, success rates, and resource utilization
 * **Execution Statistics**: Detailed reporting across all test types
@@ -443,6 +444,74 @@ executor = TTPExecutor(
 )
 ```
+### Version Detection
+Scythe automatically captures the `X-SCYTHE-TARGET-VERSION` header from HTTP responses to track which version of your web application is being tested:
+```python
+from scythe.core.ttp import TTP
+from scythe.core.executor import TTPExecutor
+# Your web application should set this header:
+# X-SCYTHE-TARGET-VERSION: 1.3.2
+class MyTTP(TTP):
+    def get_payloads(self):
+        yield "test_payload"
+    def execute_step(self, driver, payload):
+        driver.get("http://your-app.com/login")
+        # ... test logic ...
+    def verify_result(self, driver):
+        return "welcome" in driver.page_source
+# Run the test
+ttp = MyTTP("Version Test", "Test with version detection")
+executor = TTPExecutor(ttp=ttp, target_url="http://your-app.com")
+executor.run()
+```
+**Output includes version information:**
+```
+✓ EXPECTED SUCCESS: 'test_payload' | Version: 1.3.2
+Target Version Summary:
+  Results with version info: 1/1
+  Version 1.3.2: 1 result(s)
+```
+**Server-side implementation examples:**
+```python
+# Python/Flask
+@app.after_request
+def add_version_header(response):
+    response.headers['X-SCYTHE-TARGET-VERSION'] = '1.3.2'
+    return response
+# Node.js/Express
+app.use((req, res, next) => {
+    res.set('X-SCYTHE-TARGET-VERSION', '1.3.2');
+    next();
+});
+# Java/Spring Boot
+@Component
+public class VersionHeaderFilter implements Filter {
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) {
+        HttpServletResponse httpResponse = (HttpServletResponse) response;
+        httpResponse.setHeader("X-SCYTHE-TARGET-VERSION", "1.3.2");
+        chain.doFilter(request, response);
+    }
+}
+```
+This feature helps you:
+- **Track test results** by application version
+- **Verify deployment status** during testing
+- **Correlate issues** with specific software versions
+- **Ensure consistency** across test environments
 ### Custom Test Creation
 Extend Scythe for specific testing needs:

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/README.md RENAMED Viewed

@@ -49,6 +49,7 @@ Scythe operates on the principle that robust systems must be tested under advers
 ### 📊 **Professional Reporting**
 * **Clear Result Indicators**: ✓ Expected outcomes, ✗ Unexpected results
 * **Comprehensive Logging**: Detailed execution tracking and analysis
+* **Version Detection**: Automatic extraction of X-SCYTHE-TARGET-VERSION headers
 * **Performance Metrics**: Timing, success rates, and resource utilization
 * **Execution Statistics**: Detailed reporting across all test types
@@ -396,6 +397,74 @@ executor = TTPExecutor(
 )
 ```
+### Version Detection
+Scythe automatically captures the `X-SCYTHE-TARGET-VERSION` header from HTTP responses to track which version of your web application is being tested:
+```python
+from scythe.core.ttp import TTP
+from scythe.core.executor import TTPExecutor
+# Your web application should set this header:
+# X-SCYTHE-TARGET-VERSION: 1.3.2
+class MyTTP(TTP):
+    def get_payloads(self):
+        yield "test_payload"
+    def execute_step(self, driver, payload):
+        driver.get("http://your-app.com/login")
+        # ... test logic ...
+    def verify_result(self, driver):
+        return "welcome" in driver.page_source
+# Run the test
+ttp = MyTTP("Version Test", "Test with version detection")
+executor = TTPExecutor(ttp=ttp, target_url="http://your-app.com")
+executor.run()
+```
+**Output includes version information:**
+```
+✓ EXPECTED SUCCESS: 'test_payload' | Version: 1.3.2
+Target Version Summary:
+  Results with version info: 1/1
+  Version 1.3.2: 1 result(s)
+```
+**Server-side implementation examples:**
+```python
+# Python/Flask
+@app.after_request
+def add_version_header(response):
+    response.headers['X-SCYTHE-TARGET-VERSION'] = '1.3.2'
+    return response
+# Node.js/Express
+app.use((req, res, next) => {
+    res.set('X-SCYTHE-TARGET-VERSION', '1.3.2');
+    next();
+});
+# Java/Spring Boot
+@Component
+public class VersionHeaderFilter implements Filter {
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) {
+        HttpServletResponse httpResponse = (HttpServletResponse) response;
+        httpResponse.setHeader("X-SCYTHE-TARGET-VERSION", "1.3.2");
+        chain.doFilter(request, response);
+    }
+}
+```
+This feature helps you:
+- **Track test results** by application version
+- **Verify deployment status** during testing
+- **Correlate issues** with specific software versions
+- **Ensure consistency** across test environments
 ### Custom Test Creation
 Extend Scythe for specific testing needs:

scythe_ttp-0.11.0/VERSION ADDED Viewed

	@@ -0,0 +1 @@
1	+ 0.12.1

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/core/executor.py RENAMED Viewed

@@ -5,6 +5,7 @@ from selenium.webdriver.chrome.options import Options
 from .ttp import TTP
 from typing import Optional
 from ..behaviors.base import Behavior
+from .headers import HeaderExtractor
 # Configure logging
 logging.basicConfig(
@@ -33,8 +34,12 @@ class TTPExecutor:
         self.chrome_options.add_argument("--no-sandbox")
         self.chrome_options.add_argument("--disable-dev-shm-usage")
+        # Enable header extraction capabilities
+        HeaderExtractor.enable_logging_for_driver(self.chrome_options)
         self.driver = None
         self.results = []
+        self.header_extractor = HeaderExtractor()
     def _setup_driver(self):
         """Initializes the WebDriver."""
@@ -108,13 +113,27 @@ class TTPExecutor:
                     if success:
                         consecutive_failures = 0
                         current_url = self.driver.current_url if self.driver else "unknown"
-                        result_entry = {'payload': payload, 'url': current_url, 'expected': self.ttp.expected_result, 'actual': True}
+                        # Extract target version header
+                        target_version = None
+                        if self.driver:
+                            target_version = self.header_extractor.extract_target_version(self.driver, self.target_url)
+                        result_entry = {
+                            'payload': payload,
+                            'url': current_url,
+                            'expected': self.ttp.expected_result,
+                            'actual': True,
+                            'target_version': target_version
+                        }
                         self.results.append(result_entry)
                         if self.ttp.expected_result:
-                            self.logger.info(f"EXPECTED SUCCESS: '{payload}'")
+                            version_info = f" | Version: {target_version}" if target_version else ""
+                            self.logger.info(f"EXPECTED SUCCESS: '{payload}'{version_info}")
                         else:
-                            self.logger.warning(f"UNEXPECTED SUCCESS: '{payload}' (expected to fail)")
+                            version_info = f" | Version: {target_version}" if target_version else ""
+                            self.logger.warning(f"UNEXPECTED SUCCESS: '{payload}' (expected to fail){version_info}")
                     else:
                         consecutive_failures += 1
                         if self.ttp.expected_result:
@@ -168,12 +187,26 @@ class TTPExecutor:
             if expected_successes:
                 self.logger.info(f"Expected successes: {len(expected_successes)}")
                 for result in expected_successes:
-                    self.logger.info(f"  ✓ Payload: {result['payload']} | URL: {result['url']}")
+                    version_info = f" | Version: {result['target_version']}" if result.get('target_version') else ""
+                    self.logger.info(f"  ✓ Payload: {result['payload']} | URL: {result['url']}{version_info}")
             if unexpected_successes:
                 self.logger.warning(f"Unexpected successes: {len(unexpected_successes)}")
                 for result in unexpected_successes:
-                    self.logger.warning(f"  ✗ Payload: {result['payload']} | URL: {result['url']}")
+                    version_info = f" | Version: {result['target_version']}" if result.get('target_version') else ""
+                    self.logger.warning(f"  ✗ Payload: {result['payload']} | URL: {result['url']}{version_info}")
+            # Display version summary
+            version_summary = self.header_extractor.get_version_summary(self.results)
+            if version_summary['results_with_version'] > 0:
+                self.logger.info("\nTarget Version Summary:")
+                self.logger.info(f"  Results with version info: {version_summary['results_with_version']}/{version_summary['total_results']}")
+                if version_summary['unique_versions']:
+                    for version in version_summary['unique_versions']:
+                        count = version_summary['version_counts'][version]
+                        self.logger.info(f"  Version {version}: {count} result(s)")
+            else:
+                self.logger.info("\nNo X-SCYTHE-TARGET-VERSION headers detected in responses.")
         else:
             if self.ttp.expected_result:
                 self.logger.info("No successes detected (expected to find vulnerabilities).")

scythe_ttp-0.11.0/scythe/core/headers.py ADDED Viewed

@@ -0,0 +1,194 @@
+import json
+import logging
+from typing import Optional, Dict, Any
+from selenium.webdriver.remote.webdriver import WebDriver
+from selenium.webdriver.chrome.options import Options
+class HeaderExtractor:
+    """
+    Utility class for extracting HTTP response headers from WebDriver sessions.
+    Specifically designed to capture the X-SCYTHE-TARGET-VERSION header
+    that indicates the version of the web application being tested.
+    """
+    SCYTHE_VERSION_HEADER = "X-SCYTHE-TARGET-VERSION"
+    def __init__(self):
+        self.logger = logging.getLogger("HeaderExtractor")
+    @staticmethod
+    def enable_logging_for_driver(chrome_options: Options) -> None:
+        """
+        Enable performance logging capabilities for Chrome WebDriver.
+        This must be called during WebDriver setup to capture network logs.
+        Args:
+            chrome_options: Chrome options object to modify
+        """
+        # Enable performance logging to capture network events
+        chrome_options.add_argument("--enable-logging")
+        chrome_options.add_argument("--log-level=0")
+        chrome_options.set_capability("goog:loggingPrefs", {"performance": "ALL"})
+    def extract_target_version(self, driver: WebDriver, target_url: Optional[str] = None) -> Optional[str]:
+        """
+        Extract the X-SCYTHE-TARGET-VERSION header from the most recent HTTP response.
+        Args:
+            driver: WebDriver instance with performance logging enabled
+            target_url: Optional URL to filter responses for (if None, uses any response)
+        Returns:
+            Version string if header found, None otherwise
+        """
+        try:
+            # Get performance logs - using getattr to handle type checking
+            if not hasattr(driver, 'get_log'):
+                self.logger.warning("WebDriver does not support get_log method")
+                return None
+            logs = getattr(driver, 'get_log')('performance')
+            # Look for Network.responseReceived events
+            for log_entry in reversed(logs):  # Start with most recent
+                try:
+                    message = log_entry.get('message', {})
+                    if isinstance(message, str):
+                        message = json.loads(message)
+                    method = message.get('message', {}).get('method', '')
+                    params = message.get('message', {}).get('params', {})
+                    if method == 'Network.responseReceived':
+                        response = params.get('response', {})
+                        headers = response.get('headers', {})
+                        response_url = response.get('url', '')
+                        # Filter by target URL if specified
+                        if target_url and target_url not in response_url:
+                            continue
+                        # Look for the version header (case-insensitive)
+                        version = self._find_version_header(headers)
+                        if version:
+                            self.logger.debug(f"Found target version '{version}' in response from {response_url}")
+                            return version
+                except (json.JSONDecodeError, KeyError, AttributeError) as e:
+                    self.logger.debug(f"Error parsing log entry: {e}")
+                    continue
+            self.logger.debug("No X-SCYTHE-TARGET-VERSION header found in network logs")
+            return None
+        except Exception as e:
+            self.logger.warning(f"Failed to extract target version from logs: {e}")
+            return None
+    def _find_version_header(self, headers: Dict[str, Any]) -> Optional[str]:
+        """
+        Find the version header in a case-insensitive manner.
+        Args:
+            headers: Dictionary of HTTP headers
+        Returns:
+            Version string if found, None otherwise
+        """
+        # Check for exact case match first
+        if self.SCYTHE_VERSION_HEADER in headers:
+            return str(headers[self.SCYTHE_VERSION_HEADER]).strip()
+        # Check case-insensitive
+        header_lower = self.SCYTHE_VERSION_HEADER.lower()
+        for header_name, header_value in headers.items():
+            if header_name.lower() == header_lower:
+                return str(header_value).strip()
+        return None
+    def extract_all_headers(self, driver: WebDriver, target_url: Optional[str] = None) -> Dict[str, str]:
+        """
+        Extract all headers from the most recent HTTP response.
+        Useful for debugging or when additional headers might be needed.
+        Args:
+            driver: WebDriver instance with performance logging enabled
+            target_url: Optional URL to filter responses for
+        Returns:
+            Dictionary of headers from the most recent response
+        """
+        try:
+            # Get performance logs - using getattr to handle type checking
+            if not hasattr(driver, 'get_log'):
+                self.logger.warning("WebDriver does not support get_log method")
+                return {}
+            logs = getattr(driver, 'get_log')('performance')
+            for log_entry in reversed(logs):
+                try:
+                    message = log_entry.get('message', {})
+                    if isinstance(message, str):
+                        message = json.loads(message)
+                    method = message.get('message', {}).get('method', '')
+                    params = message.get('message', {}).get('params', {})
+                    if method == 'Network.responseReceived':
+                        response = params.get('response', {})
+                        headers = response.get('headers', {})
+                        response_url = response.get('url', '')
+                        # Filter by target URL if specified
+                        if target_url and target_url not in response_url:
+                            continue
+                        # Convert all header values to strings
+                        return {k: str(v) for k, v in headers.items()}
+                except (json.JSONDecodeError, KeyError, AttributeError):
+                    continue
+            return {}
+        except Exception as e:
+            self.logger.warning(f"Failed to extract headers from logs: {e}")
+            return {}
+    def get_version_summary(self, results: list) -> Dict[str, Any]:
+        """
+        Analyze version information across multiple test results.
+        Args:
+            results: List of result dictionaries containing version information
+        Returns:
+            Dictionary with version analysis summary
+        """
+        versions = []
+        results_with_version = 0
+        for result in results:
+            version = result.get('target_version')
+            if version:
+                versions.append(version)
+                results_with_version += 1
+        summary = {
+            'total_results': len(results),
+            'results_with_version': results_with_version,
+            'unique_versions': list(set(versions)) if versions else [],
+            'version_counts': {}
+        }
+        # Count occurrences of each version
+        for version in versions:
+            summary['version_counts'][version] = summary['version_counts'].get(version, 0) + 1
+        return summary

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/journeys/base.py RENAMED Viewed

@@ -276,6 +276,10 @@ class Journey:
         logger.info(f"Description: {self.description}")
         logger.info(f"Steps: {len(self.steps)}")
+        # Import here to avoid circular imports
+        from ..core.headers import HeaderExtractor
+        header_extractor = HeaderExtractor()
         start_time = time.time()
         # Set initial context
@@ -297,7 +301,9 @@ class Journey:
             'overall_success': False,
             'execution_time': 0,
             'step_results': [],
-            'errors': []
+            'errors': [],
+            'target_versions': [],
+            'version_summary': {}
         }
         try:
@@ -335,6 +341,12 @@ class Journey:
                         else:
                             results['actions_failed'] += 1
+                    # Extract target version header after step execution
+                    target_version = header_extractor.extract_target_version(driver, target_url)
+                    if target_version:
+                        results['target_versions'].append(target_version)
+                        logger.info(f"Target version detected: {target_version}")
                     # Store step results
                     step_result = {
                         'step_name': step.name,
@@ -342,7 +354,8 @@ class Journey:
                         'expected': step.expected_result,
                         'actual': step_success,
                         'actions': step.execution_results.copy(),
-                        'step_data': step.step_data.copy()
+                        'step_data': step.step_data.copy(),
+                        'target_version': target_version
                     }
                     results['step_results'].append(step_result)
@@ -368,6 +381,12 @@ class Journey:
             results['end_time'] = end_time
             results['execution_time'] = end_time - start_time
+            # Generate version summary
+            if results['target_versions']:
+                version_summary = header_extractor.get_version_summary([{'target_version': v} for v in results['target_versions']])
+                results['version_summary'] = version_summary
+                logger.info(f"Target versions detected: {list(set(results['target_versions']))}")
             logger.info(f"Journey completed in {results['execution_time']:.2f} seconds")
             logger.info(f"Overall success: {results['overall_success']}")
             logger.info(f"Steps: {results['steps_succeeded']}/{results['steps_executed']} succeeded")

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/journeys/executor.py RENAMED Viewed

@@ -5,6 +5,7 @@ from selenium.webdriver.chrome.options import Options
 from typing import Optional, Dict, Any, List
 from ..behaviors.base import Behavior
 from .base import Journey
+from ..core.headers import HeaderExtractor
 # Configure logging
 logging.basicConfig(
@@ -64,8 +65,12 @@ class JourneyExecutor:
                 else:
                     self.chrome_options.add_argument(f"--{key}={value}")
+        # Enable header extraction capabilities
+        HeaderExtractor.enable_logging_for_driver(self.chrome_options)
         self.driver = None
         self.execution_results = None
+        self.header_extractor = HeaderExtractor()
     def _setup_driver(self):
         """Initialize the WebDriver."""
@@ -297,14 +302,30 @@ class JourneyExecutor:
                 step_success = step_result.get('actual', False)
                 step_expected = step_result.get('expected', True)
                 actions = step_result.get('actions', [])
+                target_version = step_result.get('target_version')
                 status = "✓" if step_success == step_expected else "✗"
                 result_text = "SUCCESS" if step_success else "FAILURE"
                 expected_text = "expected" if step_success == step_expected else "unexpected"
+                version_info = f" | Version: {target_version}" if target_version else ""
-                self.logger.info(f"  {status} Step {i}: {step_name} - {result_text} ({expected_text})")
+                self.logger.info(f"  {status} Step {i}: {step_name} - {result_text} ({expected_text}){version_info}")
                 self.logger.info(f"    Actions: {len([a for a in actions if a.get('actual', False)])}/{len(actions)} succeeded")
+        # Version summary
+        target_versions = self.execution_results.get('target_versions', [])
+        if target_versions:
+            self.logger.info("\nTarget Version Summary:")
+            self.logger.info(f"  Steps with version info: {len(target_versions)}/{len(step_results) if step_results else 0}")
+            unique_versions = list(set(target_versions))
+            if unique_versions:
+                for version in unique_versions:
+                    count = target_versions.count(version)
+                    self.logger.info(f"  Version {version}: {count} step(s)")
+        else:
+            self.logger.info("\nNo X-SCYTHE-TARGET-VERSION headers detected in responses.")
         self.logger.info("="*60)
     def get_results(self) -> Optional[Dict[str, Any]]:

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0/scythe_ttp.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: scythe-ttp
-Version: 0.9.2
+Version: 0.11.0
 Summary: An extensible framework for emulating attacker TTPs with Selenium.
 Home-page: https://github.com/EpykLab/scythe
 Author: EpykLab
@@ -96,6 +96,7 @@ Scythe operates on the principle that robust systems must be tested under advers
 ### 📊 **Professional Reporting**
 * **Clear Result Indicators**: ✓ Expected outcomes, ✗ Unexpected results
 * **Comprehensive Logging**: Detailed execution tracking and analysis
+* **Version Detection**: Automatic extraction of X-SCYTHE-TARGET-VERSION headers
 * **Performance Metrics**: Timing, success rates, and resource utilization
 * **Execution Statistics**: Detailed reporting across all test types
@@ -443,6 +444,74 @@ executor = TTPExecutor(
 )
 ```
+### Version Detection
+Scythe automatically captures the `X-SCYTHE-TARGET-VERSION` header from HTTP responses to track which version of your web application is being tested:
+```python
+from scythe.core.ttp import TTP
+from scythe.core.executor import TTPExecutor
+# Your web application should set this header:
+# X-SCYTHE-TARGET-VERSION: 1.3.2
+class MyTTP(TTP):
+    def get_payloads(self):
+        yield "test_payload"
+    def execute_step(self, driver, payload):
+        driver.get("http://your-app.com/login")
+        # ... test logic ...
+    def verify_result(self, driver):
+        return "welcome" in driver.page_source
+# Run the test
+ttp = MyTTP("Version Test", "Test with version detection")
+executor = TTPExecutor(ttp=ttp, target_url="http://your-app.com")
+executor.run()
+```
+**Output includes version information:**
+```
+✓ EXPECTED SUCCESS: 'test_payload' | Version: 1.3.2
+Target Version Summary:
+  Results with version info: 1/1
+  Version 1.3.2: 1 result(s)
+```
+**Server-side implementation examples:**
+```python
+# Python/Flask
+@app.after_request
+def add_version_header(response):
+    response.headers['X-SCYTHE-TARGET-VERSION'] = '1.3.2'
+    return response
+# Node.js/Express
+app.use((req, res, next) => {
+    res.set('X-SCYTHE-TARGET-VERSION', '1.3.2');
+    next();
+});
+# Java/Spring Boot
+@Component
+public class VersionHeaderFilter implements Filter {
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) {
+        HttpServletResponse httpResponse = (HttpServletResponse) response;
+        httpResponse.setHeader("X-SCYTHE-TARGET-VERSION", "1.3.2");
+        chain.doFilter(request, response);
+    }
+}
+```
+This feature helps you:
+- **Track test results** by application version
+- **Verify deployment status** during testing
+- **Correlate issues** with specific software versions
+- **Ensure consistency** across test environments
 ### Custom Test Creation
 Extend Scythe for specific testing needs:

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe_ttp.egg-info/SOURCES.txt RENAMED Viewed

@@ -17,6 +17,7 @@ scythe/behaviors/machine.py
 scythe/behaviors/stealth.py
 scythe/core/__init__.py
 scythe/core/executor.py
+scythe/core/headers.py
 scythe/core/ttp.py
 scythe/journeys/__init__.py
 scythe/journeys/actions.py
@@ -43,5 +44,6 @@ tests/test_authentication.py
 tests/test_behaviors.py
 tests/test_expected_results.py
 tests/test_feature_completeness.py
+tests/test_header_extraction.py
 tests/test_journeys.py
 tests/test_orchestrators.py

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/setup.py RENAMED Viewed

@@ -8,7 +8,7 @@ with open("./requirements.txt", "r", encoding="utf-8") as f:
 setuptools.setup(
     name="scythe-ttp",
-    version="0.9.2",
+    version="0.11.0",
     author="EpykLab",
     author_email="cyber@epyklab.com",
     description="An extensible framework for emulating attacker TTPs with Selenium.",

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/tests/test_feature_completeness.py RENAMED Viewed

@@ -282,7 +282,10 @@ class TestFeatureIntegration(unittest.TestCase):
         self.assertEqual(len(journey.steps), 1)
         self.assertEqual(len(journey.steps[0].actions), 1)
-        self.assertTrue(journey.steps[0].actions[0].ttp.requires_authentication())
+        # Type assertion to help type checker understand this is a TTPAction
+        ttp_action_instance = journey.steps[0].actions[0]
+        assert isinstance(ttp_action_instance, TTPAction)
+        self.assertTrue(ttp_action_instance.ttp.requires_authentication())
     def test_orchestrator_with_journey_and_auth(self):
         """Test orchestrator running journey with authentication."""

scythe_ttp-0.11.0/tests/test_header_extraction.py ADDED Viewed

@@ -0,0 +1,400 @@
+import unittest
+from unittest.mock import Mock, patch
+import json
+from scythe.core.headers import HeaderExtractor
+class TestHeaderExtractor(unittest.TestCase):
+    """Unit tests for HeaderExtractor class."""
+    def setUp(self):
+        """Set up test fixtures."""
+        self.extractor = HeaderExtractor()
+        self.mock_driver = Mock()
+    def test_extract_target_version_success(self):
+        """Test successful extraction of X-SCYTHE-TARGET-VERSION header."""
+        # Mock performance logs with version header
+        mock_logs = [
+            {
+                'message': json.dumps({
+                    'message': {
+                        'method': 'Network.responseReceived',
+                        'params': {
+                            'response': {
+                                'url': 'http://example.com/',
+                                'headers': {
+                                    'X-SCYTHE-TARGET-VERSION': '1.3.2',
+                                    'Content-Type': 'text/html'
+                                }
+                            }
+                        }
+                    }
+                })
+            }
+        ]
+        self.mock_driver.get_log.return_value = mock_logs
+        version = self.extractor.extract_target_version(self.mock_driver)
+        self.assertEqual(version, '1.3.2')
+        self.mock_driver.get_log.assert_called_once_with('performance')
+    def test_extract_target_version_case_insensitive(self):
+        """Test case-insensitive header extraction."""
+        mock_logs = [
+            {
+                'message': json.dumps({
+                    'message': {
+                        'method': 'Network.responseReceived',
+                        'params': {
+                            'response': {
+                                'url': 'http://example.com/',
+                                'headers': {
+                                    'x-scythe-target-version': '2.0.1',  # lowercase
+                                    'Content-Type': 'text/html'
+                                }
+                            }
+                        }
+                    }
+                })
+            }
+        ]
+        self.mock_driver.get_log.return_value = mock_logs
+        version = self.extractor.extract_target_version(self.mock_driver)
+        self.assertEqual(version, '2.0.1')
+    def test_extract_target_version_no_header(self):
+        """Test extraction when version header is not present."""
+        mock_logs = [
+            {
+                'message': json.dumps({
+                    'message': {
+                        'method': 'Network.responseReceived',
+                        'params': {
+                            'response': {
+                                'url': 'http://example.com/',
+                                'headers': {
+                                    'Content-Type': 'text/html',
+                                    'Server': 'nginx'
+                                }
+                            }
+                        }
+                    }
+                })
+            }
+        ]
+        self.mock_driver.get_log.return_value = mock_logs
+        version = self.extractor.extract_target_version(self.mock_driver)
+        self.assertIsNone(version)
+    def test_extract_target_version_empty_logs(self):
+        """Test extraction when no performance logs are available."""
+        self.mock_driver.get_log.return_value = []
+        version = self.extractor.extract_target_version(self.mock_driver)
+        self.assertIsNone(version)
+    def test_extract_target_version_with_url_filter(self):
+        """Test extraction with URL filtering."""
+        mock_logs = [
+            {
+                'message': json.dumps({
+                    'message': {
+                        'method': 'Network.responseReceived',
+                        'params': {
+                            'response': {
+                                'url': 'http://other.com/',
+                                'headers': {
+                                    'X-SCYTHE-TARGET-VERSION': '1.0.0',
+                                }
+                            }
+                        }
+                    }
+                })
+            },
+            {
+                'message': json.dumps({
+                    'message': {
+                        'method': 'Network.responseReceived',
+                        'params': {
+                            'response': {
+                                'url': 'http://target.com/api',
+                                'headers': {
+                                    'X-SCYTHE-TARGET-VERSION': '2.5.1',
+                                }
+                            }
+                        }
+                    }
+                })
+            }
+        ]
+        self.mock_driver.get_log.return_value = mock_logs
+        # Should find version from target.com, not other.com
+        version = self.extractor.extract_target_version(self.mock_driver, 'http://target.com')
+        self.assertEqual(version, '2.5.1')
+    def test_extract_target_version_malformed_json(self):
+        """Test extraction handles malformed JSON gracefully."""
+        mock_logs = [
+            {
+                'message': 'invalid json content'
+            },
+            {
+                'message': json.dumps({
+                    'message': {
+                        'method': 'Network.responseReceived',
+                        'params': {
+                            'response': {
+                                'url': 'http://example.com/',
+                                'headers': {
+                                    'X-SCYTHE-TARGET-VERSION': '1.4.0',
+                                }
+                            }
+                        }
+                    }
+                })
+            }
+        ]
+        self.mock_driver.get_log.return_value = mock_logs
+        version = self.extractor.extract_target_version(self.mock_driver)
+        # Should skip malformed entry and find valid one
+        self.assertEqual(version, '1.4.0')
+    def test_extract_target_version_driver_exception(self):
+        """Test extraction handles driver exceptions gracefully."""
+        self.mock_driver.get_log.side_effect = Exception("Driver error")
+        version = self.extractor.extract_target_version(self.mock_driver)
+        self.assertIsNone(version)
+    def test_find_version_header_exact_match(self):
+        """Test _find_version_header with exact case match."""
+        headers = {
+            'X-SCYTHE-TARGET-VERSION': '3.1.4',
+            'Content-Type': 'application/json'
+        }
+        version = self.extractor._find_version_header(headers)
+        self.assertEqual(version, '3.1.4')
+    def test_find_version_header_case_insensitive_match(self):
+        """Test _find_version_header with case-insensitive match."""
+        headers = {
+            'x-scythe-target-version': '2.7.8',
+            'content-type': 'application/json'
+        }
+        version = self.extractor._find_version_header(headers)
+        self.assertEqual(version, '2.7.8')
+    def test_find_version_header_mixed_case(self):
+        """Test _find_version_header with mixed case."""
+        headers = {
+            'X-Scythe-Target-Version': '1.2.3-beta',
+            'Content-Type': 'text/html'
+        }
+        version = self.extractor._find_version_header(headers)
+        self.assertEqual(version, '1.2.3-beta')
+    def test_find_version_header_not_found(self):
+        """Test _find_version_header when header is not present."""
+        headers = {
+            'Content-Type': 'text/html',
+            'Server': 'Apache'
+        }
+        version = self.extractor._find_version_header(headers)
+        self.assertIsNone(version)
+    def test_find_version_header_strips_whitespace(self):
+        """Test _find_version_header strips whitespace from values."""
+        headers = {
+            'X-SCYTHE-TARGET-VERSION': '  2.0.0  '
+        }
+        version = self.extractor._find_version_header(headers)
+        self.assertEqual(version, '2.0.0')
+    def test_extract_all_headers_success(self):
+        """Test successful extraction of all headers."""
+        mock_logs = [
+            {
+                'message': json.dumps({
+                    'message': {
+                        'method': 'Network.responseReceived',
+                        'params': {
+                            'response': {
+                                'url': 'http://example.com/',
+                                'headers': {
+                                    'X-SCYTHE-TARGET-VERSION': '1.0.0',
+                                    'Content-Type': 'text/html',
+                                    'Server': 'nginx/1.18'
+                                }
+                            }
+                        }
+                    }
+                })
+            }
+        ]
+        self.mock_driver.get_log.return_value = mock_logs
+        headers = self.extractor.extract_all_headers(self.mock_driver)
+        expected_headers = {
+            'X-SCYTHE-TARGET-VERSION': '1.0.0',
+            'Content-Type': 'text/html',
+            'Server': 'nginx/1.18'
+        }
+        self.assertEqual(headers, expected_headers)
+    def test_extract_all_headers_empty(self):
+        """Test extract_all_headers with no logs."""
+        self.mock_driver.get_log.return_value = []
+        headers = self.extractor.extract_all_headers(self.mock_driver)
+        self.assertEqual(headers, {})
+    def test_get_version_summary_with_versions(self):
+        """Test get_version_summary with version data."""
+        results = [
+            {'target_version': '1.0.0'},
+            {'target_version': '1.0.0'},
+            {'target_version': '1.1.0'},
+            {'target_version': None},  # No version
+            {'target_version': '1.0.0'}
+        ]
+        summary = self.extractor.get_version_summary(results)
+        expected_summary = {
+            'total_results': 5,
+            'results_with_version': 4,
+            'unique_versions': ['1.0.0', '1.1.0'],
+            'version_counts': {
+                '1.0.0': 3,
+                '1.1.0': 1
+            }
+        }
+        self.assertEqual(summary['total_results'], expected_summary['total_results'])
+        self.assertEqual(summary['results_with_version'], expected_summary['results_with_version'])
+        self.assertEqual(set(summary['unique_versions']), set(expected_summary['unique_versions']))
+        self.assertEqual(summary['version_counts'], expected_summary['version_counts'])
+    def test_get_version_summary_no_versions(self):
+        """Test get_version_summary with no version data."""
+        results = [
+            {'target_version': None},
+            {'other_field': 'value'},
+            {}
+        ]
+        summary = self.extractor.get_version_summary(results)
+        expected_summary = {
+            'total_results': 3,
+            'results_with_version': 0,
+            'unique_versions': [],
+            'version_counts': {}
+        }
+        self.assertEqual(summary, expected_summary)
+    def test_get_version_summary_empty_results(self):
+        """Test get_version_summary with empty results list."""
+        summary = self.extractor.get_version_summary([])
+        expected_summary = {
+            'total_results': 0,
+            'results_with_version': 0,
+            'unique_versions': [],
+            'version_counts': {}
+        }
+        self.assertEqual(summary, expected_summary)
+    @patch('scythe.core.headers.Options')
+    def test_enable_logging_for_driver(self, mock_options):
+        """Test that enable_logging_for_driver sets correct options."""
+        mock_chrome_options = Mock()
+        HeaderExtractor.enable_logging_for_driver(mock_chrome_options)
+        # Verify the correct arguments and capabilities are set
+        mock_chrome_options.add_argument.assert_any_call("--enable-logging")
+        mock_chrome_options.add_argument.assert_any_call("--log-level=0")
+        mock_chrome_options.set_capability.assert_called_once_with(
+            "goog:loggingPrefs",
+            {"performance": "ALL"}
+        )
+    def test_extract_target_version_with_multiple_responses(self):
+        """Test that most recent response is used when multiple responses exist."""
+        mock_logs = [
+            {
+                'message': json.dumps({
+                    'message': {
+                        'method': 'Network.responseReceived',
+                        'params': {
+                            'response': {
+                                'url': 'http://example.com/old',
+                                'headers': {
+                                    'X-SCYTHE-TARGET-VERSION': '1.0.0',
+                                }
+                            }
+                        }
+                    }
+                })
+            },
+            {
+                'message': json.dumps({
+                    'message': {
+                        'method': 'Network.responseReceived',
+                        'params': {
+                            'response': {
+                                'url': 'http://example.com/new',
+                                'headers': {
+                                    'X-SCYTHE-TARGET-VERSION': '2.0.0',
+                                }
+                            }
+                        }
+                    }
+                })
+            }
+        ]
+        self.mock_driver.get_log.return_value = mock_logs
+        # Should get most recent version (logs are processed in reverse order)
+        version = self.extractor.extract_target_version(self.mock_driver)
+        self.assertEqual(version, '2.0.0')
+if __name__ == '__main__':
+    unittest.main()

scythe_ttp-0.9.2/VERSION DELETED Viewed

	@@ -1 +0,0 @@
1	- 0.10.0

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/LICENSE RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/MANIFEST.in RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/requirements.txt RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/__init__.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/auth/__init__.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/auth/base.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/auth/basic.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/auth/bearer.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/behaviors/__init__.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/behaviors/base.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/behaviors/default.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/behaviors/human.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/behaviors/machine.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/behaviors/stealth.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/core/__init__.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/core/ttp.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/journeys/__init__.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/journeys/actions.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/orchestrators/__init__.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/orchestrators/base.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/orchestrators/batch.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/orchestrators/distributed.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/orchestrators/scale.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/payloads/__init__.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/payloads/generators.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/ttps/__init__.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/ttps/web/__init__.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/ttps/web/login_bruteforce.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/ttps/web/sql_injection.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe/ttps/web/uuid_guessing.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe_ttp.egg-info/dependency_links.txt RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe_ttp.egg-info/requires.txt RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/scythe_ttp.egg-info/top_level.txt RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/setup.cfg RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/tests/test_authentication.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/tests/test_behaviors.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/tests/test_expected_results.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/tests/test_journeys.py RENAMED Viewed

File without changes

{scythe_ttp-0.9.2 → scythe_ttp-0.11.0}/tests/test_orchestrators.py RENAMED Viewed

File without changes

scythe-ttp 0.9.2__tar.gz → 0.11.0__tar.gz

Potentially problematic release.

scythe-ttp 0.9.2tar.gz → 0.11.0tar.gz