Sign upLogin

secureCodeBox/secureCodeBox

View on GitHub
Star
scanners/whatweb/parser/parser.test.js

Summary

Maintainability
D
1 day
Test Coverage
// SPDX-FileCopyrightText: the secureCodeBox authors
//
// SPDX-License-Identifier: Apache-2.0

const { readFile } = require("fs/promises");
const {
  validateParser,
} = require("@securecodebox/parser-sdk-nodejs/parser-utils");

const {parse} = require("./parser");

test("should properly parse whatweb json file", async () => {
  const fileContent = JSON.parse(
    await readFile(__dirname + "/__testFiles__/example.com.json", {
      encoding: "utf8",
    })
  );
  const findings = await parse(fileContent);
  // validate findings
  await expect(validateParser(findings)).resolves.toBeUndefined();
  expect(findings).toMatchInlineSnapshot(`
    [
      {
        "attributes": {
          "HTML5": true,
          "HTTPServer": "ECS (dcb/7FA5)",
          "country": "EUROPEAN UNION/EU",
          "ip_addresses": [
            "93.184.216.34",
          ],
          "requestConfig": "WhatWeb/0.5.5",
        },
        "category": "WEB APPLICATION",
        "description": "Example Domain",
        "location": "http://example.com",
        "name": "http://example.com",
        "osi_layer": "NETWORK",
        "severity": "INFORMATIONAL",
      },
    ]
  `);
});

test("should properly parse empty whatweb json file", async () => {
  const fileContent = JSON.parse(
    await readFile(__dirname + "/__testFiles__/no-address.com.json", {
      encoding: "utf8",
    })
  );
  const findings = await parse(fileContent);
  // validate findings
  await expect(validateParser(findings)).resolves.toBeUndefined();
  expect(findings).toMatchInlineSnapshot(`[]`);
});

test("should properly parse securecodebox.io whatweb json file with higher aggression level(3)", async () => {
  const fileContent = JSON.parse(
    await readFile(__dirname + "/__testFiles__/securecodebox.io.json", {
      encoding: "utf8",
    })
  );
  const findings = await parse(fileContent);
  // validate findings
  await expect(validateParser(findings)).resolves.toBeUndefined();
  expect(findings).toMatchInlineSnapshot(`
    [
      {
        "attributes": {
          "HTTPServer": "GitHub.com",
          "RedirectLocation": "https://www.securecodebox.io/",
          "UncommonHeaders": "x-github-request-id,x-served-by,x-cache-hits,x-timer,x-fastly-request-id",
          "Via-Proxy": "1.1 varnish",
          "country": null,
          "ip_addresses": [
            "185.199.109.153",
          ],
          "requestConfig": "WhatWeb/0.5.5",
        },
        "category": "WEB APPLICATION",
        "description": "301 Moved Permanently",
        "location": "http://securecodebox.io",
        "name": "http://securecodebox.io",
        "osi_layer": "NETWORK",
        "severity": "INFORMATIONAL",
      },
      {
        "attributes": {
          "HTML5": true,
          "HTTPServer": "GitHub.com",
          "Meta-Refresh-Redirect": "https://docs.securecodebox.io/",
          "Strict-Transport-Security": "max-age=31556952",
          "UncommonHeaders": "access-control-allow-origin,x-proxy-cache,x-github-request-id,x-served-by,x-cache-hits,x-timer,x-fastly-request-id",
          "Via-Proxy": "1.1 varnish",
          "country": null,
          "ip_addresses": [
            "185.199.110.153",
          ],
          "requestConfig": "WhatWeb/0.5.5",
        },
        "category": "WEB APPLICATION",
        "description": "secureCodeBox – Testing your Software Security",
        "location": "https://www.securecodebox.io/",
        "name": "https://www.securecodebox.io/",
        "osi_layer": "NETWORK",
        "severity": "INFORMATIONAL",
      },
      {
        "attributes": {
          "HTML5": true,
          "HTTPServer": "Netlify",
          "MetaGenerator": "Docusaurus v2.0.0-beta.3",
          "Open-Graph-Protocol": "",
          "Script": "",
          "Strict-Transport-Security": "max-age=31536000",
          "UncommonHeaders": "x-nf-request-id",
          "country": "UNITED STATES/US",
          "ip_addresses": [
            "3.64.200.242",
          ],
          "requestConfig": "WhatWeb/0.5.5",
        },
        "category": "WEB APPLICATION",
        "description": null,
        "location": "https://docs.securecodebox.io/",
        "name": "https://docs.securecodebox.io/",
        "osi_layer": "NETWORK",
        "severity": "INFORMATIONAL",
      },
    ]
  `);
});

test("should properly parse whatweb json file with two domains", async () => {
  const fileContent = JSON.parse(
    await readFile(__dirname + "/__testFiles__/two-domains.json", {
      encoding: "utf8",
    })
  );
  const findings = await parse(fileContent);
  // validate findings
  await expect(validateParser(findings)).resolves.toBeUndefined();
  expect(findings).toMatchInlineSnapshot(`
    [
      {
        "attributes": {
          "HTML5": true,
          "HTTPServer": "ECS (dcb/7F39)",
          "country": "EUROPEAN UNION/EU",
          "ip_addresses": [
            "93.184.216.34",
          ],
          "requestConfig": "WhatWeb/0.5.5",
        },
        "category": "WEB APPLICATION",
        "description": "Example Domain",
        "location": "http://example.com",
        "name": "http://example.com",
        "osi_layer": "NETWORK",
        "severity": "INFORMATIONAL",
      },
      {
        "attributes": {
          "Apache": "",
          "Google-Analytics": "",
          "HTTPServer": "Apache/2.4.7 (Ubuntu)",
          "Script": "text/javascript",
          "country": "RESERVED/ZZ",
          "ip_addresses": [
            "45.33.32.156",
          ],
          "requestConfig": "WhatWeb/0.5.5",
        },
        "category": "WEB APPLICATION",
        "description": "Go ahead and ScanMe!",
        "location": "http://scanme.nmap.org",
        "name": "http://scanme.nmap.org",
        "osi_layer": "NETWORK",
        "severity": "INFORMATIONAL",
      },
    ]
  `);
});