Skip to content

Commit 6de402f

Browse files
committed
Add extra test cases to vulnerabilities/init_test
1 parent 1fe6d2d commit 6de402f

1 file changed

Lines changed: 22 additions & 0 deletions

File tree

aikido_zen/vulnerabilities/init_test.py

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -93,12 +93,30 @@ def test_lifecycle_cache_bypassed_ip(caplog, get_context):
9393
def test_sql_injection(caplog, get_context, monkeypatch):
9494
get_context.set_as_current_context()
9595
monkeypatch.setenv("AIKIDO_BLOCK", "1")
96+
97+
assert get_cache().stats.get_record()["requests"]["attacksDetected"]["total"] == 0
9698
with pytest.raises(AikidoSQLInjection):
9799
run_vulnerability_scan(
98100
kind="sql_injection",
99101
op="test_op",
100102
args=("INSERT * INTO VALUES ('doggoss2', TRUE);", "mysql"),
101103
)
104+
assert get_cache().stats.get_record()["requests"]["attacksDetected"]["total"] == 1
105+
assert get_cache().stats.get_record()["requests"]["attacksDetected"]["blocked"] == 1
106+
107+
108+
def test_sql_injection_but_blocking_off(caplog, get_context, monkeypatch):
109+
get_context.set_as_current_context()
110+
monkeypatch.setenv("AIKIDO_BLOCK", "0")
111+
112+
assert get_cache().stats.get_record()["requests"]["attacksDetected"]["total"] == 0
113+
run_vulnerability_scan(
114+
kind="sql_injection",
115+
op="test_op",
116+
args=("INSERT * INTO VALUES ('doggoss2', TRUE);", "mysql"),
117+
)
118+
assert get_cache().stats.get_record()["requests"]["attacksDetected"]["total"] == 1
119+
assert get_cache().stats.get_record()["requests"]["attacksDetected"]["blocked"] == 0
102120

103121

104122
def test_sql_injection_with_route_params(caplog, get_context, monkeypatch):
@@ -162,7 +180,9 @@ def test_ssrf_vulnerability_scan_no_port(get_context):
162180
hostname = "example.com"
163181
port = 0 # Port is zero, should not add to hostnames
164182

183+
assert get_cache().stats.get_record()["requests"]["attacksDetected"]["total"] == 0
165184
run_vulnerability_scan(kind="ssrf", op="test", args=(dns_results, hostname, port))
185+
assert get_cache().stats.get_record()["requests"]["attacksDetected"]["total"] == 0
166186

167187
assert get_cache().hostnames.as_array() == []
168188

@@ -176,7 +196,9 @@ def test_ssrf_vulnerability_scan_bypassed_ip(get_context):
176196
hostname = "example.com"
177197
port = 80
178198

199+
assert get_cache().stats.get_record()["requests"]["attacksDetected"]["total"] == 0
179200
run_vulnerability_scan(kind="ssrf", op="test", args=(dns_results, hostname, port))
201+
assert get_cache().stats.get_record()["requests"]["attacksDetected"]["total"] == 0
180202

181203
# Verify that hostnames.add was not called due to bypassed IP
182204
assert get_cache().hostnames.as_array() == []

0 commit comments

Comments
 (0)