forked from volatilityfoundation/volatility3
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add testing framework Add testing framework Add revised testing framework solve dependencies failure issue split installations for testing remove snappy to ensure that tests run properly Add previous testing framework Making Requested Framework and Code changes Testing for basic requirements volatilityfoundation#1 fix requirements*.txt files requirements.txt changes update to simpler file paths Add testing README.md Final changes to new testing framework Add revised testing framework solve dependencies failure issue split installations for testing remove snappy to ensure that tests run properly Add previous testing framework Making Requested Framework and Code changes Testing for basic requirements volatilityfoundation#1 fix requirements*.txt files Add testing README.md Final changes to new testing framework
- Loading branch information
Showing
6 changed files
with
536 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
name: Test Volatility3 | ||
on: [push] | ||
jobs: | ||
|
||
build: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v2 | ||
|
||
- name: Set up Python 3.x | ||
uses: actions/setup-python@v2 | ||
with: | ||
python-version: '3.x' | ||
|
||
- name: Install dependencies | ||
run: | | ||
python -m pip install --upgrade pip | ||
pip install Cmake | ||
pip install setuptools wheel | ||
pip install -U pytest | ||
pip install -r ./test/requirements-testing.txt | ||
- name: Build PyPi packages | ||
run: | | ||
python setup.py sdist --formats=gztar,zip | ||
python setup.py bdist_wheel | ||
- name: Download images | ||
run: | | ||
curl -sLO "https://downloads.volatilityfoundation.org/volatility3/images/linux-sample-1.bin.gz" | ||
gunzip linux-sample-1.bin.gz | ||
curl -sLO "https://downloads.volatilityfoundation.org/volatility3/images/win-xp-laptop-2005-06-25.img.gz" | ||
gunzip win-xp-laptop-2005-06-25.img.gz | ||
- name: Download and Extract symbols | ||
run: | | ||
cd ./volatility3/symbols | ||
curl -sLO https://downloads.volatilityfoundation.org/volatility3/symbols/linux.zip | ||
unzip linux.zip | ||
cd - | ||
- name: Testing... | ||
run: | | ||
py.test ./test/test_volatility.py --volatility=vol.py --image win-xp-laptop-2005-06-25.img -k test_windows -v | ||
py.test ./test/test_volatility.py --volatility=vol.py --image linux-sample-1.bin -k test_linux -v | ||
- name: Clean up post-test | ||
run: | | ||
rm -rf *.lime | ||
rm -rf *.img | ||
cd volatility3/symbols | ||
rm -rf linux | ||
rm -rf linux.zip | ||
cd - |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
# Volatility 3 Testing Framework | ||
|
||
## Requirements | ||
|
||
The Volatility 3 Testing Framework requires the same version of Python as Volatility3 itself. To install the current set of dependencies that the framework requires, use a command like this: | ||
|
||
```shell | ||
pip3 install -r requirements-testing.txt | ||
``` | ||
|
||
NOTE: `requirements-testing.txt` can be found in this current `test/` directory. | ||
|
||
## Quick Start: Manual Testing | ||
|
||
1. To test Volatility 3 on an image, first download one with a command such as: | ||
|
||
```shell | ||
curl -sLO "https://downloads.volatilityfoundation.org/volatility3/images/win-xp-laptop-2005-06-25.img.gz" | ||
gunzip win-xp-laptop-2005-06-25.img.gz | ||
``` | ||
|
||
2. In many cases, more symbols are required to be downloaded to the `./volatility3/symbols` directory. | ||
|
||
3. To manually run the tests, run a command, such as: | ||
|
||
```shell | ||
py.test ./test/test_volatility.py --volatility=vol.py --image win-xp-laptop-2005-06-25.img -k test_windows | ||
``` | ||
|
||
The above command runs all available tests for windows on the `win-xp-laptop-2005-06-25.img` image. To choose a more specific set of tests, change the phrase after `-k` in this command. | ||
|
||
## Github Actions | ||
|
||
This framework currently tests two images (one linux image and one windows image) after every push on any branch. For more information/context, find the actions setup in `./github/workflows/test.yaml` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
# This file is used to augment the test configuration | ||
|
||
import os | ||
import pytest | ||
|
||
def pytest_addoption(parser): | ||
parser.addoption("--volatility", action="store", default=None, | ||
required=True, | ||
help="path to the volatility script") | ||
|
||
parser.addoption("--python", action="store", default="python3", | ||
help="The name of the interpreter to use when running the volatility script") | ||
|
||
parser.addoption("--image", action="append", default=[], | ||
help="path to an image to test") | ||
|
||
parser.addoption("--image-dir", action="append", default=[], | ||
help="path to a directory containing images to test") | ||
|
||
def pytest_generate_tests(metafunc): | ||
"""Parameterize tests based on image names""" | ||
|
||
images = metafunc.config.getoption('image') | ||
for d in metafunc.config.getoption('image_dir'): | ||
images = images + [os.path.join(d, x) for x in os.listdir(d)] | ||
|
||
# tests with "image" parameter are run against images | ||
if 'image' in metafunc.fixturenames: | ||
metafunc.parametrize("image", | ||
images, | ||
ids=[os.path.basename(image) for image in images]) | ||
|
||
# Fixtures | ||
@pytest.fixture | ||
def volatility(request): | ||
return request.config.getoption("--volatility") | ||
|
||
@pytest.fixture | ||
def python(request): | ||
return request.config.getoption("--python") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
{ | ||
"windows_dumpfiles": { | ||
"win-xp-laptop-2005-06-25.img": { | ||
"0x82220e78": [ | ||
"9bdd5532286f1660f3778e68bc36efe6", | ||
"e3bc1e9e7370e3b5a661ebe591ecf4ec" | ||
], | ||
"0x82350bf8": [ | ||
"e5c5e8d97b6280745b41f6572c85d1f0", | ||
"8589f1463422884dbf1411aaad278465" | ||
], | ||
"0x81eaf418": [ | ||
"f7a1ae2060a58f8470b97affdb46dccf", | ||
"54fd611021fa784912530b8007545986" | ||
], | ||
"0x820588e8": "458efbc8fdb859488a6ab2b200cce809" | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
# These packages are required for core functionality. | ||
pefile>=2017.8.1 #foo | ||
|
||
# The following packages are optional. | ||
# If certain packages are not necessary, place a comment (#) at the start of the line. | ||
|
||
# This is required for the yara plugins | ||
yara-python>=3.8.0 |
Oops, something went wrong.