CalvinBackup/mvt
1
0
Fork 0
mirror of https://github.com/mvt-project/mvt.git synced 2026-02-12 16:42:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

Open all iOS sqlite3 databases with immutable=1 (#430)

Browse Source
This commit is contained in:
Rory Flynn
2023-11-28 12:46:18 +01:00
committed by GitHub
parent fb52f73556
commit fd3ef76873
22 changed files with 29 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
tests/ios_fs/test_filesystem.py
View File

@@ -4,31 +4,23 @@
# https://license.mvt.re/1.1/
import logging
import pytest
from mvt.common.indicators import Indicators
from mvt.common.module import run_module
from mvt.ios.modules.fs.filesystem import Filesystem
from ..utils import delete_tmp_db_files, get_ios_backup_folder
@pytest.fixture()
def cleanup_tmp_artifacts():
ios_backup_folder = get_ios_backup_folder()
delete_tmp_db_files(ios_backup_folder)
return
from ..utils import get_ios_backup_folder
class TestFilesystem:
def test_filesystem(self, cleanup_tmp_artifacts):
def test_filesystem(self):
m = Filesystem(target_path=get_ios_backup_folder())
run_module(m)
assert len(m.results) == 15
assert len(m.timeline) == 15
assert len(m.detected) == 0
def test_detection(self, indicator_file, cleanup_tmp_artifacts):
def test_detection(self, indicator_file):
m = Filesystem(target_path=get_ios_backup_folder())
ind = Indicators(log=logging.getLogger())
ind.parse_stix2(indicator_file)