Security scanning using Nessus tool This change addresses the following -Network & port scanning -Vulnerability scanning Change-Id: I33c1e02b75880441a89b31c5f1998196164ef6ad Signed-off-by: prkatti1 <prkatti1@in.ibm.com>

commit: e2198968732457b50227a6973e4b421cc49f06b0 [log] [tgz]
author: prkatti1 <prkatti1@in.ibm.com> Fri Dec 23 00:20:37 2016 -0600
committer: Andrew Geissler <geissonator@yahoo.com> Fri Feb 10 13:48:36 2017 +0000
tree: d79e794c6546fe694e3c3607265b8b5b8054497d
parent: d995cb0612679be9059b10e133eaa03e4b744936 [diff]
diff --git a/gui/data/variables.py b/gui/data/variables.py
new file mode 100644
index 0000000..1abc2e2
--- /dev/null
+++ b/gui/data/variables.py

@@ -0,0 +1,24 @@
+#!/usr/bin/python
+
+# Contains xpaths and related string constants of Security scanning.
+
+class variables():
+
+    # xpaths for security scanning.
+
+    BROWSER=          "ff"
+    nessus_logo=      "xpath=//*[@id='logo']"
+    running_status=   "xpath=//*[@id='main']/div[1]/section/div[2]/table/tbody/tr[1]/td[4]"
+    username=         "test"
+    password=         "passw0rd"
+    xpath_exception=  "id=advancedButton"
+    xpath_add_exce=   "id='exceptionDialogButton'"
+    xpath_uname=      "xpath=//*[@id='nosession']/form/input[1]"
+    xpath_password=   "xpath=//*[@id='nosession']/form/input[2]"
+    xpath_signin=     "xpath=//*[@id='sign-in']"
+    xpath_search=     "xpath=//*[@id='searchbox']/input"
+    scan_name=        "OP Full Scan"
+    xpath_op_scan=    "xpath=//*[@id='main']/div[1]/section/table/tbody"
+    xpath_launch=     "xpath=//*[@id='scans-show-launch-dropdown']/span"
+    xpath_default=    "xpath=//*[@id='scans-show-launch-default']"
+    xpath_status=     "xpath=//*[@id='main']/div[1]/section/div[2]/table/tbody/tr[1]/td[4]"

diff --git a/gui/lib/resource.txt b/gui/lib/resource.txt
new file mode 100644
index 0000000..c9c8224
--- /dev/null
+++ b/gui/lib/resource.txt

@@ -0,0 +1,8 @@
+*** Settings ***
+Library  OperatingSystem
+Variables  ../data/variables.py
+
+*** Variables ***
+${HOST}           ${EMPTY}
+${HOST_USERNAME}  ${EMPTY}
+${HOST_PASSWORD}  ${EMPTY}

diff --git a/gui/lib/utils.robot b/gui/lib/utils.robot
new file mode 100644
index 0000000..c21cf40
--- /dev/null
+++ b/gui/lib/utils.robot

@@ -0,0 +1,37 @@
+*** Settings ***
+
+Library  XvfbRobot
+Library  OperatingSystem
+Library  Selenium2Library  120  120
+Library  Telnet  30 Seconds
+Library  Screenshot
+
+Resource  resource.txt
+
+*** Keywords ***
+
+Open Browser With URL
+    [Documentation]  Opens browser with specified URL.
+    [Arguments]  ${URL}
+    Start Virtual Display  1920  1080
+    ${browser_ID}=  Open Browser  ${URL}
+    Set Window Size  1920  1080
+    [Return]  browser_ID
+
+Break Firewall
+    [Documentation]  Break firewall.
+    [Arguments]  ${HOST}  ${HOST_USERNAME}  ${HOST_PASSWORD}
+    ${status}  ${value}=  Run Keyword And Ignore Error  Telnet.Open Connection
+    ...         ${HOST}  prompt=#
+    Run Keyword If  '${status}'=='PASS'  Telnet.Login  ${HOST_USERNAME}
+    ...  ${HOST_PASSWORD}  login_prompt=Username:  password_prompt=Password:
+
+Login To GUI
+    [Documentation]  Log into web GUI.
+    [Arguments]  ${URL}  ${xpath_uname}  ${username}
+    ...  ${xpath_password}  ${password}  ${xpath_signin}  ${logo}
+    Go To  ${URL}
+    Input Text  ${xpath_uname}  ${username}
+    Input Password  ${xpath_password}  ${password}
+    Click Button  ${xpath_signin}
+    Wait Until Page Contains Element  ${logo}

diff --git a/gui/tests/test_security_scanning.robot b/gui/tests/test_security_scanning.robot
new file mode 100644
index 0000000..857222e
--- /dev/null
+++ b/gui/tests/test_security_scanning.robot

@@ -0,0 +1,47 @@
+*** Settings ***

+

+Documentation  Run security and vulnerability scan.

+

+Library  XML

+Library  String

+Library  Collections

+Library  DateTime

+

+Test Setup  Security Setup

+

+Resource  ../lib/utils.robot

+

+*** Test Cases ***

+

+Security Scan

+    [Documentation]  Run nessus network and vulnerability scan.

+    [Tags]  Security_Scan

+    Log  ${NESSUS_URL}

+    Open Browser with URL  ${NESSUS_URL}

+    Login to GUI  ${NESSUS_URL}  ${xpath_uname}  ${username}

+    ...  ${xpath_password}  ${password}  ${xpath_signin}  ${nessus_logo}

+    Select Full Scan

+    Start Scan

+

+*** Keywords ***

+

+Security Setup

+    [Documentation]  Break firewall and generate URL.

+    # Nessus Username, password and IP details are expected by program

+    # and should be given as command line parameters.

+    Break Firewall  ${NESSUS_HOST}  ${NESSUS_USERNAME}  ${NESSUS_PASSWORD}

+    ${NESSUS_URL}=  Set Variable  https://${NESSUS_HOST}:8834/nessus6.html

+    Set Suite Variable  ${NESSUS_URL}

+

+Select Full Scan

+    [Documentation]  Search OP full scan.

+    Input Text  ${xpath_search}  ${scan_name}

+    Capture Page Screenshot

+    Click Element  ${xpath_op_scan}

+

+Start Scan

+    [Documentation]  Start Nessus scan.

+    Click Element  ${xpath_launch}

+    Click Element  ${xpath_default}

+    Wait Until Page Contains  running  error=Scanning not started.

+    Capture Page Screenshot
commit	e2198968732457b50227a6973e4b421cc49f06b0	[log] [tgz]
author	prkatti1 <prkatti1@in.ibm.com>	Fri Dec 23 00:20:37 2016 -0600
committer	Andrew Geissler <geissonator@yahoo.com>	Fri Feb 10 13:48:36 2017 +0000
tree	d79e794c6546fe694e3c3607265b8b5b8054497d
parent	d995cb0612679be9059b10e133eaa03e4b744936 [diff]