feat(15-01): add Discord, Slack, DevTo recon sources and wire all six
- DiscordSource uses dorking approach against configurable search endpoint - SlackSource uses dorking against slack-archive indexers - DevToSource searches dev.to API articles list + detail for body_markdown - RegisterAll extended to include all 6 Phase 15 forum sources - All credentialless, use ciLogKeyPattern for key detection
This commit is contained in:
salvacybersec
86
pkg/recon/sources/devto_test.go
Normal file
86
pkg/recon/sources/devto_test.go
Normal file
@@ -0,0 +1,86 @@
|
||||
package sources
|
||||
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/salvacybersec/keyhunter/pkg/providers"
|
||||
"github.com/salvacybersec/keyhunter/pkg/recon"
|
||||
)
|
||||
|
||||
func TestDevTo_Name(t *testing.T) {
|
||||
s := &DevToSource{}
|
||||
if s.Name() != "devto" {
|
||||
t.Fatalf("expected devto, got %s", s.Name())
|
||||
}
|
||||
}
|
||||
|
||||
func TestDevTo_Enabled(t *testing.T) {
|
||||
s := &DevToSource{}
|
||||
if !s.Enabled(recon.Config{}) {
|
||||
t.Fatal("DevToSource should always be enabled (credentialless)")
|
||||
}
|
||||
}
|
||||
|
||||
func TestDevTo_Sweep(t *testing.T) {
|
||||
mux := http.NewServeMux()
|
||||
mux.HandleFunc("/api/articles", func(w http.ResponseWriter, r *http.Request) {
|
||||
// Check if this is a detail request (/api/articles/42).
|
||||
if r.URL.Path == "/api/articles/42" {
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
_, _ = w.Write([]byte(`{
|
||||
"body_markdown":"# Tutorial\nSet your api_key = \"sk-proj-ABCDEF1234567890abcdef\" in .env\n",
|
||||
"url":"https://dev.to/user/tutorial-post"
|
||||
}`))
|
||||
return
|
||||
}
|
||||
// List endpoint.
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
_, _ = w.Write([]byte(`[{"id":42,"url":"https://dev.to/user/tutorial-post"}]`))
|
||||
})
|
||||
// Also handle the detail path with the ID suffix.
|
||||
mux.HandleFunc("/api/articles/42", func(w http.ResponseWriter, r *http.Request) {
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
_, _ = w.Write([]byte(`{
|
||||
"body_markdown":"# Tutorial\nSet your api_key = \"sk-proj-ABCDEF1234567890abcdef\" in .env\n",
|
||||
"url":"https://dev.to/user/tutorial-post"
|
||||
}`))
|
||||
})
|
||||
|
||||
srv := httptest.NewServer(mux)
|
||||
defer srv.Close()
|
||||
|
||||
reg := providers.NewRegistryFromProviders([]providers.Provider{
|
||||
{Name: "openai", Keywords: []string{"sk-proj-"}},
|
||||
})
|
||||
|
||||
s := &DevToSource{
|
||||
BaseURL: srv.URL,
|
||||
Registry: reg,
|
||||
Client: NewClient(),
|
||||
}
|
||||
|
||||
out := make(chan recon.Finding, 10)
|
||||
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
|
||||
defer cancel()
|
||||
|
||||
err := s.Sweep(ctx, "", out)
|
||||
close(out)
|
||||
if err != nil {
|
||||
t.Fatalf("Sweep error: %v", err)
|
||||
}
|
||||
|
||||
var findings []recon.Finding
|
||||
for f := range out {
|
||||
findings = append(findings, f)
|
||||
}
|
||||
if len(findings) == 0 {
|
||||
t.Fatal("expected at least one finding from dev.to article")
|
||||
}
|
||||
if findings[0].SourceType != "recon:devto" {
|
||||
t.Fatalf("expected recon:devto, got %s", findings[0].SourceType)
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user