123 lines
2.6 KiB
Go
123 lines
2.6 KiB
Go
package sources
|
|
|
|
import (
|
|
"reflect"
|
|
"testing"
|
|
|
|
"github.com/salvacybersec/keyhunter/pkg/providers"
|
|
"github.com/salvacybersec/keyhunter/pkg/recon"
|
|
)
|
|
|
|
// registerTestRegistry builds a minimal registry with one synthetic provider so
|
|
// BuildQueries inside individual sources does not panic.
|
|
func registerTestRegistry() *providers.Registry {
|
|
return providers.NewRegistryFromProviders([]providers.Provider{
|
|
{Name: "openai", Keywords: []string{"sk-proj-"}},
|
|
})
|
|
}
|
|
|
|
// TestRegisterAll_WiresAllSources asserts that RegisterAll registers
|
|
// every Phase 10-15 source by its stable name on a fresh engine.
|
|
func TestRegisterAll_WiresAllSources(t *testing.T) {
|
|
eng := recon.NewEngine()
|
|
cfg := SourcesConfig{
|
|
Registry: registerTestRegistry(),
|
|
Limiters: recon.NewLimiterRegistry(),
|
|
}
|
|
RegisterAll(eng, cfg)
|
|
|
|
got := eng.List()
|
|
want := []string{
|
|
"azureblob",
|
|
"binaryedge",
|
|
"bing",
|
|
"bitbucket",
|
|
"brave",
|
|
"censys",
|
|
"circleci",
|
|
"codeberg",
|
|
"codesandbox",
|
|
"commoncrawl",
|
|
"confluence",
|
|
"crates",
|
|
"deploypreview",
|
|
"devto",
|
|
"discord",
|
|
"dockerhub",
|
|
"dotenv",
|
|
"duckduckgo",
|
|
"elasticsearch",
|
|
"fofa",
|
|
"gcs",
|
|
"ghactions",
|
|
"gist",
|
|
"gistpaste",
|
|
"github",
|
|
"gitlab",
|
|
"google",
|
|
"googledocs",
|
|
"goproxy",
|
|
"grafana",
|
|
"hackernews",
|
|
"helm",
|
|
"huggingface",
|
|
"jenkins",
|
|
"jsbundle",
|
|
"k8s",
|
|
"kaggle",
|
|
"kibana",
|
|
"maven",
|
|
"netlas",
|
|
"notion",
|
|
"npm",
|
|
"nuget",
|
|
"packagist",
|
|
"pastebin",
|
|
"pastesites",
|
|
"pypi",
|
|
"reddit",
|
|
"replit",
|
|
"rubygems",
|
|
"s3",
|
|
"sandboxes",
|
|
"sentry",
|
|
"shodan",
|
|
"slack",
|
|
"sourcemaps",
|
|
"spaces",
|
|
"splunk",
|
|
"stackoverflow",
|
|
"swagger",
|
|
"terraform",
|
|
"travisci",
|
|
"trello",
|
|
"wayback",
|
|
"webpack",
|
|
"yandex",
|
|
"zoomeye",
|
|
}
|
|
if !reflect.DeepEqual(got, want) {
|
|
t.Fatalf("RegisterAll names mismatch\n got: %v\nwant: %v", got, want)
|
|
}
|
|
}
|
|
|
|
// TestRegisterAll_MissingCredsStillRegistered asserts that sources whose
|
|
// credentials are absent are still registered (so eng.List() reports them),
|
|
// but their Enabled() returns false. This keeps the CLI surface uniform
|
|
// regardless of which tokens are configured.
|
|
func TestRegisterAll_MissingCredsStillRegistered(t *testing.T) {
|
|
eng := recon.NewEngine()
|
|
RegisterAll(eng, SourcesConfig{
|
|
Registry: registerTestRegistry(),
|
|
Limiters: recon.NewLimiterRegistry(),
|
|
})
|
|
|
|
if n := len(eng.List()); n != 67 {
|
|
t.Fatalf("expected 67 sources registered, got %d: %v", n, eng.List())
|
|
}
|
|
|
|
// SweepAll with an empty config should filter out cred-gated sources
|
|
// (github, gitlab, bitbucket, gist, kaggle) and still run the credless
|
|
// ones. We only check List() here; the integration test covers Sweep.
|
|
}
|