-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathTODO.txt
36 lines (33 loc) · 2.8 KB
/
TODO.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
** PRIORITIES
1. Figure out what else is supposed to go in config.ini
2. Squash export
3. XML export, with AT LEAST Jenkins format.
** HOUSEKEEPING
ALWAYS: Exception handling.
1. Implement returning CLI sessions in SSH and CMD to context managers.
2. Implement the action/verifier templates and standardize SSH and CMD
3. Implement logging properly, including optional recording to external syslog server
4. Implement function wrapper that includes message content, option to exclude from procedure export (quiet), and criticality (fast fail)
5. Implement dictionary or JSON framework for saving results of test steps (message, success) so that they can be exported later.
6. Implement handler for step criticality. If a critical step fails, fast fail the test.
7. Break tests into campaigns, procedures and steps, defined by decorators.
8. Add unit/integration tests for every module.
7. Figure out what I'm going to do with config.ini
** FEATURES
1. Introduce modified verifers for SSH and CMD, to use regular expression search (return first result, or return all results)
2. Module for TCP/UDP flooding a target destination
3. Module for control of Selenium. (include auto-generate POM and create general functions for basic actions)
4. Module for HTTP actions and response. POST, GET, etc as well as a return code interpreter for verification.
5. Module to initiate, filter and terminate network scans with wireshark/tcpdump. Include ability to wait for a specified packet to show up or terminate after timeout.
6. Module for logging system performance metrics during execution of test steps.
7. Module for VMware ESXi/vCenter, wrap pyvmomi to expose VM manipulation functions like create, remove, snapshot control, power control and import/export hardware configuration/description text.
8. Module for nmap. Scan target IP/IP range/hostname. Return dictionary containing name, timestamp, exposed ports, etc.
7a. Add a function to enumerate all VMs matching given parameters.
8. Module for QEMU, deploy VM, enumerate VMs, display or modify VM configurations, create or delete VMs.
9. Create endpoint "agent" to allow arbitrary python code execution on the target under test. (How will dependencies be handled?)
10. Reporting handler. Export results (automatically or not) to SquashTM, Markdown.
11. Support definition of requirements as a dictionary. This can be used to append "satsifies requirement xyz" text to verifier text output.
** FUTURE
1. Dockerize! Create a baseline docker that the application under test can be installed over top of, return artifacts to a shared folder
2. A bash script to build this docker container. Define the platform and modules, spit out a docker image ready to be overlaid with the application under test through dockerfile.
3. Look into Robot Framework-style plaintext keyword executions. This will require an interpreter.