michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
294e6721eb49c4a02d51248ecbe45ccd6c3f274b
michaelschiemer/tests/Security/WafTests/CommandInjectionTest.php
Michael Schiemer fc3d7e6357 feat(Production): Complete production deployment infrastructure 
- Add comprehensive health check system with multiple endpoints
- Add Prometheus metrics endpoint
- Add production logging configurations (5 strategies)
- Add complete deployment documentation suite:
  * QUICKSTART.md - 30-minute deployment guide
  * DEPLOYMENT_CHECKLIST.md - Printable verification checklist
  * DEPLOYMENT_WORKFLOW.md - Complete deployment lifecycle
  * PRODUCTION_DEPLOYMENT.md - Comprehensive technical reference
  * production-logging.md - Logging configuration guide
  * ANSIBLE_DEPLOYMENT.md - Infrastructure as Code automation
  * README.md - Navigation hub
  * DEPLOYMENT_SUMMARY.md - Executive summary
- Add deployment scripts and automation
- Add DEPLOYMENT_PLAN.md - Concrete plan for immediate deployment
- Update README with production-ready features

All production infrastructure is now complete and ready for deployment.
2025-10-25 19:18:37 +02:00

74 lines
1.9 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
namespace Tests\Security\WafTests;
use Tests\Security\SecurityTestCase;
use App\Framework\Waf\WafEngine;
use App\Framework\Http\Method;
/**
* Command Injection attack detection tests
*
* Tests WAF's ability to detect and block command injection attacks
*/
final readonly class CommandInjectionTest extends SecurityTestCase
{
public function __construct(
private WafEngine $wafEngine
) {}
/**
* Test WAF blocks command injection attempts
*/
public function testBlocksCommandInjection(): void
{
$testCases = $this->generateCommandInjectionTestCases();
$blocked = 0;
$failed = [];
foreach ($testCases as $testCase) {
$request = $this->createAttackRequest(
uri: '/api/execute',
method: Method::POST,
postData: ['command' => $testCase['payload']]
);
$decision = $this->wafEngine->analyzeRequest($request);
if ($decision->shouldBlock()) {
$blocked++;
} else {
$failed[] = $testCase['description'];
}
}
if (!empty($failed)) {
throw new \RuntimeException(
"WAF failed to block " . count($failed) . " command injection attacks:\n" .
implode("\n", array_slice($failed, 0, 5))
);
}
echo "✅ Blocked {$blocked}/" . count($testCases) . " command injection attacks\n";
}
/**
* Run all command injection tests
*/
public function runAllTests(): array
{
$results = [];
try {
$this->testBlocksCommandInjection();
$results['command_injection'] = 'PASS';
} catch (\Exception $e) {
$results['command_injection'] = 'FAIL: ' . $e->getMessage();
}
return $results;
}
}
Reference in New Issue View Git Blame Copy Permalink