drogin
commented
4 years ago The code in the client repo does this :) see the stream test file, in the testPositive() method. Also, see: https://en.m.wikipedia.org/wiki/EICAR_test_file
Closed bitbythecron closed 4 years ago
drogin
commented
4 years ago The code in the client repo does this :) see the stream test file, in the testPositive() method. Also, see: https://en.m.wikipedia.org/wiki/EICAR_test_file
bitbythecron
commented
4 years ago 😍thank you!
I am building a Java-based tool that uploads files to a file store and then processes them asynchronously. I would like to setup a ClamAV cluster and use this client for running scans remotely.
For unit testing, I can mock this client very easily and coerce the mock to return whatever results I want.
However I also need to have some end-to-end acceptance/smoke tests that drive the running of an actual file through the whole/actual tool, without any mocking involved.
I was wondering if anyone here could provide any testing insight into how I could submit a file to my ClamAV cluster (through this client) that would fail the security scan and return errors in the results.
I understand this is a slippery slope, as I don't want to introduce an actual virus into my automated test suite. I guess I'm hoping that there is some repository out there that intentionally hosts files that would violate/fail ClamAV's scans for this exact same purpose? Any ideas, suggestions here? Thanks in advance!