greenido · December 11, 2025 19:21
diff --git a/EDR Test Script for macOS.sh b/EDR Test Script for macOS.sh
 #!/bin/zsh

 # EDR Dashboard Reports Test Script for macOS
 # Adapted for EICAR-based EDR alert testing and logging
 # Uses embedded Node.js script with console logging (no external dependencies like Winston)

 # Parameters
 SCRIPT_NAME="edr_alert_test.js"
 TEMP_DIR="/tmp/edr_test"

 # Function to check if Node.js is installed
 test_nodejs_installed() {
    if command -v node &> /dev/null; then
        echo "$(node --version)"
        return 0
    else
        return 1
    fi
 }

 # Install Node.js via Homebrew if not present
 if ! test_nodejs_installed; then
    echo "Node.js not found. Installing via Homebrew..."
    if ! command -v brew &> /dev/null; then
        echo "Homebrew not installed. Please install it first: /bin/bash -c \"$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)\""
        exit 1
    fi
    brew install node --quiet
    # Reload shell for PATH (or restart terminal)
    export PATH="/opt/homebrew/bin:$PATH"  # For Apple Silicon; adjust for Intel if needed
    echo "Node.js installed. Version: $(node --version)"
 else
    echo "Node.js already installed: $(node --version)"
 fi

 # Create temp directory
 mkdir -p "$TEMP_DIR"
 SCRIPT_PATH="$TEMP_DIR/$SCRIPT_NAME"

 # Create the JS test script locally
 echo "Creating EDR test script..."
 cat << 'EOF' > "$SCRIPT_PATH"
 const fs = require('fs');
 const path = require('path');

 class BitDefenderAlertSimulator {
    constructor() {
        // Simple console logger wrapper replacing Winston
        this.logger = {
            info: (msg) => console.log(`${new Date().toISOString()} - INFO: ${msg}`),
            warn: (msg) => console.warn(`${new Date().toISOString()} - WARN: ${msg}`),
            error: (msg) => console.error(`${new Date().toISOString()} - ERROR: ${msg}`)
        };
    }

    createMockMalwareFile(filename = 'mock_virus.txt') {
        try {
            // EICAR standard test string
            const eicarTestString = 'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*';
            
            fs.writeFileSync(filename, eicarTestString);
            this.logger.info(`Created mock malware file: ${filename}`);
            return filename;
        } catch (error) {
            this.logger.error(`Error creating mock malware file: ${error.message}`);
            return null;
        }
    }

    simulateDownloadFromSuspiciousUrl() {
        const suspiciousUrls = [
            'http://known-malware-test.com/sample.exe',
            'https://suspicious-download.net/trojan.zip',
            'http://potential-phishing.org/malware.pdf'
        ];

        try {
            const url = suspiciousUrls[Math.floor(Math.random() * suspiciousUrls.length)];
            this.logger.warn(`Simulated download from suspicious URL: ${url}`);
            return url;
        } catch (error) {
            this.logger.error(`Simulation error: ${error.message}`);
        }
    }

    testFileQuarantineSimulation() {
        const malwareFile = this.createMockMalwareFile();
        
        if (malwareFile) {
            this.logger.error(`POTENTIAL THREAT DETECTED: ${malwareFile}`);
            
            try {
                // Simulate quarantine process
                const quarantineDir = path.join(process.cwd(), 'bitdefender_quarantine');
                
                // Create quarantine directory if it doesn't exist
                if (!fs.existsSync(quarantineDir)) {
                    fs.mkdirSync(quarantineDir);
                }

                // Move file to quarantine
                const quarantinePath = path.join(quarantineDir, malwareFile);
                fs.renameSync(malwareFile, quarantinePath);
                this.logger.info(`File ${malwareFile} moved to quarantine`);
            } catch (error) {
                this.logger.error(`Quarantine simulation failed: ${error.message}`);
            }
        }
    }

    simulateNetworkIntrusionAttempt() {
        const intrusionTypes = [
            'Multiple SSH Login Attempts',
            'Potential Port Scan Detected',
            'Unexpected Incoming Connection'
        ];
        
        const intrusion = intrusionTypes[Math.floor(Math.random() * intrusionTypes.length)];
        this.logger.warn(`NETWORK SECURITY ALERT: ${intrusion}`);
    }

    runComprehensiveTest() {
        this.logger.info('Starting BitDefender Alert Simulation Test');
        
        // Simulate different scenarios
        this.simulateDownloadFromSuspiciousUrl();
        this.testFileQuarantineSimulation();
        this.simulateNetworkIntrusionAttempt();
        
        this.logger.info('Alert Simulation Test Completed');
    }
 }

 // Main execution
 function main() {
    const simulator = new BitDefenderAlertSimulator();
    simulator.runComprehensiveTest();
 }

 // Run the main function
 main();
 EOF

 # Run the Node.js script
 echo "Running EDR Alert Test Script..."
 if node "$SCRIPT_PATH"; then
    echo "Test executed successfully! Check EDR dashboard/logs for alerts (e.g., EICAR detection)."
 else
    echo "Failed to run script. Check Node.js output above."
    exit 1
 fi

 # Cleanup
 rm -rf "$TEMP_DIR"
 echo "Cleanup complete. Temp files removed."

 # Optional: Tail EDR logs (example for macOS XProtect or custom)
 # echo "Tailing system logs for EDR events (Ctrl+C to stop):"
 # log stream --predicate 'subsystem == "com.apple.xprotect" OR eventMessage CONTAINS "EICAR"' --info
	#!/bin/zsh

	# EDR Dashboard Reports Test Script for macOS
	# Adapted for EICAR-based EDR alert testing and logging
	# Uses embedded Node.js script with console logging (no external dependencies like Winston)

	# Parameters
	SCRIPT_NAME="edr_alert_test.js"
	TEMP_DIR="/tmp/edr_test"

	# Function to check if Node.js is installed
	test_nodejs_installed() {
	if command -v node &> /dev/null; then
	echo "$(node --version)"
	return 0
	else
	return 1
	fi
	}

	# Install Node.js via Homebrew if not present
	if ! test_nodejs_installed; then
	echo "Node.js not found. Installing via Homebrew..."
	if ! command -v brew &> /dev/null; then
	echo "Homebrew not installed. Please install it first: /bin/bash -c \"$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)\""
	exit 1
	fi
	brew install node --quiet
	# Reload shell for PATH (or restart terminal)
	export PATH="/opt/homebrew/bin:$PATH" # For Apple Silicon; adjust for Intel if needed
	echo "Node.js installed. Version: $(node --version)"
	else
	echo "Node.js already installed: $(node --version)"
	fi

	# Create temp directory
	mkdir -p "$TEMP_DIR"
	SCRIPT_PATH="$TEMP_DIR/$SCRIPT_NAME"

	# Create the JS test script locally
	echo "Creating EDR test script..."
	cat << 'EOF' > "$SCRIPT_PATH"
	const fs = require('fs');
	const path = require('path');

	class BitDefenderAlertSimulator {
	constructor() {
	// Simple console logger wrapper replacing Winston
	this.logger = {
	info: (msg) => console.log(`${new Date().toISOString()} - INFO: ${msg}`),
	warn: (msg) => console.warn(`${new Date().toISOString()} - WARN: ${msg}`),
	error: (msg) => console.error(`${new Date().toISOString()} - ERROR: ${msg}`)
	};
	}

	createMockMalwareFile(filename = 'mock_virus.txt') {
	try {
	// EICAR standard test string
	const eicarTestString = 'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*';

	fs.writeFileSync(filename, eicarTestString);
	this.logger.info(`Created mock malware file: ${filename}`);
	return filename;
	} catch (error) {
	this.logger.error(`Error creating mock malware file: ${error.message}`);
	return null;
	}
	}

	simulateDownloadFromSuspiciousUrl() {
	const suspiciousUrls = [
	'http://known-malware-test.com/sample.exe',
	'https://suspicious-download.net/trojan.zip',
	'http://potential-phishing.org/malware.pdf'
	];

	try {
	const url = suspiciousUrls[Math.floor(Math.random() * suspiciousUrls.length)];
	this.logger.warn(`Simulated download from suspicious URL: ${url}`);
	return url;
	} catch (error) {
	this.logger.error(`Simulation error: ${error.message}`);
	}
	}

	testFileQuarantineSimulation() {
	const malwareFile = this.createMockMalwareFile();

	if (malwareFile) {
	this.logger.error(`POTENTIAL THREAT DETECTED: ${malwareFile}`);

	try {
	// Simulate quarantine process
	const quarantineDir = path.join(process.cwd(), 'bitdefender_quarantine');

	// Create quarantine directory if it doesn't exist
	if (!fs.existsSync(quarantineDir)) {
	fs.mkdirSync(quarantineDir);
	}

	// Move file to quarantine
	const quarantinePath = path.join(quarantineDir, malwareFile);
	fs.renameSync(malwareFile, quarantinePath);
	this.logger.info(`File ${malwareFile} moved to quarantine`);
	} catch (error) {
	this.logger.error(`Quarantine simulation failed: ${error.message}`);
	}
	}
	}

	simulateNetworkIntrusionAttempt() {
	const intrusionTypes = [
	'Multiple SSH Login Attempts',
	'Potential Port Scan Detected',
	'Unexpected Incoming Connection'
	];

	const intrusion = intrusionTypes[Math.floor(Math.random() * intrusionTypes.length)];
	this.logger.warn(`NETWORK SECURITY ALERT: ${intrusion}`);
	}

	runComprehensiveTest() {
	this.logger.info('Starting BitDefender Alert Simulation Test');

	// Simulate different scenarios
	this.simulateDownloadFromSuspiciousUrl();
	this.testFileQuarantineSimulation();
	this.simulateNetworkIntrusionAttempt();

	this.logger.info('Alert Simulation Test Completed');
	}
	}

	// Main execution
	function main() {
	const simulator = new BitDefenderAlertSimulator();
	simulator.runComprehensiveTest();
	}

	// Run the main function
	main();
	EOF

	# Run the Node.js script
	echo "Running EDR Alert Test Script..."
	if node "$SCRIPT_PATH"; then
	echo "Test executed successfully! Check EDR dashboard/logs for alerts (e.g., EICAR detection)."
	else
	echo "Failed to run script. Check Node.js output above."
	exit 1
	fi

	# Cleanup
	rm -rf "$TEMP_DIR"
	echo "Cleanup complete. Temp files removed."

	# Optional: Tail EDR logs (example for macOS XProtect or custom)
	# echo "Tailing system logs for EDR events (Ctrl+C to stop):"
	# log stream --predicate 'subsystem == "com.apple.xprotect" OR eventMessage CONTAINS "EICAR"' --info
No results found