Merge pull request #133 from CybercentreCanada/update/more-fp-tlds

Update/more fp tlds [dev]

assemblyline_service_utilities/common/dynamic_service_helper.py

@@ -94,7 +94,7 @@
 # The following lists of domains and top-level domains are used for finding false-positives
 # when extracting domains from text blobs
 COMMON_FP_DOMAINS = ["example.com"]
-COMMON_FP_TLDS_THAT_ARE_FILE_EXTS = [".dot", ".js", ".one", ".pub", ".py", ".sh", ".zip"]
+COMMON_FP_TLDS_THAT_ARE_FILE_EXTS = [".dot", ".js", ".one", ".ps", ".pub", ".py", ".sh", ".win", ".zip"]
 COMMON_FP_TLDS_THAT_ARE_JS_COMMANDS = [
     ".as",
     ".author",
@@ -873,14 +873,16 @@ def as_primitives(self) -> Dict[str, Any]:
         :return: The dictionary representation of the object
         """
         return {
-            key: value
-            if (
-                not isinstance(value, Process)
-                and not isinstance(value, ObjectID)
-                and not isinstance(value, NetworkDNS)
-                and not isinstance(value, NetworkHTTP)
+            key: (
+                value
+                if (
+                    not isinstance(value, Process)
+                    and not isinstance(value, ObjectID)
+                    and not isinstance(value, NetworkDNS)
+                    and not isinstance(value, NetworkHTTP)
+                )
+                else value.as_primitives()
             )
-            else value.as_primitives()
             for key, value in self.__dict__.items()
         }
 

assemblyline_service_utilities/testing/helper.py

@@ -511,7 +511,7 @@ def _file_compare(ih: IssueHelper, f_type, original, new):
 
         # Prune out items in the lists where nothing changed
         for file in list(original):
-            if file in original and file in new:
+            if file in new:
                 original.remove(file)
                 new.remove(file)