Skip to content

Add focused integration coverage for AI, graph, and fingerprint wiring paths#9

Merged
webxxz merged 4 commits into
mainfrom
copilot/add-ai-payload-mutator
Apr 11, 2026
Merged

Add focused integration coverage for AI, graph, and fingerprint wiring paths#9
webxxz merged 4 commits into
mainfrom
copilot/add-ai-payload-mutator

Conversation

Copilot AI commented Apr 11, 2026

Copy link
Copy Markdown
Contributor

This PR adds focused integration-style tests for the V2 wiring introduced across AI payload/reporting, SSRF graph traversal, and service fingerprint enrichment. The goal is to lock in cross-module behavior at integration boundaries, especially fallback and escalation paths.

  • Payload generation + AI fallback

    • Added internal/payloads/generator_ai_test.go.
    • Covers WAF-detected + failed-initial-payload context with missing Anthropic credentials.
    • Asserts generator behavior remains safe and deterministic (no ai_mutation payloads emitted when AI is unavailable).
  • Chain enrichment from service fingerprinting

    • Added internal/chain/portmap_fingerprint_test.go.
    • Exercises MapInternalNetworkWithFingerprint with a synthetic open Redis target.
    • Verifies service enrichment and severity upgrade fields are applied on fingerprint-confirmed exposure.
  • Graph build/traversal attack-path wiring

    • Added internal/graph/wiring_test.go.
    • Builds a scored finding containing internal reachability + RCE chain signal.
    • Verifies BuildGraph emits expected graph structure and FindAttackPaths returns a high-impact RCE path.
  • Report rendering AI fallback

    • Added internal/report/platforms_ai_fallback_test.go.
    • Ensures platform report rendering falls back to static template output when AI triage generation cannot run.
  • Small maintainability cleanups in touched code

    • Clarified comments around adaptive payload attempt limits and credential-theft CVSS constant intent.
    • Reduced snippet-extraction duplication in fetch analysis via helper usage.
m := MapInternalNetworkWithFingerprint(ssrfProbe, fingerprintProbe)
// verifies open 6379 exposure is fingerprinted as redis and marked upgrade-critical

@webxxz webxxz marked this pull request as ready for review April 11, 2026 06:21
@webxxz webxxz merged commit 2318a6c into main Apr 11, 2026
0 of 2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants