Enhance project dependencies and CI workflows

- Added `asyncpg` as a dependency for PostgreSQL support in the project.
- Updated the GitHub Actions workflow to include additional test runs for contract schema and benchmark smoke tests.
- Introduced a new worker script for handling background tasks in the SecNode API.
- Enhanced the Docker Compose configuration for improved service management and health checks.
- Added a benchmark suite for performance evaluation with new fixtures and scoring logic.
- Refactored the attack graph engine to support multi-step traversal and scoring of paths.

Author: Av7danger

.github/workflows/secnode-pentest.yml

@@ -24,7 +24,13 @@ jobs:
         run: uv run ruff check src tests
 
       - name: Run tests with coverage
-        run: uv run pytest
+        run: uv run pytest --cov=src/secnodeapi --cov-report=term-missing --cov-fail-under=50
+
+      - name: Contract schema tests
+        run: uv run pytest tests/test_contracts.py -v
+
+      - name: Benchmark smoke tests
+        run: uv run pytest tests/test_benchmarks.py -v
 
       - name: Build package
         run: uv build

benchmarks/__init__.py

@@ -0,0 +1 @@
+"""Benchmark suite for precision/recall calibration."""

benchmarks/fixtures.py

@@ -0,0 +1,86 @@
+"""Benchmark fixtures: known-vulnerable API scenarios with expected findings."""
+from __future__ import annotations
+
+from dataclasses import dataclass, field
+from typing import List
+
+
+@dataclass
+class ExpectedFinding:
+    vulnerability_class: str
+    endpoint: str
+    method: str = "GET"
+    min_confidence: float = 0.5
+
+
+@dataclass
+class BenchmarkScenario:
+    name: str
+    description: str
+    target: str
+    expected_findings: List[ExpectedFinding] = field(default_factory=list)
+
+
+SCENARIOS: List[BenchmarkScenario] = [
+    BenchmarkScenario(
+        name="bola_basic",
+        description="BOLA on user resource endpoint",
+        target="https://vuln-api.local/api/v1",
+        expected_findings=[
+            ExpectedFinding(
+                vulnerability_class="BOLA",
+                endpoint="/api/v1/users/1",
+                min_confidence=0.7,
+            ),
+        ],
+    ),
+    BenchmarkScenario(
+        name="sqli_param",
+        description="SQL injection on query parameter",
+        target="https://vuln-api.local/api/v1",
+        expected_findings=[
+            ExpectedFinding(
+                vulnerability_class="sql-injection",
+                endpoint="/api/v1/search?q=",
+                min_confidence=0.8,
+            ),
+        ],
+    ),
+    BenchmarkScenario(
+        name="hidden_admin",
+        description="Hidden admin endpoint discovery",
+        target="https://vuln-api.local/api/v1",
+        expected_findings=[
+            ExpectedFinding(
+                vulnerability_class="hidden-endpoint",
+                endpoint="/api/v1/admin",
+                min_confidence=0.6,
+            ),
+        ],
+    ),
+    BenchmarkScenario(
+        name="mass_assignment",
+        description="Mass assignment on user update",
+        target="https://vuln-api.local/api/v1",
+        expected_findings=[
+            ExpectedFinding(
+                vulnerability_class="mass-assignment",
+                endpoint="/api/v1/users",
+                method="PUT",
+                min_confidence=0.6,
+            ),
+        ],
+    ),
+    BenchmarkScenario(
+        name="auth_differential",
+        description="Privilege escalation via auth differential",
+        target="https://vuln-api.local/api/v1",
+        expected_findings=[
+            ExpectedFinding(
+                vulnerability_class="bfla",
+                endpoint="/api/v1/admin/settings",
+                min_confidence=0.7,
+            ),
+        ],
+    ),
+]

benchmarks/scorer.py

@@ -0,0 +1,100 @@
+"""Benchmark scoring: compute precision and recall against expected findings."""
+from __future__ import annotations
+
+import json
+from dataclasses import dataclass
+from pathlib import Path
+from typing import List
+
+from .fixtures import BenchmarkScenario, ExpectedFinding
+
+
+@dataclass
+class ScenarioResult:
+    scenario_name: str
+    true_positives: int
+    false_positives: int
+    false_negatives: int
+    precision: float
+    recall: float
+    f1: float
+
+
+def score_scenario(
+    scenario: BenchmarkScenario,
+    actual_findings: List[dict],
+) -> ScenarioResult:
+    matched_expected: set[int] = set()
+    matched_actual: set[int] = set()
+
+    for ei, expected in enumerate(scenario.expected_findings):
+        for ai, actual in enumerate(actual_findings):
+            if ai in matched_actual:
+                continue
+            if _matches(expected, actual):
+                matched_expected.add(ei)
+                matched_actual.add(ai)
+                break
+
+    tp = len(matched_expected)
+    fp = len(actual_findings) - len(matched_actual)
+    fn = len(scenario.expected_findings) - tp
+
+    precision = tp / (tp + fp) if (tp + fp) > 0 else 0.0
+    recall = tp / (tp + fn) if (tp + fn) > 0 else 0.0
+    f1 = (2 * precision * recall / (precision + recall)) if (precision + recall) > 0 else 0.0
+
+    return ScenarioResult(
+        scenario_name=scenario.name,
+        true_positives=tp,
+        false_positives=fp,
+        false_negatives=fn,
+        precision=round(precision, 4),
+        recall=round(recall, 4),
+        f1=round(f1, 4),
+    )
+
+
+def _matches(expected: ExpectedFinding, actual: dict) -> bool:
+    vuln_class = actual.get("vulnerability_class", "")
+    endpoint = actual.get("endpoint", "")
+    confidence = actual.get("confidence", 0.0)
+
+    if expected.vulnerability_class.lower() not in vuln_class.lower():
+        return False
+    if expected.endpoint not in endpoint:
+        return False
+    if confidence < expected.min_confidence:
+        return False
+    return True
+
+
+def write_metrics(results: List[ScenarioResult], output_path: str = "benchmarks/metrics.json"):
+    data = {
+        "scenarios": [
+            {
+                "name": r.scenario_name,
+                "true_positives": r.true_positives,
+                "false_positives": r.false_positives,
+                "false_negatives": r.false_negatives,
+                "precision": r.precision,
+                "recall": r.recall,
+                "f1": r.f1,
+            }
+            for r in results
+        ],
+        "aggregate": {
+            "avg_precision": round(
+                sum(r.precision for r in results) / len(results), 4
+            )
+            if results
+            else 0.0,
+            "avg_recall": round(
+                sum(r.recall for r in results) / len(results), 4
+            )
+            if results
+            else 0.0,
+        },
+    }
+    Path(output_path).write_text(json.dumps(data, indent=2), encoding="utf-8")
+    return data

deploy/docker-compose.yml

@@ -1,5 +1,16 @@
 version: "3.9"
 
+x-worker-common: &worker-common
+  build:
+    context: ..
+    dockerfile: docker/Dockerfile
+  environment:
+    - SECNODE_QUEUE_BACKEND=redis
+    - SECNODE_STORAGE_BACKEND=memory
+    - SECNODE_REDIS_URL=redis://redis:6379/0
+  depends_on:
+    - redis
+
 services:
   api-gateway:
     build:
@@ -11,9 +22,17 @@ services:
       - SECNODE_LLM=${SECNODE_LLM:-openai/gpt-4o}
       - OPENAI_API_KEY=${OPENAI_API_KEY:-}
       - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY:-}
+      - SECNODE_QUEUE_BACKEND=redis
+      - SECNODE_STORAGE_BACKEND=memory
+      - SECNODE_REDIS_URL=redis://redis:6379/0
     depends_on:
       - redis
       - postgres
+    healthcheck:
+      test: ["CMD", "python", "-c", "import httpx; httpx.get('http://localhost:8000/healthz').raise_for_status()"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
 
   redis:
     image: redis:7-alpine
@@ -30,33 +49,17 @@ services:
       - "5432:5432"
 
   recon-worker:
-    build:
-      context: ..
-      dockerfile: docker/Dockerfile
-    command: ["python", "-m", "secnodeapi.cli", "--help"]
-    depends_on:
-      - redis
+    <<: *worker-common
+    command: ["python", "-m", "secnodeapi.workers.loop", "--kind", "recon"]
 
   discovery-worker:
-    build:
-      context: ..
-      dockerfile: docker/Dockerfile
-    command: ["python", "-m", "secnodeapi.cli", "--help"]
-    depends_on:
-      - redis
+    <<: *worker-common
+    command: ["python", "-m", "secnodeapi.workers.loop", "--kind", "discovery"]
 
   fuzzing-worker:
-    build:
-      context: ..
-      dockerfile: docker/Dockerfile
-    command: ["python", "-m", "secnodeapi.cli", "--help"]
-    depends_on:
-      - redis
+    <<: *worker-common
+    command: ["python", "-m", "secnodeapi.workers.loop", "--kind", "fuzzing"]
 
   exploit-worker:
-    build:
-      context: ..
-      dockerfile: docker/Dockerfile
-    command: ["python", "-m", "secnodeapi.cli", "--help"]
-    depends_on:
-      - redis
+    <<: *worker-common
+    command: ["python", "-m", "secnodeapi.workers.loop", "--kind", "exploit"]

pyproject.toml

@@ -18,6 +18,7 @@ dependencies = [
   "uvicorn==0.30.6",
   "redis==5.0.8",
   "networkx==3.3",
+  "asyncpg==0.30.0",
 ]
 
 [project.optional-dependencies]
@@ -32,6 +33,7 @@ dev = [
 [project.scripts]
 secnodeapi = "secnodeapi.cli:entrypoint"
 secnodeapi-server = "secnodeapi.api.server:run"
+secnodeapi-worker = "secnodeapi.workers.loop:main"
 
 [tool.setuptools]
 package-dir = {"" = "src"}

requirements.txt

@@ -7,6 +7,7 @@ fastapi==0.115.0
 uvicorn==0.30.6
 redis==5.0.8
 networkx==3.3
+asyncpg==0.30.0
 pytest==8.3.5
 pytest-asyncio==0.25.3
 pytest-cov==6.0.0

src/secnodeapi/api/server.py

@@ -1,8 +1,11 @@
 """FastAPI gateway for microservice runtime control."""
+from __future__ import annotations
+
 from fastapi import FastAPI, HTTPException
 from pydantic import BaseModel
 import uvicorn
 
+from ..infra.config import get_redis_url, get_queue_backend
 from ..services.controller import ControllerService
 
 app = FastAPI(title="SecNode API Pentest Platform", version="0.2.0")
@@ -18,6 +21,23 @@ async def healthz():
     return {"status": "ok"}
 
 
+@app.get("/readyz")
+async def readyz():
+    checks: dict = {"controller": True}
+    if get_queue_backend() == "redis":
+        try:
+            import redis.asyncio as aioredis
+
+            r = aioredis.from_url(get_redis_url())
+            await r.ping()
+            await r.aclose()
+            checks["redis"] = True
+        except Exception:
+            checks["redis"] = False
+    ready = all(checks.values())
+    return {"ready": ready, "checks": checks}
+
+
 @app.post("/sessions")
 async def create_session(payload: SessionCreateRequest):
     session = controller.create_session(payload.target)