Tests/improve core test coverage

[jake-the-dev]

Category

Tests

Feature/Issue Description

Q: Please give a brief summary of your feature/fix
A: This PR introduces round 2 of test coverage for the /core feature set.
This improves coverage from 56.72% to 68.07% - consider that this PR is 2000 lines it's looking increasingly more difficult to get this test coverage (for /core) higher.

Why the rest of core coverage is hard to improve

The remaining code is either bound to DB/server/sockets, needs refactors to unit-test cleanly, or is low-value.
Autorun engine: Rule matching and execution are tied to the DB (Rule, Command, Execution, HookedBrowser). Covering them means heavy stubbing or real DB/server, both brittle.
Handlers: HTTP/session and subnet logic depend on real-looking requests and config; more coverage needs many mocks and setup.
Websocket: EventMachine and real sockets; only really testable with a running server or by stubbing the whole stack.
Server / network stack: Some branches (e.g. SSL, cert checks) only run at startup or with a live request pipeline.
Loader / bootstrap / console: Mostly requires and CLI output; low value to cover.

Q: Give a technical rundown of what you have changed (if applicable)
A: Continued from coverage-improvements, this covers the remaining /core files with unit tests.

Test Cases

Q: Describe your test cases, what you have covered and if there are any use cases that still need addressing.
A: Unit tests for /core section logic.

[jake-the-dev]

This had to be rewritten a little, was just a lil inconsistent.

[jake-the-dev]

@zinduolis if you wouldn't mind have a look over these new tests and merging if you're happy with it. Same as before, just a bunch of unit tests for coverage. Thanks mate.

[zinduolis]

Thanks, @jake-the-dev , for this PR. I'm looking at it and will be adding comments. Here's the first one.

🔴 Contradictions with PR #3482 (ARE Removal)

PR #3482 by kaitozaw (opened Dec 29, 2025, approved with required changes, not yet merged) removes the entire Auto-Run Engine.

1. Redundant Test Files for Deleted Source Code

This PR creates 3 brand-new spec files (~560 lines total) that test source files PR #3482 deletes:

PR #3518 Adds	PR #3482 Deletes
spec/beef/core/main/autorun_engine/engine_spec.rb (359 lines)	core/main/autorun_engine/engine.rb (590 lines)
spec/beef/core/main/autorun_engine/parser_spec.rb (119 lines)	core/main/autorun_engine/parser.rb (82 lines)
spec/beef/core/main/autorun_engine/rule_loader_spec.rb (83 lines)	core/main/autorun_engine/rule_loader.rb (220 lines)

2. Redundant Model References to Deleted Tables

This PR's tests reference BeEF::Core::Models::Rule across multiple files:

• engine_spec.rb — allow(BeEF::Core::Models::Rule).to receive(:all), receive(:find)
• rule_loader_spec.rb — BeEF::Core::Models::Rule.create!(...) (writes to rules table)

PR #3482 deletes core/main/models/rule.rb and core/main/models/execution.rb, and adds migration 026_remove_autorun_tables.rb dropping both tables.

3. browserdetails.rb Conflict

Both PRs touch core/main/handlers/browserdetails.rb:

• PR Fixes issue/remove-ARE (#3475) #3482 removes the ARE trigger at lines 561-563 (find_and_run_all_matching_rules_for_zombie)
• This PR adds 153 lines of tests for browserdetails_spec.rb including filter-failure branches

These aren't directly contradictory (tests vs. source), but they will generate merge conflicts on the spec file since both modify adjacent areas.

4. Existing ARE Spec File

PR #3482 already deletes spec/beef/core/main/autorun_engine/autorun_engine_spec.rb. This PR adds 3 new spec files in the same directory. This means the autorun_engine/ spec directory would be recreated by this PR after PR #3482 removes it.