username/derp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
144193e3bbdefaa2ca9de66eb6bb23afd0552186
derp/ROADMAP.md
user 144193e3bb docs: update docs for multi-server support 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-21 19:04:23 +01:00

5.7 KiB
Raw Blame History

derp - Roadmap

v0.1.0 -- Foundation (done)

  • IRC protocol: connect, parse, send
  • TLS support with optional verification
  • Plugin system with @command and @event
  • TOML configuration with defaults merging
  • Built-in plugins: ping, help, version
  • Auto PING/PONG, nick recovery, reconnect
  • CLI entry point with argparse

v0.2.0 -- Operational Toolkit (done)

  • Plugin hot-reload (!load, !reload, !unload, !plugins)
  • Command shorthand (unambiguous prefix matching)
  • Plugin help (!help )
  • Container support (Containerfile, podman-compose)
  • DNS plugin (raw UDP resolver, all record types)
  • Encode/decode plugin (b64, hex, url, rot13)
  • Hash plugin (generation + type identification)
  • Defang/refang plugin (IOC sanitization)
  • Reverse shell generator (11 languages)
  • CIDR calculator plugin
  • Bot uptime command
  • SASL PLAIN authentication
  • Rate limiting (anti-flood, token bucket)
  • CTCP VERSION/TIME/PING responses

v0.3.0 -- Wave 2 + Admin (done)

  • WHOIS plugin (raw socket, port 43)
  • Port scanner plugin (async TCP connect)
  • HTTP check plugin (status, redirects, timing)
  • TLS check plugin (cipher, cert chain, expiry)
  • DNSBL/blacklist check plugin
  • Random generator plugin (passwords, UUIDs, hex)
  • Timer plugin (countdown for time-boxed ops)
  • Admin/owner permission system (hostmask + IRCOP)
  • !whoami and !admins commands

v0.4.0 -- Wave 3 Plugins (Local Databases) (done)

  • GeoIP plugin (MaxMind GeoLite2-City mmdb)
  • ASN plugin (GeoLite2-ASN mmdb)
  • Tor exit node check (local list, daily refresh)
  • IP reputation plugin (Firehol blocklist feeds)
  • CVE lookup plugin (local NVD JSON feed)
  • Data update script (cron-friendly, all local DBs)

v0.5.0 -- Wave 4 Plugins (Advanced) (done)

  • Operational logging plugin (SQLite per-channel)
  • Persistent notes plugin (per-channel key-value)
  • Subdomain enumeration (crt.sh + wordlist DNS brute)
  • HTTP header fingerprinting (local signature db)
  • ExploitDB search (local CSV clone)
  • Payload template library (SQLi, XSS, SSTI, LFI, CMDi, XXE)

v1.0.0 -- Stable (done)

  • IRCv3 capability negotiation (CAP LS 302)
  • Message tags support (IRCv3 @tags parsing)
  • Channel management commands (kick, ban, unban, topic, mode)
  • Plugin state persistence (SQLite key-value store)

v1.1.0 -- Hardening + Wave 5 Plugins (done)

  • Message truncation for IRC 512-byte limit
  • Configurable reconnect backoff (exponential)
  • Bot orchestrator + config merge tests
  • wayback plugin (Wayback Machine snapshot lookup)
  • dork plugin (Google dork query builder)
  • Per-channel plugin enable/disable
  • Structured logging (JSON output option)
  • Integration tests with mock IRC server
  • username plugin (cross-platform username enumeration)

v1.2.0 -- Subscriptions + Proxy (done)

  • rss plugin (RSS/Atom feed subscriptions with polling)
  • yt plugin (YouTube channel follow via Atom feeds)
  • twitch plugin (livestream notifications via public GQL)
  • alert plugin (keyword alerts across 27 platforms)
  • searx plugin (SearXNG web search)
  • tdns plugin (TCP DNS via SOCKS5 proxy)
  • remind plugin (one-shot, repeating, calendar-based reminders)
  • SOCKS5 proxy transport layer (HTTP, TCP, async connections)
  • Alert backends: YouTube, Twitch, SearXNG, Reddit, Mastodon, DuckDuckGo, Google News, Kick, Dailymotion, PeerTube, Bluesky, Lemmy, Odysee, Archive.org, Hacker News, GitHub, Wikipedia, Stack Exchange, GitLab, npm, PyPI, Docker Hub, arXiv, Lobsters, DEV.to, Medium, Hugging Face
  • Alert result history (SQLite) with short IDs and !alert info
  • OG tag fetching for keyword matching and date enrichment
  • Invite auto-join with persistence
  • Graceful SIGTERM shutdown
  • InnerTube-based YouTube channel resolution for video URLs

v1.2.1 -- Performance + Polish (done)

  • HTTP opener caching at module level (eliminates per-request construction)
  • --tracemalloc CLI flag for memory profiling (dumps to data/derp.malloc)
  • Background seeding on !alert add (instant reply, seeds asynchronously)
  • Per-backend error tracking with exponential backoff
  • Concurrent fetches for multi-instance backends (PeerTube, Mastodon, Lemmy, SearXNG)
  • retries parameter for derp.http.urlopen
  • Alert output: ACTION line (metadata/URL) + PRIVMSG (full uncropped title)
  • tracemalloc writes to file instead of logger (survives podman log buffer)

v2.0.0 -- Multi-Server + Integrations

  • Multi-server support (per-server config, shared plugins)
  • Stable plugin API (versioned, breaking change policy)
  • Paste overflow (auto-paste long output to FlaskPaste, return link)
  • URL shortener integration (shorten URLs in subscription announcements)
  • Webhook listener (HTTP endpoint for push events to channels)
  • Granular ACLs (per-command permission tiers: trusted, operator, admin)
  • paste command (manual paste to FlaskPaste)
  • shorten command (manual URL shortening)
  • emailcheck plugin (SMTP VRFY/RCPT TO)
  • canary plugin (canary token generator/tracker)
  • virustotal plugin (hash/URL/IP/domain lookup, free API)
  • abuseipdb plugin (IP abuse confidence scoring, free tier)
  • jwt plugin (decode tokens, show claims/expiry, flag weaknesses)
  • mac plugin (OUI vendor lookup, local IEEE database)
  • pastemoni plugin (monitor paste sites for keywords)
  • cron plugin (scheduled bot commands on a timer)
  • Plugin command unit tests (encode, hash, dns, cidr, defang)
  • CI pipeline (Gitea Actions, Python 3.11-3.13, ruff + pytest)
Reference in New Issue View Git Blame Copy Permalink