username/derp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
36b21e246394ac69556f4c79f00cdf267189631a
derp/TODO.md
user 530f33be76 feat: add wave 2 plugins and --cprofile CLI flag 
Add 7 new pure-stdlib plugins: whois (raw TCP port 43), portcheck
(async TCP connect scan with internal-net guard), httpcheck (HTTP
status/redirects/timing), tlscheck (TLS version/cipher/cert inspect),
blacklist (parallel DNSBL check against 10 RBLs), rand (password/hex/
uuid/bytes/int/coin/dice), and timer (async countdown notifications).

Add --cprofile flag to CLI for profiling bot runtime. Update all docs.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-15 01:58:47 +01:00

2.1 KiB
Raw Blame History

derp - Backlog

Wave 2 Plugins (stdlib) -- DONE

  • whois -- raw socket WHOIS client (port 43)
  • portcheck -- async TCP connect scan
  • httpcheck -- HTTP status, redirects, response time
  • tlscheck -- TLS version, cipher suite, cert chain, expiry
  • blacklist -- DNSBL/RBL IP check
  • rand -- passwords, hex strings, UUIDs
  • timer -- countdown/stopwatch for time-boxed ops

Wave 3 Plugins (local databases)

  • geoip -- GeoLite2-City mmdb (requires maxminddb)
  • asn -- GeoLite2-ASN mmdb (same package)
  • torcheck -- local Tor exit node list, daily refresh
  • iprep -- Firehol/Emerging Threats blocklist feeds
  • cve -- local NVD JSON feed mirror

Wave 4 Plugins (advanced)

  • opslog -- timestamped operational notes (SQLite)
  • note -- per-channel persistent key-value store
  • subdomain -- crt.sh + wordlist DNS brute force
  • headers -- HTTP header fingerprinting with local sigs
  • exploitdb -- local exploit-db CSV search
  • payload -- SQLi/XSS/SSTI template library
  • username -- cross-platform username enumeration
  • emailcheck -- SMTP VRFY/RCPT TO verification
  • dork -- Google dork query builder
  • wayback -- Wayback Machine snapshot lookup
  • canary -- canary token generator/tracker

Bot Features

  • SASL PLAIN authentication
  • Rate limiting (anti-flood, token bucket)
  • CTCP responses (VERSION, TIME, PING)
  • Admin/owner permission system (hostmask-based)
  • Per-channel plugin enable/disable
  • Channel management commands (kick, ban, topic)
  • Multi-server support
  • IRCv3 capability negotiation

Improvements

  • Structured logging (JSON output option)
  • Plugin state persistence (SQLite backend)
  • Configurable reconnect backoff (exponential)
  • Message truncation for IRC 512-byte limit
  • Data update script for local databases (cron-friendly)

Testing

  • Integration tests with mock IRC server
  • Bot orchestrator unit tests
  • Config merge edge case tests
  • Plugin command tests (encode, hash, dns, etc.)
Reference in New Issue View Git Blame Copy Permalink