cf3abbdbae
Mark v0.2.0 and v0.3.0 as done, set up wave 3 sprint targeting local database plugins (geoip, asn, torcheck, iprep, cve). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1.7 KiB
1.7 KiB
derp - Backlog
Wave 3 Plugins (local databases) -- CURRENT
geoip-- GeoLite2-City mmdb (requiresmaxminddb)asn-- GeoLite2-ASN mmdb (same package)torcheck-- local Tor exit node list, daily refreshiprep-- Firehol/Emerging Threats blocklist feedscve-- local NVD JSON feed mirror
Wave 4 Plugins (advanced)
opslog-- timestamped operational notes (SQLite)note-- per-channel persistent key-value storesubdomain-- crt.sh + wordlist DNS brute forceheaders-- HTTP header fingerprinting with local sigsexploitdb-- local exploit-db CSV searchpayload-- SQLi/XSS/SSTI template libraryusername-- cross-platform username enumerationemailcheck-- SMTP VRFY/RCPT TO verificationdork-- Google dork query builderwayback-- Wayback Machine snapshot lookupcanary-- canary token generator/tracker
Bot Features
- SASL PLAIN authentication
- Rate limiting (anti-flood, token bucket)
- CTCP responses (VERSION, TIME, PING)
- Admin/owner permission system (hostmask-based)
- Per-channel plugin enable/disable
- Channel management commands (kick, ban, topic)
- Multi-server support
- IRCv3 capability negotiation
Improvements
- Structured logging (JSON output option)
- Plugin state persistence (SQLite backend)
- Configurable reconnect backoff (exponential)
- Message truncation for IRC 512-byte limit
- Data update script for local databases (cron-friendly)
Testing
- Integration tests with mock IRC server
- Bot orchestrator unit tests
- Config merge edge case tests
- Plugin command tests (encode, hash, dns, etc.)