username/derp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
530f33be76dea21481fca13403d54cd3496b8811
derp/TODO.md
user 530f33be76 feat: add wave 2 plugins and --cprofile CLI flag 
Add 7 new pure-stdlib plugins: whois (raw TCP port 43), portcheck
(async TCP connect scan with internal-net guard), httpcheck (HTTP
status/redirects/timing), tlscheck (TLS version/cipher/cert inspect),
blacklist (parallel DNSBL check against 10 RBLs), rand (password/hex/
uuid/bytes/int/coin/dice), and timer (async countdown notifications).

Add --cprofile flag to CLI for profiling bot runtime. Update all docs.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-15 01:58:47 +01:00

60 lines
2.1 KiB
Markdown
Raw Blame History

# derp - Backlog
## Wave 2 Plugins (stdlib) -- DONE
- [x] `whois` -- raw socket WHOIS client (port 43)
- [x] `portcheck` -- async TCP connect scan
- [x] `httpcheck` -- HTTP status, redirects, response time
- [x] `tlscheck` -- TLS version, cipher suite, cert chain, expiry
- [x] `blacklist` -- DNSBL/RBL IP check
- [x] `rand` -- passwords, hex strings, UUIDs
- [x] `timer` -- countdown/stopwatch for time-boxed ops
## Wave 3 Plugins (local databases)
- [ ] `geoip` -- GeoLite2-City mmdb (requires `maxminddb`)
- [ ] `asn` -- GeoLite2-ASN mmdb (same package)
- [ ] `torcheck` -- local Tor exit node list, daily refresh
- [ ] `iprep` -- Firehol/Emerging Threats blocklist feeds
- [ ] `cve` -- local NVD JSON feed mirror
## Wave 4 Plugins (advanced)
- [ ] `opslog` -- timestamped operational notes (SQLite)
- [ ] `note` -- per-channel persistent key-value store
- [ ] `subdomain` -- crt.sh + wordlist DNS brute force
- [ ] `headers` -- HTTP header fingerprinting with local sigs
- [ ] `exploitdb` -- local exploit-db CSV search
- [ ] `payload` -- SQLi/XSS/SSTI template library
- [ ] `username` -- cross-platform username enumeration
- [ ] `emailcheck` -- SMTP VRFY/RCPT TO verification
- [ ] `dork` -- Google dork query builder
- [ ] `wayback` -- Wayback Machine snapshot lookup
- [ ] `canary` -- canary token generator/tracker
## Bot Features
- [ ] SASL PLAIN authentication
- [ ] Rate limiting (anti-flood, token bucket)
- [ ] CTCP responses (VERSION, TIME, PING)
- [ ] Admin/owner permission system (hostmask-based)
- [ ] Per-channel plugin enable/disable
- [ ] Channel management commands (kick, ban, topic)
- [ ] Multi-server support
- [ ] IRCv3 capability negotiation
## Improvements
- [ ] Structured logging (JSON output option)
- [ ] Plugin state persistence (SQLite backend)
- [ ] Configurable reconnect backoff (exponential)
- [ ] Message truncation for IRC 512-byte limit
- [ ] Data update script for local databases (cron-friendly)
## Testing
- [ ] Integration tests with mock IRC server
- [ ] Bot orchestrator unit tests
- [ ] Config merge edge case tests
- [ ] Plugin command tests (encode, hash, dns, etc.)
Reference in New Issue View Git Blame Copy Permalink