85 lines
3.1 KiB
Markdown
85 lines
3.1 KiB
Markdown
# derp - Roadmap
|
|
|
|
## v0.1.0 -- Foundation (done)
|
|
|
|
- [x] IRC protocol: connect, parse, send
|
|
- [x] TLS support with optional verification
|
|
- [x] Plugin system with `@command` and `@event`
|
|
- [x] TOML configuration with defaults merging
|
|
- [x] Built-in plugins: ping, help, version
|
|
- [x] Auto PING/PONG, nick recovery, reconnect
|
|
- [x] CLI entry point with argparse
|
|
|
|
## v0.2.0 -- Operational Toolkit (done)
|
|
|
|
- [x] Plugin hot-reload (!load, !reload, !unload, !plugins)
|
|
- [x] Command shorthand (unambiguous prefix matching)
|
|
- [x] Plugin help (!help <plugin>)
|
|
- [x] Container support (Containerfile, podman-compose)
|
|
- [x] DNS plugin (raw UDP resolver, all record types)
|
|
- [x] Encode/decode plugin (b64, hex, url, rot13)
|
|
- [x] Hash plugin (generation + type identification)
|
|
- [x] Defang/refang plugin (IOC sanitization)
|
|
- [x] Reverse shell generator (11 languages)
|
|
- [x] CIDR calculator plugin
|
|
- [x] Bot uptime command
|
|
- [x] SASL PLAIN authentication
|
|
- [x] Rate limiting (anti-flood, token bucket)
|
|
- [x] CTCP VERSION/TIME/PING responses
|
|
|
|
## v0.3.0 -- Wave 2 + Admin (done)
|
|
|
|
- [x] WHOIS plugin (raw socket, port 43)
|
|
- [x] Port scanner plugin (async TCP connect)
|
|
- [x] HTTP check plugin (status, redirects, timing)
|
|
- [x] TLS check plugin (cipher, cert chain, expiry)
|
|
- [x] DNSBL/blacklist check plugin
|
|
- [x] Random generator plugin (passwords, UUIDs, hex)
|
|
- [x] Timer plugin (countdown for time-boxed ops)
|
|
- [x] Admin/owner permission system (hostmask + IRCOP)
|
|
- [x] !whoami and !admins commands
|
|
|
|
## v0.4.0 -- Wave 3 Plugins (Local Databases) (done)
|
|
|
|
- [x] GeoIP plugin (MaxMind GeoLite2-City mmdb)
|
|
- [x] ASN plugin (GeoLite2-ASN mmdb)
|
|
- [x] Tor exit node check (local list, daily refresh)
|
|
- [x] IP reputation plugin (Firehol blocklist feeds)
|
|
- [x] CVE lookup plugin (local NVD JSON feed)
|
|
- [x] Data update script (cron-friendly, all local DBs)
|
|
|
|
## v0.5.0 -- Wave 4 Plugins (Advanced) (done)
|
|
|
|
- [x] Operational logging plugin (SQLite per-channel)
|
|
- [x] Persistent notes plugin (per-channel key-value)
|
|
- [x] Subdomain enumeration (crt.sh + wordlist DNS brute)
|
|
- [x] HTTP header fingerprinting (local signature db)
|
|
- [x] ExploitDB search (local CSV clone)
|
|
- [x] Payload template library (SQLi, XSS, SSTI, LFI, CMDi, XXE)
|
|
|
|
## v1.0.0 -- Stable (done)
|
|
|
|
- [x] IRCv3 capability negotiation (CAP LS 302)
|
|
- [x] Message tags support (IRCv3 @tags parsing)
|
|
- [x] Channel management commands (kick, ban, unban, topic, mode)
|
|
- [x] Plugin state persistence (SQLite key-value store)
|
|
|
|
## v1.1.0 -- Hardening + Wave 5 Plugins (done)
|
|
|
|
- [x] Message truncation for IRC 512-byte limit
|
|
- [x] Configurable reconnect backoff (exponential)
|
|
- [x] Bot orchestrator + config merge tests
|
|
- [x] `wayback` plugin (Wayback Machine snapshot lookup)
|
|
- [x] `dork` plugin (Google dork query builder)
|
|
- [x] Per-channel plugin enable/disable
|
|
- [x] Structured logging (JSON output option)
|
|
- [x] Integration tests with mock IRC server
|
|
- [x] `username` plugin (cross-platform username enumeration)
|
|
|
|
## v2.0.0 -- Multi-Server + Stable API
|
|
|
|
- [ ] Multi-server support (per-server config, shared plugins)
|
|
- [ ] Stable plugin API (versioned, breaking change policy)
|
|
- [ ] `emailcheck` plugin (SMTP VRFY/RCPT TO)
|
|
- [ ] `canary` plugin (canary token generator/tracker)
|