username/derp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c5b0430da82ce6eb36763272f566de6cb53e4102
derp/TODO.md
user c5b0430da8 docs: add podman-compose, update all project documentation 
- docker-compose.yml for podman-compose deployment
- Makefile: add up/down/logs compose targets
- README: plugin table, container quickstart, make targets
- PROJECT: plugin categories, deployment matrix, design decisions
- ROADMAP: v0.1 done, v0.2 current, v0.3-v1.0 planned
- TASKS: current sprint with priorities
- TODO: full backlog organized by wave
- CHEATSHEET: reorganized by category (OSINT, Red Team, OPSEC)
- INSTALL: container deployment instructions
- DEBUG: container logs, hot-reload, DNS troubleshooting
- USAGE: all 19 commands documented

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-15 01:46:21 +01:00

60 lines
2.1 KiB
Markdown
Raw Blame History

# derp - Backlog
## Wave 2 Plugins (stdlib, next up)
- [ ] `whois` -- raw socket WHOIS client (port 43)
- [ ] `portcheck` -- async TCP connect scan
- [ ] `httpcheck` -- HTTP status, redirects, response time
- [ ] `tlscheck` -- TLS version, cipher suite, cert chain, expiry
- [ ] `blacklist` -- DNSBL/RBL IP check
- [ ] `rand` -- passwords, hex strings, UUIDs
- [ ] `timer` -- countdown/stopwatch for time-boxed ops
## Wave 3 Plugins (local databases)
- [ ] `geoip` -- GeoLite2-City mmdb (requires `maxminddb`)
- [ ] `asn` -- GeoLite2-ASN mmdb (same package)
- [ ] `torcheck` -- local Tor exit node list, daily refresh
- [ ] `iprep` -- Firehol/Emerging Threats blocklist feeds
- [ ] `cve` -- local NVD JSON feed mirror
## Wave 4 Plugins (advanced)
- [ ] `opslog` -- timestamped operational notes (SQLite)
- [ ] `note` -- per-channel persistent key-value store
- [ ] `subdomain` -- crt.sh + wordlist DNS brute force
- [ ] `headers` -- HTTP header fingerprinting with local sigs
- [ ] `exploitdb` -- local exploit-db CSV search
- [ ] `payload` -- SQLi/XSS/SSTI template library
- [ ] `username` -- cross-platform username enumeration
- [ ] `emailcheck` -- SMTP VRFY/RCPT TO verification
- [ ] `dork` -- Google dork query builder
- [ ] `wayback` -- Wayback Machine snapshot lookup
- [ ] `canary` -- canary token generator/tracker
## Bot Features
- [ ] SASL PLAIN authentication
- [ ] Rate limiting (anti-flood, token bucket)
- [ ] CTCP responses (VERSION, TIME, PING)
- [ ] Admin/owner permission system (hostmask-based)
- [ ] Per-channel plugin enable/disable
- [ ] Channel management commands (kick, ban, topic)
- [ ] Multi-server support
- [ ] IRCv3 capability negotiation
## Improvements
- [ ] Structured logging (JSON output option)
- [ ] Plugin state persistence (SQLite backend)
- [ ] Configurable reconnect backoff (exponential)
- [ ] Message truncation for IRC 512-byte limit
- [ ] Data update script for local databases (cron-friendly)
## Testing
- [ ] Integration tests with mock IRC server
- [ ] Bot orchestrator unit tests
- [ ] Config merge edge case tests
- [ ] Plugin command tests (encode, hash, dns, etc.)
Reference in New Issue View Git Blame Copy Permalink