first commit
This commit is contained in:
71
docs/roadmap.md
Normal file
71
docs/roadmap.md
Normal file
@@ -0,0 +1,71 @@
|
||||
|
||||
## Priority 1 – Core Functionality / Stability
|
||||
|
||||
**Permissions / Storage Paths**
|
||||
|
||||
* ✅ `/data` and other mounted volumes setup handled by `sandbox.sh`
|
||||
* ✅ Downloads, screenshots, and HTML artifacts are written correctly (`safe_write` in `io_helpers.py`)
|
||||
|
||||
---
|
||||
|
||||
## Priority 2 – Data Accuracy / Enrichment
|
||||
|
||||
**WHOIS & GeoIP Enhancements**
|
||||
|
||||
* ✅ Implemented Python-based WHOIS parsing with fallback to raw WHOIS text
|
||||
* ✅ Default `"Possible Privacy"` or `"N/A"` for missing WHOIS fields
|
||||
* ✅ GeoIP + ASN + ISP info displayed per IP in **accordion tables**
|
||||
* ✅ Cache WHOIS and GeoIP results to reduce repeated queries
|
||||
|
||||
**Suspicious Scripts & Forms**
|
||||
|
||||
* [ ] Expand flagged script and form output with reasons for analysts
|
||||
* [ ] Show each check and if it triggered flags (pass/fail for each check)
|
||||
|
||||
**Add Suspicious BEC words**
|
||||
|
||||
* ✅ Look for things like `"reset password"`
|
||||
* ✅ Make configurable via a config file (yaml doc with rules)
|
||||
|
||||
---
|
||||
|
||||
## Priority 3 – User Interface / UX
|
||||
|
||||
**Front Page / Input Handling**
|
||||
|
||||
* [ ] Automatically prepend `http://`, `https://`, and/or `www.` if a user only enters a domain
|
||||
|
||||
**Result Templates / Cards**
|
||||
* [ ] load sourcecode for webpage in a code editor view or code block on page so that it's easier to read
|
||||
* [ ] Update result cards with clear, analyst-friendly explanations
|
||||
* [ ] Include flagged logic and reason lists for scripts and forms
|
||||
* ✅ Display GeoIP results in accordion tables (✅ done)
|
||||
|
||||
---
|
||||
|
||||
## Priority 4 – API Layer
|
||||
|
||||
**API Endpoints**
|
||||
|
||||
* [ ] Add `/screenshot` endpoint
|
||||
* [ ] Add `/source` endpoint
|
||||
* [ ] Add `/analyse` endpoint
|
||||
|
||||
**OpenAPI + Docs**
|
||||
|
||||
* [ ] Create initial `openapi/openapi.yaml` spec file
|
||||
* [ ] Serve spec at `/api/openapi.yaml`
|
||||
* [ ] Wire up Swagger UI or Redoc at `/docs` for interactive API exploration
|
||||
|
||||
---
|
||||
|
||||
## Priority 5 – Optional / Cleanup
|
||||
|
||||
**Artifact Management**
|
||||
* [ ] Implement saving of results from a UUID as "results.json" so we don't rerun all the rules and just load from cache.
|
||||
* [ ] Implement cleanup or retention policy for old artifacts
|
||||
* [ ] Optional: Add periodic maintenance scripts for storage
|
||||
|
||||
**Extra Features**
|
||||
|
||||
* [ ] Placeholder for additional features (e.g., bulk URL analysis, alerting, integrations)
|
||||
Reference in New Issue
Block a user