sneakygeek/SneakyScan
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
451c7e92ff7dcd96e6121f88dd9a077aff806fbb
SneakyScan/docs/ROADMAP.md
Phillip Tarrant a682e5233c Reorganize roadmap with versioned planned features 
Condensed completed phases into concise summaries and categorized
planned features into version milestones:
- v1.1.0: Communication & Automation (CLI, Email, CSV)
- v1.2.0: Reporting & Analysis (Scan Comparison, Enhanced Reports)
- v1.3.0: Visualization (Timeline View, Advanced Charts)
- v2.0.0: Security Intelligence (Vulnerability Detection)
2025-11-20 14:39:14 -06:00

3.1 KiB
Raw Blame History

SneakyScanner Roadmap

Vision & Goals

SneakyScanner is a comprehensive Flask web application for infrastructure monitoring and security auditing. The primary interface is the web GUI, with a CLI API client planned for scripting and automation needs.

Version 1.0.0 - Complete

Phase 1: Foundation

Completed: 2025-11-13

  • Database schema with 11 tables (SQLAlchemy ORM, Alembic migrations)
  • Settings system with encryption (bcrypt, Fernet)
  • Flask app structure with API blueprints
  • Docker Compose deployment

Phase 2: Flask Web App Core

Completed: 2025-11-14

  • REST API (8 endpoints for scans, settings)
  • Background job queue (APScheduler, 3 concurrent scans)
  • Session-based authentication (Flask-Login)
  • Web UI templates (dashboard, scan list/detail, login)
  • Comprehensive test suite (100 tests)

Phase 3: Dashboard & Scheduling

Completed: 2025-11-14

  • Dashboard with summary stats and trend charts (Chart.js)
  • Scan detail pages with full results display
  • Scheduled scan management (cron expressions)
  • Download buttons for reports (JSON, HTML, ZIP)

Phase 4: Config Creator

Completed: 2025-11-17

  • CIDR-based config creation UI
  • YAML editor with CodeMirror
  • Config management (list, view, edit, download, delete)
  • REST API for config operations (7 endpoints)

Phase 5: Webhooks & Alerting

Completed: 2025-11-19

  • Alert Rule Engine (9 alert types: unexpected_port, cert_expiry, ping_failed, etc.)
  • Webhook notifications with retry logic
  • Multiple webhook URLs with independent filtering
  • Notification templates (Slack, Discord, PagerDuty support)
  • Alert deduplication

Planned Features

Version 1.1.0 - Communication & Automation

CLI as API Client

  • CLI tool for scripting and automation via REST API
  • API token authentication (Bearer tokens)
  • Commands for scan management, schedules, alerts

Email Notifications

  • SMTP integration with Flask-Mail
  • Jinja2 email templates (HTML + plain text)
  • Configurable recipients and rate limiting

Site CSV Export/Import

  • Bulk site management via CSV files

Version 1.2.0 - Reporting & Analysis

Scan Comparison

  • Compare two scans API endpoint
  • Side-by-side comparison view with color-coded differences
  • Export comparison report to PDF/HTML

Enhanced Reports

  • Sortable/filterable tables (DataTables.js)
  • PDF export (WeasyPrint)

Version 1.3.0 - Visualization

Timeline View

  • Visual scan history timeline
  • Filter by site/IP
  • Event annotations

Advanced Charts

  • Port activity heatmap
  • Certificate expiration forecast

Version 2.0.0 - Security Intelligence

Vulnerability Detection

  • CVE database integration (NVD API)
  • Service version matching to known CVEs
  • CVSS severity scores

Changelog

Date Version Changes
2025-11-13 1.0.0-alpha Phase 1 complete - Foundation
2025-11-14 1.0.0-beta Phases 2-3 complete - Web App Core, Dashboard & Scheduling
2025-11-17 1.0.0-rc1 Phase 4 complete - Config Creator
2025-11-19 1.0.0 Phase 5 complete - Webhooks & Alerting

Last Updated: 2025-11-20

Reference in New Issue View Git Blame Copy Permalink