Roadmap
Everything we've shipped, everything we're building, and everything we're planning. No vaporware, no aspirational marketing. If it's listed as done, the code exists and the tests pass.
Done
87
Intelligence Confidence Audit Engine (ICAE)
Intelligence Currency Assurance Engine (ICuAE)
Email Header Analyzer
Drift Engine Phases 1–2
Architecture Page
DKIM Selector Expansion (39→81+)
Brand Verdict Matrix Overhaul
Optional Authentication (Google OAuth 2.0 PKCE)
Probe Network First Node
LLM Documentation Strategy
XSS Security Fix (Tooltip Safe DOM)
Color Science Page (CIE Scotopic, WCAG)
Badge System (SVG, Shields.io)
Domain Snapshot
Certificate Transparency Resilience
Nmap DNS Security Probing
One-Liner Verification Commands
Zone File Upload for Analysis
Hash Integrity Audit Engine
Download Verification (SHA-3-512)
Accountability Log
Glass Badge System (ICAE, Protocol, Section)
Covert Recon Mode
Web/DNS/Email Hosting Detection
Question Branding System (dt-question)
Approach & Methodology Page
TTL Alignment & Big Picture Questions
Unified Confidence Aggregation (ICD 203)
Homepage Simplification & TTL Deep Linking
DMARC External Auth Remediation
Symbiotic Security — Five Archetypes Section
Methodology Page Rename & Cross-Links
Delegation Consistency Analyzer
Nameserver Fleet Matrix
DNSSEC Operations Deep Dive
Live SonarCloud Badge & Evidence Qualification
Probe Network Second Node (Kali)
Multi-Probe Consensus Engine
Public Roadmap Page
SonarCloud Quality Gate Fix
Nmap Subdomain Enrichment
Admin Probe Management Panel
LLMs.txt & JSON-LD Consistency Audit
Stats Page Visual Redesign
Notion Bidirectional Sync
Covert Mode Color Leak Audit
Stats Confidence Engine Preview Card
Failed Analysis Transparency Page
Documentation Reality Check (LLMs + JSON-LD + Roadmap)
Covert Mode Tactical Red Filter (MIL-STD-3009)
Covert Mode Environment Presets (Submarine/Tactical/Operator)
Operator Mode Color Science (mix-blend-mode: color)
Covert Environment Icons & Accent Gray Hierarchy
SonarCloud Deep Sweep — String Constants & Regex Hardening
SonarCloud Hotspot & Vulnerability Review — Full Audit Trail
Zone Health — Context-Aware Policy & Security Signals
Zone Health Golden Rules (9 Tests, 15 Sub-Tests)
Zone File Upload — Auth-Aware Size Limits (1 MB/2 MB)
Golden Rules Export (JSON + Markdown for External Audit)
PWA Hardening (Offline Page, Page Cache, Splash Screens)
Owl of Athena Logo (AI-Generated Original)
TTL Tuner (Beta)
Six-Agent Security & Performance Audit
TLD NS Count Bug Fix + Executive TLD Gating
CSRF Form Fix (TTL Tuner & Watchlist)
TTL Tuner UX Overhaul (Loading, Auto-Scroll, Profile Selection)
DNS Provider Detection Expansion (5→15 Providers)
NS Provider-Locked Display + Rate Limit Redirect Fix
HTTP Observatory A+ Infrastructure (Secure Cookies, Full Header Suite)
Mobile Homepage Scroll Fix + Navbar Dropdown Refinement
TTL Tuner Mobile Responsive Table
SonarCloud Quality Gate Fixes (Unchecked Error Returns)
RFC Compliance vs Operational Security Pattern (SPF/DKIM/DMARC)
CVE Context in Email Security Panels (CVE-2024-7208/7209/49040)
DMARCbis Forward-Looking Notes (Standards Track, pct→t, np=)
DANE Context Deadline Fix
DNS Intelligence Upgrade (EDNS0 + DO Bit, AD Flag Tracking)
Topology Text & Container Sizing
Golden Fixtures Node Promoted to Cylinder
Action Pill Nodes (Persist, Seeds, Baselines, Validates)
Fully Responsive Zone-Based Layout with Collision Enforcement
Edge Labels Hover-Only, Explicit Protocol Angle Mapping
Unified OG Image System (6 images, ImageMagick generator)
Forgotten Domain Video (approach page + /video/forgotten-domain)
Performance Optimization (gzip, CSS/font preload hints)
Video Styling Fix (approach page — constrained width, poster)
Test Coverage Expansion (exports_ice, coverage_boost14, main)
In Progress
4
Non-Authenticated Zone Upload (One-Time View)
Open zone upload to non-auth users with 1 MB limit, IP rate limiting, no persistence — funnel to signup
SonarCloud Coverage Push (80%+ Target)
Systematic coverage improvement across handlers, analyzer, dnsclient, and middleware packages
Visual Cohesion — Top-to-Bottom Consistency
Glass treatment, question branding, and token system across all report modes
Morse Code Easter Egg
Web Audio API Morse code on Covert Mode toggle — 'GONNA HACK THE PLANET BUT FIRST I NEED A SICK HANDLE'
Next Up
6
Paid Storage Tier (TLD Operators)
Account storage quotas for serious operators — free users get persistence, paid tier expands storage for large zone files and history retention
Drift UI — Divergence Caveats
Label drift results as divergence with caveats for known false-positive edges (CNAME flattening, DNSSEC records, resolver TTL caching)
DoH/DoT Detection
Test whether domains support DNS-over-HTTPS (RFC 8484) and DNS-over-TLS (RFC 7858) — encrypted transport posture analysis
Distributed Probe Mesh (Good Net Citizens)
Volunteer browser-based DNS probes via DoH relay — multi-vantage consensus with Byzantine-resilient thresholds, reputation scoring, and privacy-preserving blinded work queues
API Access (Programmatic Analysis)
Programmatic analysis for automation workflows with rate limiting, authentication, versioning
CLI App (Homebrew/Binary)
Terminal application for macOS/Linux — works without login for basic analysis
Backlog
18
Probe Network Expansion (Additional Nodes)
Additional OSINT verification nodes beyond current two-node deployment
Personal Analysis History
Per-user session tracking and analysis library
Drift Engine Alerts
Webhook/email notifications when domain security posture changes
Saved Reports
Bookmark and revisit past analyses with snapshot storage
Drift Engine Phases 3–4
Timeline visualization and scheduled monitoring with baselines
Probe Security.txt + Landing Pages
Transparency artifacts for probe VPS nodes
Homebrew Distribution
macOS/Linux package distribution for CLI app
CVE Database Matching
Automated CVE cross-referencing for protocol findings against NVD/MITRE
DMARCbis Standards Track Tracking
Monitor draft-ietf-dmarc-dmarcbis progression through IETF
TLD Zone Health: Multi-Vantage Availability
Global latency distribution, timeout/SERVFAIL rates, regional anomalies
TLD Zone Health: Pre-Delegation Simulation
Zonemaster-style delegation quality testing and ICANN PDT readiness
TLD Zone Health: Change Detection & Alerting
Registry-specific drift with alerts on DS mismatch, DNSKEY changes, SOA serial divergence
Globalping.io Integration
Distributed DNS resolution from 100+ global locations
Zone File Import as Drift Baseline
Upload zone files to establish posture baseline for drift detection
Raw Intelligence API Access
Direct access to collected intelligence without processing layers
ISC Recommendation Path Integration
Integration with ISC remediation/hardening recommendations
TLD Zone Health: Machine-Consumable Outputs
Stable versioned JSON API for current TLD status, webhook events for state transitions
TLD Zone Health: Registry Identification
Show registry operator + IANA metadata