From 66a10d1bc4e04119fc7ea07ba9322b1363a95583 Mon Sep 17 00:00:00 2001 From: AFredefon Date: Mon, 9 Feb 2026 10:36:33 +0100 Subject: [PATCH] docs: add ROADMAP.md with planned features --- ROADMAP.md | 125 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 125 insertions(+) create mode 100644 ROADMAP.md diff --git a/ROADMAP.md b/ROADMAP.md new file mode 100644 index 0000000..8741bef --- /dev/null +++ b/ROADMAP.md @@ -0,0 +1,125 @@ +# FuzzForge OSS Roadmap + +This document outlines the planned features and development direction for FuzzForge OSS. + +--- + +## 🎯 Upcoming Features + +### 1. MCP Security Hub Integration + +**Status:** 🔄 Planned + +Integrate [mcp-security-hub](https://github.com/FuzzingLabs/mcp-security-hub) tools into FuzzForge, giving AI agents access to 28 MCP servers and 163+ security tools through a unified interface. + +#### How It Works + +Unlike native FuzzForge modules (built with the SDK), mcp-security-hub tools are **standalone MCP servers**. The integration will bridge these tools so they can be: + +- Discovered via `list_modules` alongside native modules +- Executed through FuzzForge's orchestration layer +- Chained with native modules in workflows + +| Aspect | Native Modules | MCP Hub Tools | +|--------|----------------|---------------| +| **Runtime** | FuzzForge SDK container | Standalone MCP server container | +| **Protocol** | Direct execution | MCP-to-MCP bridge | +| **Configuration** | Module config | Tool-specific args | +| **Output** | FuzzForge results format | Tool-native format (normalized) | + +#### Goals + +- Unified discovery of all available tools (native + hub) +- Orchestrate hub tools through FuzzForge's workflow engine +- Normalize outputs for consistent result handling +- No modification required to mcp-security-hub tools + +#### Planned Tool Categories + +| Category | Tools | Example Use Cases | +|----------|-------|-------------------| +| **Reconnaissance** | nmap, masscan, whatweb, shodan | Network scanning, service discovery | +| **Web Security** | nuclei, sqlmap, ffuf, nikto | Vulnerability scanning, fuzzing | +| **Binary Analysis** | radare2, binwalk, yara, capa, ghidra | Reverse engineering, malware analysis | +| **Cloud Security** | trivy, prowler | Container scanning, cloud auditing | +| **Secrets Detection** | gitleaks | Credential scanning | +| **OSINT** | maigret, dnstwist | Username tracking, typosquatting | +| **Threat Intel** | virustotal, otx | Malware analysis, IOC lookup | + +#### Example Workflow + +``` +You: "Scan example.com for vulnerabilities and analyze any suspicious binaries" + +AI Agent: +1. Uses nmap module for port discovery +2. Uses nuclei module for vulnerability scanning +3. Uses binwalk module to extract firmware +4. Uses yara module for malware detection +5. Generates consolidated report +``` + +--- + +### 2. User Interface + +**Status:** 🔄 Planned + +A graphical interface to manage FuzzForge without the command line. + +#### Goals + +- Provide an alternative to CLI for users who prefer visual tools +- Make configuration and monitoring more accessible +- Complement (not replace) the CLI experience + +#### Planned Capabilities + +| Capability | Description | +|------------|-------------| +| **Configuration** | Change MCP server settings, engine options, paths | +| **Module Management** | Browse, configure, and launch modules | +| **Execution Monitoring** | View running tasks, logs, progress, metrics | +| **Project Overview** | Manage projects and browse execution results | +| **Workflow Management** | Create and run multi-module workflows | + +--- + +## 📋 Backlog + +Features under consideration for future releases: + +| Feature | Description | +|---------|-------------| +| **Module Marketplace** | Browse and install community modules | +| **Scheduled Executions** | Run modules on a schedule (cron-style) | +| **Team Collaboration** | Share projects, results, and workflows | +| **Reporting Engine** | Generate PDF/HTML security reports | +| **Notifications** | Slack, Discord, email alerts for findings | + +--- + +## ✅ Completed + +| Feature | Version | Date | +|---------|---------|------| +| Docker as default engine | 0.1.0 | Jan 2026 | +| MCP server for AI agents | 0.1.0 | Jan 2026 | +| CLI for project management | 0.1.0 | Jan 2026 | +| Continuous execution mode | 0.1.0 | Jan 2026 | +| Workflow orchestration | 0.1.0 | Jan 2026 | + +--- + +## 💬 Feedback + +Have suggestions for the roadmap? + +- Open an issue on [GitHub](https://github.com/FuzzingLabs/fuzzforge_ai/issues) +- Join our [Discord](https://discord.gg/8XEX33UUwZ) + +--- + +

+ Built with ❤️ by FuzzingLabs +