If you're open to it, I'd like to contribute an IRC module. Per the "Adding New Protocols" guidance, opening this first to check before submitting the PR.
The implementation is already written and tested against a list of common networks, and individual EFnet servers (https://www.efnet.org/#servers), since their list is often stale I personally wanted something to quickly run to validate what's live.
What it collects
Only what an unauthenticated client sees from the standard registration handshake:
- pre-registration NOTICE banner
- welcome numerics (001-004), incl. parsed server name / software version / user & channel modes
- RPL_ISUPPORT (005) feature tokens
- LUSERS network statistics
- MOTD
- advertised IRCv3 capabilities (CAP LS)
- a best-effort server daemon guess (e.g. InspIRCd, UnrealIRCd, Solanum, ircd-hybrid)
- structured error/rejection details (433/464/465, ERROR)
Ethical-scanning compliance
The module sends CAP/NICK/USER (no credentials), answers PING, and QUITs before anything resembling authentication. It never sends PASS; if a server requires a password or bans the client, that rejection is simply recorded. It only collects information available to any standard client without authenticating.
TLS
--ircs — implicit TLS before registration (port 6697), with the standard zgrab2 TLS log.
--starttls — the IRCv3 STARTTLS extension. It's deprecated in favor of implicit TLS and rarely deployed, but is included for completeness and for older/private InspIRCd networks. On servers that don't offer it, the scan reports unsupported/failed and does not downgrade to plaintext registration.
Implementation notes
- Follows the current module conventions (mirrors the recent
omronfins module): TypedModule, BaseScanner, DialerGroupConfig with a separate L4 dialer + TLS wrapper.
- Unit tests (parsers + scripted-server registration and STARTTLS flows), fuzz tests (line/ISUPPORT/registration/STARTTLS), and integration tests against three real services: ngircd (plaintext), ngircd behind stunnel (implicit TLS), and InspIRCd (STARTTLS). Output is validated against a zschema schema.
make lint and make test pass.
LLM disclosure
Whole thing was written by Claude with me at the wheel. I saw other "co-authored" commits so I figure this is acceptable, but wanted to disclose up front. I do understand any pushback.
If you're open to it, I'd like to contribute an IRC module. Per the "Adding New Protocols" guidance, opening this first to check before submitting the PR.
The implementation is already written and tested against a list of common networks, and individual EFnet servers (https://www.efnet.org/#servers), since their list is often stale I personally wanted something to quickly run to validate what's live.
What it collects
Only what an unauthenticated client sees from the standard registration handshake:
Ethical-scanning compliance
The module sends
CAP/NICK/USER(no credentials), answersPING, andQUITs before anything resembling authentication. It never sendsPASS; if a server requires a password or bans the client, that rejection is simply recorded. It only collects information available to any standard client without authenticating.TLS
--ircs— implicit TLS before registration (port 6697), with the standard zgrab2 TLS log.--starttls— the IRCv3 STARTTLS extension. It's deprecated in favor of implicit TLS and rarely deployed, but is included for completeness and for older/private InspIRCd networks. On servers that don't offer it, the scan reportsunsupported/failedand does not downgrade to plaintext registration.Implementation notes
omronfinsmodule):TypedModule,BaseScanner,DialerGroupConfigwith a separate L4 dialer + TLS wrapper.make lintandmake testpass.LLM disclosure
Whole thing was written by Claude with me at the wheel. I saw other "co-authored" commits so I figure this is acceptable, but wanted to disclose up front. I do understand any pushback.