← SHADOWCYPHER

Public Roadmap

What's done, what's next, what's coming. Suggest features at GitHub Issues.

// SHIPPED

DONEOpen-source CLI toolkit (32+ tactical scripts)
DONESign-up / sign-in / sign-out + email confirmation + password reset
DONEPer-user API keys (rotate / revoke)
DONEGuardian agent (Python daemon, ARP scan, anomaly detection)
DONEReal-time dashboard (devices, scans, incidents, auto-refresh)
DONEStripe billing — Guardian Pro $9.99/mo + Operator $49/mo (live)
DONEAnnual plan pricing (20% off monthly)
DONE14-day Pro trial, plan-gated features, monthly AI quota
DONEEmail notifications via Resend
DONEAI security assistant (platform / BYOK / self-hosted Ollama)
DONEOutbound webhooks (Slack/Discord/PagerDuty/HTTPS, HMAC-signed)
DONETeam / family accounts (Operator-only owner, plan inheritance)
DONEPWA — installable, offline shell, web-push receiver
DONEGDPR data export + account self-delete
DONEPer-user audit log (sign-ins, key changes, deletions)
DONEOnboarding wizard, status page, public docs, comparison table
DONE2FA / TOTP via Supabase MFA
DONEshadow-cli OAuth login (RFC 8628 device flow — no more paste-key)
DONEReferral program — +30 days Pro per referred subscriber

// RECENTLY SHIPPED

DONEAndroid app — ShadowCypher Guardian APK (Capacitor, GitHub Releases)
DONEShadow Android app — replaces Bixby/Google Assistant; on-device Vosk STT + offline fallback
DONESplunk / Datadog / ConnectWise / PagerDuty / OpsGenie webhook templates
DONECVE alert matching — device-scoped CVE feed matched against your network inventory (hourly cron)
DONEPhishing Forge — 35 enterprise phishing templates, live PHP server, credential capture (desktop app)
DONEC2 Command Center — multi-listener control, session manager, payload generator (desktop app)
DONEShadowScript runtime — lexer, parser, interpreter, engine CLI
DONEShadowOS v0.1.0 — Arch-based live/installable ISO. Hyprland, 250+ packages, 6 hot-swap modes, ShadowCypher + Ollama pre-installed. ISO builds verified at ~7.4 GB.
DONERAG knowledge base (1593 chunks) — live context injection for AI security teams
DONEGemma 4 local model — shadow-gemma4 modelfile, Ollama sovereign config (no telemetry)

// NEXT — active development

// LATER — planned

LATERShadowOS ARM build — Raspberry Pi 5 / Apple Silicon QEMU target
LATERShadowOS OTA updates — in-ISO update mechanism so you don't need to re-flash for new versions
LATERWindows Guardian agent — native .exe version (currently Linux / macOS / WSL2)
LATERShadowScript browser IDE — syntax highlighting, mission runner, .shadow file editor in the web dashboard
LATERiOS PWA — install the web dashboard as a home screen app on iPhone (same Supabase backend, no App Store)
LATEROffline CVE database — local SQLite snapshot of NVD so CVE lookups work without internet
LATERGuardian vault — local-first password/ID/TOTP vault, sovereign alternative to 1Password/Bitwarden

Want something not listed? Open an issue on GitHub or email hello@shadowcypher.site.