Record of Rejected Potential Plugins

This wiki pages purpose is to help users and developers understand why Scrummage doesn't include some third-party sites. The Scrummage project is constantly adding, reevaluating, upgrading, and on occasions decommissioning plugins. In the fast paced world of Cyber Security, a platform like Scrummage can't afford to be stagnant. Even items on this list can be reevaluated if the reason for a plugin's initial rejection is later resolved.

Where possible, the Scrummage project integrates with third-party sites offered in other languages, just check out our Yandex, Vkontakte, OK and Naver plugins. However, the project team needs the ability to translate those sites to a language the development team can understand to be able to develop the plugins, which can often be achieved with browser extensions. However, sometimes sites make this process too complex/convoluted. So ultimately where possible, integration with these third-parties is achieved.

Here is a list of common reasons why a third-party tool or API won't meet our requirements, links have been included for convenience:

1. COST - Registration comes with a cost that is not easily affordable by individuals. (Only a select few APIs that have a cost remain as plugins)
2. COMPLEXITY (REGISTRATION) - Registration is complex and has requirements that are not simple to meet.
3. COMPLEXITY (INTEGRATION) - This is usually when the behaviour of the site, or the way it returns data makes it overly complicated to build a plugin for. Thus, our scoping has deemed that the pros don't outweigh the cons.
4. AVAILABILITY - The site/API lacks sufficient endpoints needed to extract useful data.
5. EFFICIENCY - Not a very common issue, but if the third party site has significant delays in returning the data.
6. REDUNDANCY - When an existing plugin provides sufficient pre-existing coverage that means adding the plugin adds no value and therefore is not needed.
7. INSUFFICIENT PURPOSE - When the end result of the site is not worth correlating, or the user won't get value from its integration with Scrummage.
8. OVER LOCALISED - When a site is too specific to a small geographic region, or requires a great amount of detailed information.
9. OVER SIMPLIFIED - When the results are from a pre-defined list, such as a predefined list of domains to check malicious activity for, in this case we'd want to be able to search for any domain.

Third-Party Tool/API	Primary Reason(s) for Rejection	Additional Notes
Facebook - Graph API	COMPLEXITY (REGISTRATION)	N/A
LinkedIn - Graph API	COMPLEXITY (REGISTRATION)	N/A
WikiLeaks	COMPLEXITY (INTEGRATION)	N/A
Plugins requiring TOR proxy	COMPLEXITY (INTEGRATION) and EFFICIENCY	N/A
HoneyDB	COST and REDUNDANCY (Twitter can be used to get the necessary data)	N/A
Project Honey Pot	AVAILABILITY	N/A
BitBucket	AVAILABILITY (WORKSPACE REQUIRED)	N/A
GitLab	COST	N/A
Google Maps	COST, other free map solutions often have INSUFFICIENT PURPOSE	N/A
Bing	COST	N/A
Censys	INSUFFICIENT PURPOSE and REDUNDANCY	N/A
Yahoo	COST	N/A
Onion Search Engine	AVAILABILITY AND REDUNDANCY
Orange Search Engine (France)	AVAILABILITY and COMPLEXITY (REGISTRATION)	N/A
SunCalc	INSUFFICIENT PURPOSE	N/A
Court Listener	OVER LOCALISED	N/A
PhishTank	OVER SIMPLIFIED	N/A
White/Yellow Pages	AVAILABILITY	N/A
Been Verified	AVAILABILITY	N/A
Ancestry	COST	N/A
Public Records (For the most part)	OVER LOCALISED	N/A
Baidu	OVER LOCALISED and AVAILABILITY	N/A
Snopes	AVAILABILITY	N/A
TikTok	OVER LOCALISED, AVAILABILITY, also general privacy concerns.	N/A
Wayback Machine	OVER SIMPLIFIED and INSUFFICIENT PURPOSE	N/A
Global Terrorism Database	AVAILABILITY	N/A
Bambenek Consulting C2 Tracker List	COST	If you have this list available and can host it on an internal URL, you can add the list to the RSS plugin, by editing the RSS_Feeds.txt file in the config directory.
Total Hash	AVAILABILITY	DNS-Based API
Malware Domain List	AVAILABILITY - RETIRED	N/A
Bambenek Consulting	COST	N/A
Hacker Target	COST	N/A
Scylla API	AVAILABILITY	N/A
ARIN	AVAILABILITY	N/A