mailing list archives
GSoC: NSE script developer
From: Hani Benhabiles <kroosec () gmail com>
Date: Tue, 22 Mar 2011 12:40:54 +0100
I'm Hani "kroosec" Benhabiles, a student from Algeria.
I'm interested by the NSE—Script Developer position and I would like
to apply for the web scanning specialist one as it's where I see
myself shining the most (I was planning to work on w3af
and began studying the code but they didn't get accepted for GSoC.)
I do have some questions/remarks however:
- How should I approach Nmap web scanning ?
Will I've to focus on a certain area ? like Information gathering (seems the
most logical to me),
Vulnerability discovery or exploiting vulnerabilities.
- How will the scripts to be written be chosen ? Will it be the mentor who
community feedback, defined lists (like working on OWASP's Top 10 for
or will I be free to choose what I work on (and justify it of course.)
- How will the script developers collaborate ? Will they have the same
mentor who will be in charge of workload balancing or will they directly do
I would enjoy working with other students on other specialties.
- I do have some issues defining the time line for this project. Should I
base it on the number
of scripts and libraries written or will it be something else ?
While studying the NSE internals, I've written a simple script that grabs
and Adsense IDs of a website.
These could be used to further find websites with the same owner.
I would be glad if they are added to NSE scripts or at least if I'm given
some input and tips on
anything that I've overlooked or I could improve.
I've a very good knowledge of web application and network security that I
would like to
put in service of an open source project. This is my first time applying for
GSoC, so excuse me for
this wall of text. :)
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/
- GSoC: NSE script developer Hani Benhabiles (Mar 22)