Home page logo

nmap-dev logo Nmap Development mailing list archives

George's status report - #8 of 16
From: George Chatzisofroniou <sophron () latthi com>
Date: Tue, 30 Jul 2013 02:53:30 +0300

Hello everyone.

We are right in the middle of GSoC and here's my 8th report.


* Posted http-useragent-tester to this list and did some improvements based on
  the feedback i got. There are some things i need to do, to commit this script to
  the trunk.

* Finished http-dombased-xss.nse.
    * Added more patterns.
    * Fixed some mistakes.
    * Wrote documentation, comments, debug msgs.
    * Posted it to the list.

* Finished http-mobileversion-checker.
    * Added a feature that checks if the mobile version lies on the same host.
    * Wrote documentation, comments, debug msgs.
    * Posted it to the list.

* Improved http-csrf.nse.
    * Made a good working version.
    * I had to tackle a bug in parse_form function in http library to make
      this work properly.

* Wrote some code that checks if a site is build with Django framework. I'm
  still thinking if this script should be more generic and performs tests for
  other frameworks as well.

* Commited whois scripts and nnposter's patches to the trunk.

* Came up with new ideas.
  - I found out that my idea about tor-checker is implemented in
  - Patrick mentioned an idea of a script that checks for common vhosts. I don't
    think that a script currently tells that.


* Finish http-useragent-tester.

* Finish http-csrf and post it to the list.

* See what to do with my Django code.

* Write new scripts. Maybe i should improve the SQL injection area of NSE next.

George Chatzisofroniou
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]