mailing list archives
George's status report - #9 of 16
From: George Chatzisofroniou <sophron () latthi com>
Date: Mon, 5 Aug 2013 02:57:05 +0300
This is the 9th report for my Google Summer of Code project.
* Finished http-useragent-tester. I've experimented with a couple of ideas. I
think this script is ready to be commited. Although, I'm still investigating
some ideas, so there is a posibillity to come back and do some improvements on
the script later.
* Finished http-csrf, a script That detects Cross Site Request Forgeries (CSRF)
vulnerabilities that exist in HTML forms.
* Started http-feed. This script finds rss or atom feeds on a website. A first
version is ready, but i need to do some optimization.
* Started http-errors. This script finds "500" responses. I wrote the first
sample, but i'm looking for ways to extend it. Maybe we can identify the
underneath framework or CMS by studying the error pages.
* Finish http-feed and http-errors.
* Post some stuff to the list for a review and commit other (reviewed) stuff to
* I think NSE lacks of a script that detects blind SQL Injections. I should
code this one.
* There is also the http-framework script that i need to finish.
Note, that i'm going to have some vacation time for the next four days. i'll
able to read any emails, but i won't be on the computer for too long though.
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/
- George's status report - #9 of 16 George Chatzisofroniou (Aug 05)