Home page logo

nmap-dev logo Nmap Development mailing list archives

How do I contribute to NMAP?
From: Swapnil Deshpande <swapnilddeshpande () gmail com>
Date: Wed, 5 Mar 2014 13:55:06 -0500

Hello all,

I am a student of Information Security at  Georgia Institute of Technology.
I registered for this course because I am really interested in studying
security and working in this domain. However, after  coming here I realized
that I lacked real world experience in this field and want to work on
improving it. For that I participated in a few CTFs ("Hungry Hungry
Hackers" by our very own Georgia Tech and "iCTF" by UCSB). Although, it
looks really good on resume, it can't really compensate for the lack of
experience. So, I thought what would be a better way to gain experience
than to contribute a well known and very useful network scanner, NMap?

I have used NMap previously in the CTFs and also for my own learning
(practicing with vulnerable ISOs such as Metasploitable) and I would really
love to contribute to it. I am especially interested in 1. Web-App
vulnerabilities (XSS, SQLi, etc) and 2. Exploiting vulnerabilities (and in
that order 1 then 2).

Currently, I am thinking of contributing by fixing some bugs with NSE and
any of the scripts in NSE. That way, I could contribute to NMAP and see
practically how various scripts work. Another way I could contribute is by
implementing some of the script ideas on the GSoC script ideas web page (
https://secwiki.org/w/Nmap/Script_Ideas#GSoC). I thought of participating
in GSoC initially but I don't think I make through it as I lack experience
(I have seen some guys with real good experience asking in this as well as
GSOC mailing list). So, I guess I would stick to fixing bugs (I would be
glad if I could implement some scripts in the intrusive(all the web-app
scanning scripts are here) or in vuln or exploit category). Can anyone tell
me where do I find the list of bugs for NSE and/or any better ways to
contribute to the NMap Project?

Thanks & Regards
Swapnil D. Deshpande
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]