Nmap Development mailing list archives
Re: Hi from Larch Chen
From: David Fifield <david () bamsoftware com>
Date: Mon, 28 Mar 2011 12:36:34 -0700
On Mon, Mar 28, 2011 at 03:21:29AM +0800, Larch Chen wrote:
I am Larch Chen, a student major in computer science of Peking University, China. I intend to apply Nmap's GSoC programs and I have read the tutorials. I find two subjects most interesting. One is the Vulnerability and exploitation Script Developer, the other one is Nmap Cloud Scanning Platform.
Hello Larch, thank you for writing to introduce yourself. You have probably seen these already, but just in case here are some links: http://www.google-melange.com/gsoc/org/google/gsoc2011/nmap http://nmap.org/soc/ http://nmap.org/soc/GeneralRequirements.html http://nmap.org/soc/apply.html
I do not know if I understand correctly for these two programs. The first one is to use the /Lua /catch up the most recently & popular vulnerabilities, and add the exploit script to the script archive. The second one is some kind like the current /Nessus/, build up a web server and clients could visit the server through HTTP/HTTPS to do some scanning or checking using the server's computing resources.
I think that you understand the projects. To get some background in NSE you should read http://nmap.org/book/nse.html. Look over the list of available scripts and libraries at http://nmap.org/nsedoc/. In your proposal you should demonstrate that you have a good knowledge of vulnerabilities and exploitation. For the hosted scanner, you should look at http://nmap.org/rainmap/. You can even download the source code; I think it will be quite understandable for someone with web application experience (especially Django). David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Hi from Larch Chen Larch Chen (Mar 27)
- Re: Hi from Larch Chen David Fifield (Mar 28)