Re: nmap-dev Digest, Vol 73, Issue 12

[David Fifield <david () bamsoftware com>]

On Mon, Apr 04, 2011 at 03:04:59PM +0530, dheeraj suthar wrote:
> Hi,
> I was going through the NSE scripts. I would like to work on the Web
> Scanning and Vuln and Exploitation script as I have previous experience in
> creating scripts for scanning(https://launchpad.net/opengenparser). However
> the problem is that I have worked in python. I can learn Lua once my exams
> get over(30Apr).
> My idea is to present a command line menu based system for the exploits,
> similar to that of metaspoilt. Rather then intializing one script can't we
> create groups and run the scripts for particular platform. This will also
> make future additions easy. We can add the new vulnerabilities as they come
> up through an easy interface(which I plan to design). The deliverable will
> be a script manager which help one to guide the script to choose as per the
> platform.
>  Can you kindly guide how can refine this idea.

A good way to refine your user interface ideas is to make fake images of
what the interface will look like. You can do this in an image editor
without having to write GUI code. Or you can use a GUI designer and not
hook the widgets up to anything. For example, here are mockups for a
host filtering interface we were working on a while ago:

http://www.bamsoftware.com/wiki/Nmap/ZenmapHostFiltering

Have you seen the Zenmap script selection interface? It was a Summer of
Code project last summer. How would your interface be different from it,
or extend it?

http://nmap.org/book/zenmap-profile-editor.html#zenmap-profile-editor-scripting

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/