George's status report - #12 of 16

[George Chatzisofroniou <sophron () latthi com>]

Here's the report for this week.

Accomplishments:

* Commited http-errors, http-feed, formulas.lua and http-csrf to the trunk.

* Finished http-devframework. Posted it on the mailing list.

* Almost finished http-archive. The script seems to be working properly. I need
to perform some tests and add documentation.

* Almost finished http-blindsql-injection. Time-based injections are working.
Still need to add support for Content-based injections.

Priorities:

* Finish http-archive and http-blindsql-injection and announce them to nmap-dev.

* I don't like the fact that http, url and httpspider libraries share some same
functionality. For example httpspider and http libraries both have their own
implementations for parsing a url or checking if a resource lies within the
target host. I'll see if i can reorganize the code better.

* Write new scripts. One that tries to guess the web server of the target
website and another that performs cookie analysis are probably good script
candidates.

-- 
George Chatzisofroniou
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/