Nmap Announce mailing list archives

Previous By Date Next
Previous By Thread Next

Nmap GSoC 2017 Success Reports

From: Fyodor <fyodor () nmap org>
Date: Tue, 10 Oct 2017 13:13:24 -0700
Hello Nmap Community,

Nmap celebrated its 20th birthday last month and we also just completed our
13th Google Summer of Code.  We focused on a fairly small team of four
students this year (http://seclists.org/nmap-announce/2017/2), and I'm
happy to report that every one passed!  And they all have code integrated
into Nmap 7.60 already, with even more to follow for the next release.
Also this year, for the first time, every student wrote a detailed wrap-up
post describing their work over the summer.  Let's see what they
accomplished:

*Evangelos Deirmentzoglou* spent the summer enhancing Nmap and Ncrack,
including finishing the new Nmap SSH integration!  His mentor was Fotis
"Ithilgore" Chantzis.  In Evangelos' own words:
https://gist.github.com/edeirme/0f59b190580eb8d2724c7478c0a3d874

*Rewanth Cool* worked with Dan Miller on a wide variety of tasks all over
the Nmap codebase, but focused on the Nmap Scripting Engine.  He wrote a
great post, complete with pictures and screenshots, describing his
successes and failures over the summer:
https://medium.com/@rewanthcool/gsoc-2017-with-nmap-security-scanner-80d9bd54a97a

*Vinamra Bhatia* worked with prolific Nmap developer and author Paulino
Calderon to improve NSE for web scanning.  A lot of his smaller projects
have already been integrated, and he's working to polish and finish some of
the larger ones such as the new HTTP cookies library:
https://docs.google.com/document/d/1ShbRCvbYjqUweKJHKC6pRcgmkQJcLTJaZfxtfQpRYkQ/

*Wong Wai Tuck* worked with former Nmap GSoC student George "Sophron"
Chatzisofroniou on improving NSE for pen-testers.  He wrote scripts for
detecting many vulnerabilities (Sambacry, smbloris, Puppet naive signing,
Joomla SQL injection, etc.) as well as improving the exploit library and
writing a password profiling library:
https://gist.github.com/wongwaituck/9dc2ba2cf0e265df88fb2f39feedba87#

Great work.  They (students and mentors) all deserve a round of applause
for their successes this year! And so does Google for making all of this
possible.  They have spent tens of millions of dollars sponsoring thousands
of students to work on hundreds of open source projects.  Nmap by itself
has now mentored 82 GSoC students in the last 13 years and some of them are
now top Nmap developers and GSoC mentors.  In fact, we're one of only 7
organizations to participate in all thirteen GSoC summers.  If you enjoy
Zenmap, the Nmap Scripting Engine, Ncat, Nping, or Ndiff, you're using
features developed in a large part by previous Summer of Code students!
Google even posted an inspiring story about one of our past students to
their Open Source Blog:
https://opensource.googleblog.com/2016/02/coming-to-america-how-google-summer-of.html

Meanwhile, three of our mentors (George, Paulino, and Ithilgore) are
heading to California to attend the Google Mentor Summit this weekend.
This will be a great chance to talk about what worked, what didn't, and
plan for next year!  And yes, Google has already announced GSoC 2018:
https://opensource.googleblog.com/2017/09/announcing-google-summer-of-code-2018.html.
Now is a great time for potential candidates to start preparing.  We and
most other open source organizations give GSoC selection preference to
experienced open source contributors.  Even small improvements they've made
to our project or others demonstrate coding ability, ambition, and how well
they work with a team and handle feedback!

Cheers,
Fyodor

PS: For those who are interested, here are our previous success (pass)
rates and wrap-up reports:

2017 (4/4 - 100%) [this report]
2016 (5/5 - 100%) http://seclists.org/nmap-announce/2017/0
2015 (5/5 - 100%) http://seclists.org/nmap-announce/2015/4
2014 (4/6 - 67%): http://seclists.org/nmap-dev/2014/q4/108
2013 (3/3 - 100%): http://seclists.org/nmap-dev/2013/q4/108
2012 (4/5 -  80%): http://seclists.org/nmap-dev/2012/q4/138
2011 (7/7 - 100%): http://seclists.org/nmap-dev/2012/q1/542
2010 (8/8 - 100%): http://seclists.org/nmap-dev/2011/q1/708
2009 (6/6 - 100%): http://seclists.org/nmap-dev/2009/q4/148
2008 (6/7 -  86%): http://bit.ly/googleblognmap
2007 (5/6 -  83%): http://seclists.org/nmap-dev/2007/q4/24
2006 (8/10 - 80%): http://seclists.org/nmap-dev/2007/q1/235
2005 (7/10 - 70%): http://slashdot.org/comments.pl?sid=183143&cid=15133184
_______________________________________________
Sent through the announce mailing list
https://nmap.org/mailman/listinfo/announce
Archived at http://seclists.org/nmap-hackers/
Previous By Date Next
Previous By Thread Next

Current thread: