GSOC 2012 Web scanning specialist

[Chetan Hosmani <chetanhosmanigsoc () gmail com>]

Hello

I am Chetan Hosmani. I am doing my majors in Electronics at Birla
Institute of Technology and Science, Pilani. I am in my last year and
have plenty of time.

I have always been very interested in security related fields and now
am intrigued by Nmap's Lua scripting engine. Although I had never used
Nmap before (I have experimented a lot on packets using Wireshark and
AirPcap though) I feel I can enjoy working at Nmap, and gain and
contribute to the community.

The project on Web scanning specialist is very interesting. I feel I
have the relevant experience in this area.

I have worked on several HTML JavaScript based websites (links to
which I will add in the application).
Presently I am working on my academic project in a private firm that
deals with HTTP header injection, SQL Injection, XSS based security
threats. The technology involved however is J2EE (GWT as well as JSP).
I have a good idea of the server side vulnerabilities that exist and
how they are secured.
Apart from this I have worked on PHP based sites (again the exact
details I prefer to add in the application).

For the GSoC project I have been going through the HTTP based scanning
scripts and am getting a hang on Lua.

So I would be really grateful if you could throw some pointers or
ideas on what I could do. Any specific tasks (apart from building
Nmap, zenmap, etc.) that would help me judge my own application would
also be very useful.

Also I loved the idea of a slacker, and will definitely send in a
competitive application there :)

Thank you

Chetan
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/