Query !! GSOC !!

[Rewanth Cool <ravatheruler4 () gmail com>]

Hi Dev team,

I'm came across a tool called "fimap" on the github. But unfortunately
that's not in any list of the orgs finalized by GSOC.

About FIMAP:

Fimap refers to File Inclusion mapper similar to SQLmap (SQL mapper) and
Nmap (Network mapper) but for Local File Inclusion and Remote File
Inclusion vulnerabilities instead of SQL and Network vulnerabilities.

Fimap tool was created 7 years ago and was left without any development
since then. This is a great tool which was sub merged to the bottom of the
world without recognition inspite of excellent features. I thought it would
add name to nmap organization also.

The tool allows the end user to identify vulnerabilities in the given web
page, upload backdoors, shells, reverse TCP connections and many more. This
tool will be a boon for the penetration testers if developed perfectly
under experts guidance.

I did my homework on this and I do have some nice ideas to improve it
further. I just need an organization to take up this project so that it can
be developed further.

I read on the nmap ideas page where it was mentioned that nmap is not
willing to undertake other projects apart from tools related to nmap but I
thought this tool would bring fame for nmap also.

I found one developer who is willing to sign the GSOC PSF as a mentor for
the "fimap" project and he also contributed to nmap previously through GSOC.

I had done good research on this tool, studied the source code and I'm
ready to make the flow charts for its upgradation.

Coming to myself,

I developed an automated web vulnerability scanner an year ago for a
company and now that tool is being sold at $2000 per year after some
upgradations.

I also worked as a security advisor for a company named Oxcean.
http://oxcean.com/about.html

I mentioned my work experience as I wanted to let you know that I do have
experience in this field and I'm confident enough that I can the develop
this project to the next level.

I would request you to discuss about sponsoring the "fimap" tool with the
admins of the organization and update me with your final decision.

If nmap is interested in knowing my plans for development of this project,
I would love to explain them.

Fimap Source Code: https://github.com/kurobeats/fimap

Best regards,
Rewanth.

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/