GSoC/GCI Archive
Google Summer of Code 2015

Nmap Security Scanner

License: GNU General Public License version 2.0 (GPLv2)

Web Page: http://nmap.org/soc/

Mailing List: http://seclists.org/nmap-dev/

Nmap ("Network Mapper") is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).

Projects

  • Feature Creeper/Bug Wrangler I would like to work fixing bugs as they are reported. I am interested in refactoring existing code as needed. I would also like to work on d33tah's suggestion for implementing scanning of Tor hidden services "out-of-the-box" with nmap. Most of this work would be done in the C code in nmap, nbase, ncat, nmap-update, and nping. If needed I can also work on bugs in python portions of the project like zenmap or ndiff.
  • Feature Creepers and Bug Wranglers There are many Nmap bugs and desired features which are quite important but take much less than a whole summer to implement.
  • Hi, I want to apply for the Nmap project for GSoC 2015 Hello. My name is Yang Luo. I am a Grade 1 Ph.D candidate of Peking University, China, and I major in software engineering. I would like to participate in the GSoC 2015 under Nmap project. I want to apply for the WinPcap developer position. I have accomplished some work for WinPcap developer position in GSoC 2013, and I want to continue my work in GSoC 2015.
  • Nmap Scripting Engine — Vulnerability and exploitation specialist I will research vulnerabilities and devising (and implementing) scripts to detect and/or exploit them. I'd like to follow the vulnerability announcement forums and decide which ones merit detection and/or exploitation in Nmap.
  • Web Scanning Specialist The world wide web is massive and vulnerable. Nmap ships with the Nmap Scripting Engine and together they make the go to tool for security professionals across the globe. The aim of this project is to improve Nmaps ability of security testing and analysis of web based applications by adding new scripts and working on the old ones.