Google Summer of Code — Final Submission

Shaddy Garg
3 min readAug 11, 2018

--

For the last three months, I’ve been working with OWASP, an open source organisation selected for the Google Summer of Code program. It has been an amazing experience and I’ve learnt a lot over the summer under the mentorship of Ali Razmjoo.

This post links to all the work I’ve done during the program. There have been a total of 12 PRs, around 43commits, 5000+ additions. This summer has definitely boosted my self confidence and also my Github activity.

About the project

OWASP Nettacker project is created to automate information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information.

OWASP Nettacker

My work was to add many new features into the framework and fix the existing bugs and I am proud to say that I have done my part in making the framework better. The final product after my GSoC project has a very robust multi database support. I am currently working on adding support for MongoDB to the framework. I have also added the local maltego tramnsform package to the framework so that people can work with it easily.

I also implemented a HTTP Fuzzer library into the framework so that pentesters can write their own fuzzing scripts which can be run by nettacker. I fixed various bugs during my duration for GSoC. In the last part of my GSoC period, I added the tutorial using introJS for the web framework and made the web view responsive for phones and tablets.

Links to my work

  1. Link to SQLAlchemy migration
  2. Link to the HTTP fuzzer
  3. Link to the maltego transform
  4. Link to the tutorial part of web view
  5. Link to the new signatures in the service scanner
  6. Link to the PR which makes framework responsive

Links to the various bugs solved

  1. Link to solution of Issue #111
  2. Link to solution of Issue # 172
  3. Link to solution of Issue #165

Here is the link to all my work done during GSoC.

Status of the project

I have completed most of the tasks assigned. The only task left is adding support for MongoDB which I plan on adding soon.

Not ‘the end’

I’d like to thank all my mentors and community members for the constant support and motivation. Special thanks to Ali Razmjoo for all the guidance. Had he not been, the project wouldn’t have been a successful one or I hadn’t done GSoC in the first place.

It has been a thrilling summer over all. I’m now familiar with a large part of code base and would continue to contribute to the project and improve the performance. GSoC is not the end.

Not to forget, Thanks to Google for organising such an awesome program.

--

--

Shaddy Garg
Shaddy Garg

Written by Shaddy Garg

Security Enthusiast | Undergrad at IIT Roorkee

No responses yet