nmap/todo/gorjan.txt

=====
GSoC 2011 participation: Discovery and miscelaneous script specialist 
=====

Work in progress:

* ip-geolocation waiting on response to issue with gmtime() from ntp servers

* ip-geolocation BGP usage, and RIPE local data search method (more of a whois script); Related to Jacob's blockfinder

* broadcast-ping.nse

* snmp-brute port to brute framework
There are a couple of default passwords that snmp-brute uses atm which should be
considered even when it's the brute.lua is used

=====

ToDo:

* bgpmon-info analyze

* bittorrent-dht-nodes

* lldp - write script proposal
http://en.wikipedia.org/wiki/Link_Layer_Discovery_Protocol

* disjunctive-traceroute analyze feasibility
http://ccr.sigcomm.org/online/?q=node/398

* backorifice-brute "fire-and-forget" UDP method

=====

Maybe (the ones with ** aren't on the Script_Ideas Page yet)

* Bonjour / mdns / llmnr etc. 
(DNS protocols support) + backscatter into dns scripts where applicable?

* targets-asn 
John Bond is working on this. It's called asn-to-prefixes. Perhaps I could 
review it, asist so it makes its way to the library faster? On the other hand
there already are a couple of people assisting.

* targets-dhcp
dhcp-discover as a prerule, so it doesn't run by default. But it doesn't run by 
default. It's discovery, intrusive, but not default. Maybe just add the prerule 
there, and some way of forcibly initiating the prerule (like an argument).

* hnap-info 
* hnap-auth-bypass
A nice hnap library would be fitting, that will make these scripts a breeze. 
I'd need testing equipment, or some :S implementation.

* vuze-dht-version
* Nbstat.nse -> change to using a broadcast prerule
* SSL renegotiation
* soap.lua
* xmlrpc.lua

=====

Completed:

* snmp-interfaces patch related to mac-geolocation
* mac-geolocation
* stdnse.lua: in_port_range()
* backorifice-brute
* backorifice-info

=====