|Version 7 (modified by nopper, 4 years ago)|
Sometimes you need to scan something quickly. And, honestly, finding the Umit's icon in the midst of a bunch of other apps icons, or inside a app menu full of icons, to get Umit open and then run a scan is not as quick as we want it to be, nor as quick as it need to be for a busy network administrator. That's why they prefer to use the terminal prior to using Umit. We love the command line, but we also love information and that's what Umit stands for, and the goal of this idea is to provide a meaning of using Umit faster than using the terminal for running a scan and getting the relevant information from it.
How could we provide a meaning for using a graphical interface faster than using the terminal that is already open? Keystroke. With a combination os keys, we can open a small sized and light-weight window with an input, in which user can quickly enter a target, and watch the relevant results appearing in the screen, with relevant information highlight, and shortcuts for using that information (using the yet to be implemented quick-connect feature). Also, user is supposed to easily open the complete umit interface with the recently made scan result for better appreciation.
The quick scan window is supposed to have 2 levels of contents. The first level is the level in which the window is open, and it features the minimum amount of widgets as possible, reducing its size in the window and improving usability by avoiding visual confusion of where things are. The second level of content appears as soon as the scan start, and it shows the relevant informations about the scan result and a button to open the main Umit interface with the current scan result.
The quick scan window should feature:
- Target input (1st level)
- Profile Selection (1st level)
- Scan Result (2nd level)
- Button for openning the main Umit Interface (2nd level)
- Specifics portings for the following: gnome, kde, windows, mac os x
- Plus: A dashboard widget
- Automatically set the keystrokes for openning quick scan, and main umit interface in the platform
- Create a quick-starter, to pre-load some stuffs and make umit and quick scan launch quickly
Clippit Everybody knows Clippit, the animated assistant that features Microsoft Office. It would be nice to have one a animated assistant to take care of helping users in some situations, and I'm sure that it is going to help Umit on every new feature that it might have in the future, showing to the user how to better analyse the scan results that he got, suggesting things that he can do with the result, and even what that result means. There are a lot of things that can be done with it. The student willing to apply for this idea, must take care of making it extensible in a manner that makes it easy to be used and integrated to future projects. Also, it is a good idea to support assistant switch, letting users switch the assistent from (for example) a animated pill to a animated HUB (??). Volunteers for the animations and designs are very welcome to help our studnet on this task! And, of course, we're going to give you the proper credits for your work on our website and at the Credits window of Umit.
Nmap Wrapper for Python
The wrapper intention is to provide a module from which you can create an Nmap instance, set the desired options and targets and run it without the need of executing it in another process. The wrapper must allow access of Nmap funcionalities like estimated time to finish the scan and runtime user interaction.
User's almost won't note any change with this wrapper. This is a feature that is going to make Nmap and Umit developers life's easier, while adding new features or even integrating with future Nmap options and functionalities.
Last year we have a student working on this feature, and we get far with it. But still, we have a lot of work to make that couldn't be done in only one Summer. The goal of NSE Facilitator is to provide a good NSE experience for average users, who doesn't know NSE much but still need to use it to get their job done. And our work, is to help them have their job done quickly. We need some ideas on how to improve NSE, and ease its use for the average user. Students willing to apply for this project, are expected to interact with the plugins project, as they're closely related projects and one can benefit or injure the other project. If you're willing to work on a proposal for this project, take a look at where we currently are with NSE Facilitator at https://svn.umitproject.org/svnroot/umit/branch/NSEFacilitator .
Independent features envolves the development of small features, bug hunting and usability improvements on all Umit codebase. Although most part of the features the student will have to work on will appear during the GSoC, we already have listed some we currently are aware of:
Umit lacks unit test suites, and that is in need. An effort in order to have test suites is going to be made by independent features students.
Some saved scans take a relatively long time to load and after loading it takes time to move around its results and tabs. The reasons for this should be found and the code should be improved then.
- Don't freeze
This is totally related to the previous sub-section. While loading some scans besides taking a reasonable time, umit is totally frozen too. It would be interesting to eliminate this behaviour.
- Nmap output weird text
Depending on the loaded scan, Nmap output tab displays pretty weird text. This hapenned with scans that took reasonable time to load, so this may be related to the previous sub-sections.
- Huge file import for pcap files
- HexView with insert mode - maybe should be rewritten from scratch (see also bless hex editor)
- Scripting interface/Metalanguage to support both backends
- Update UMPA backend
- Implement attack framework like ettercap
- Implement plugins like hping frontends that could be shared also with UMIT project
We intend to extend UmitBT's functionality by integrating Bluetooth protocol sniffing capabilities. Bluetooth protocol sniffing would allow users to monitor Bluetooth traffic to understand their Bluetooth spectrum in an indepth manner. Currently, Bluetooth protocol sniffing is available through costly hardware and software packages. This idea would allow users to sniff Bluetooth packets and display it in an intuitive manner similiar to Wireshark. Considerations for this idea are:
- Integrated into UmitBT
- Sniffing capability should be multi-platform. Implementation may vary.
- Understanding of PyBluez? and LightBlue?.
- May require intermediate knowledge on Bluetooth firmwares
The impact of this idea is vastly significant to the community as this would be the first open source implementation of Bluetooth protocol sniffing. Students would be apart of making history with us.
UmitWeb Server Enhancements
As the Umit's web interface, UmitWeb needs a web server to get it running. Actually it has its own web server. It can receive requests, store session data, and do all the basics that a web server should. If you're willing to participate this year on improvements to the UmitWeb server, here are some hints we can list to inspirate you:
- Multi-threading request work.
- Adapt web server for WSGI-compliance.
- Make a service-layer, to make umit for desktop able to do scans remotely too.
There are some features that are not webserver-related, but it can be useful for a user that doesn't want to run UmitWeb on the built-in web server. The task is to make dispatchers for mod_wsgi/mod_python, cgi and FastCGI, to allow UmitWeb to run on Apache, IIS, etc.