I think the best way to learn a new (programming) language is to address a real world problem :). So here is one, I want to solve in the next few months.
One of the things I like to do as part of a evaluation security process is to check the amount of public information available for a website. I frequently find that people find information leakage from websites they thought were secure or not publicly accessible.
The idea is to create a python script to do the following
- Must have
- Inject list of hostnames and do the following
- Check whether they resolve to a public IP or not
- If resolving to public IP, check the amount of data being exposed by this site by doing a quick google search
- Report on the amount of information available sorted by amount
- Inject list of hostnames and do the following
- Nice to have
- take domain name instead of hostnames and try to do a domain transfer and capture all hostnames in the domain
- leverage Google API instead of web scraping
- web interface to allow input and show output
Why python? Well, I have been trying to learn it for sometime now and I think it is time to put all that learning to use :).
Anyone interested in joining the fun?
Ill join in on the fun, but if you are learn so will I 🙂
My Request:
– Use Flask for the framework (I am a django guy, but heard nothing but good things about flask)
– If we use a VPS to host it, we should use nginx (httpd for the longest but its time to move with the trend lest be left behind!)
– Use Bootstrap 3 (or new html framework, I have been using Bootstrap 2 for almost a year now; in technology terms…outdated :p)
– After we complete the project, we publish it on github for the world to use 🙂
Feel free to reach out if you want to work on this!