[sqlmap-users] Seeking web developers to join the sqlmap project

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi,

Sooner or later all projects go web and with the over hyped web 2.0
era and the high availability of eye-candy web development frameworks
we have plans to follow the infosec tools herd starting by developing
a RESTful API to interact with the sqlmap engine independently from
the command line.

As of a couple of days ago we do have an XML-RPC service[1] thanks to
Miroslav, although we have decided internally after much bitching to
replace it with a REST-JSON API[7] to let anyone script and interact
with the sqlmap engine via HTTP.
The idea is to put the API behind some kind of authentication and
allow concurrent sessions by different "users" whereby sqlmap API can
be run (e.g. python sqlmap --daemon or similar) on a predefined
interface and TCP port and clients can query the API on such TCP port
to mount attacks against a single target or multiple targets[5].

Needless to say that we are at an early design phase hence this email.
It is that time of the year again when the most prepare for holidays
and celebrating Christmas with family (enjoy!) and the few Internauts
addicted contribute towards the sqlmap project with ideas and code[2]
so if you feel like:

* You have experience with web development in Python or..
* ..you have motivation and time enough to learn how to develop a
RESTful API in Python and..
* ..you are familiar or keen on learning Python web frameworks like
Flask[3] and Bottle[4] and..
* ..you have the guts to commit your time to discuss the design of
this (or others) feature and contribute code[2] to one of the most
acclaimed[6] and discussed (blamed sometimes) IT security tools out
there..

..then do not hesitate to reply to this email either privately to us
only (de...@sq...) or publicly hitting the "Reply" button in your
favorite mail client.

We look forward to reading from you. Yes, I am looking at you Python
software developer with web skills!

[1] https://github.com/sqlmapproject/sqlmap/issues/287
[2] https://github.com/sqlmapproject/sqlmap/blob/master/CONTRIBUTING.md#submitting-code-changes
[3] http://flask.pocoo.org
[4] http://bottlepy.org
[5] how cool is this
[6] http://sectools.org/tool/sqlmap/
[7] https://github.com/sqlmapproject/sqlmap/issues/297

--
Bernardo Damele A. G.

E-mail / Jabber: bernardo.damele (at) gmail.com
Mobile: +447788962949 (UK 07788962949)