Please don’t use markdown here, we have to paste it into a form. All answers are limited to 1000 chars.
Why does your org want to participate in Google Summer of Code?
The story of Metasploit Framework’s creation and development over the last 13 years is one of community collaboration to create and hone tools useful to a wide range of security practitioners. Its broad functionality, combined with the deep domain knowledge of the mentors, offers a unique opportunity for students to learn about security and exploit development. Many of our contributors are established exploit developers and penetration testers who have years of industry experience that they can share with students. We hope that the experience will inspire students to continue contributing to open source security, as well as providing them with invaluable real-world training in development, security, and remote collaboration.
How will you keep mentors engaged with their students?
All of our mentors are long-time development team members who have a history of helping new users and contributors. Many of our mentors specialize in certain parts of the framework, so depending on the student’s interests, we will match them with the most complementary mentor. Our project administrators will regularly check in with mentors and students to ensure that the relationship is productive and progressing as expected.
How will you help your students stay on schedule to complete their projects?
First, we will ask students to use GitHub’s Projects to track progress in real time as they are working. Mentors will help students divide projects into manageable chunks with measurable milestones. This will help students learn how to manage and break up tasks on large scale projects. Additionally, students and mentors will need to collaborate on a weekly status report that describes their progress and send it to the mailing list.
How will you get your students involved in your community during GSoC?
Students will use the same channels that all our contributors use: IRC and GitHub. Students will follow the same procedures of code review that all our contributors follow. By providing them with the same communication channels that our community uses, we hope to encourage the students to interact and collaborate with other contributors and users and to explore additional resources beyond their mentor. Hopefully, this process will give them a network of support and illustrate the advantages of working with other minds.
How will you keep students involved with your community after GSoC?
Based on the success of the project, we will encourage students to apply for committer rights at the conclusion of GSoC, include them in Metasploit roadmap discussions, and invite them to special community events. After the conclusion of GSoC we will encourage students to write about their experience on Metasploit’s community blog, which will give their work greater exposure to the overall security community.