CN106022135A - Automatic detection system capable of dynamically determining XSS vulnerability - Google Patents
Automatic detection system capable of dynamically determining XSS vulnerability Download PDFInfo
- Publication number
- CN106022135A CN106022135A CN201610099346.0A CN201610099346A CN106022135A CN 106022135 A CN106022135 A CN 106022135A CN 201610099346 A CN201610099346 A CN 201610099346A CN 106022135 A CN106022135 A CN 106022135A
- Authority
- CN
- China
- Prior art keywords
- page
- module
- decanting point
- attack
- vector
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Abstract
Provided is an automatic detection system capable of dynamically determining XSS vulnerability. The system is formed by a crawler module, a dynamic vulnerability detection module, and a user interaction interface. A software system introduces a library including a browser core, and can simulate browser behaviors to parse JavaScript and load Ajax to obtain hidden injection points and interaction points in a page, and through static analysis of a page structure, an unconventional Web submit request method is found. Compared with a conventional static method and a method not including a dynamic determination module, coverage rate of injection point identification is greatly improved. For a test of the injection points, a black box method is used, and internal logic of a server is not needed to consider. After an attack vector is submitted, through simulating browser behaviors, whether abnormal conditions occur in the page is detected, that is, the system can detect whether the browser executes a web script, and can directly determine whether a current injection point has vulnerability, and the system is more accurate. In addition, the system is completely developed by using a Python language, and is characterized by easy maintenance and secondary development.
Description
Technical field
The present invention relates to a kind of automated detection system that can dynamically judge XSS leak, belong to computer software fields.
Background technology
In recent years, along with being widely used of Web application, Web safety problem also becomes increasingly conspicuous.2013 of OWASP announcement
In ten big Web application safety risks, cross site scripting leak XSS (Cross Site Scripting) comes in third, and this shows XSS
Leak become current all kinds of websites need common faced by one of common security risk.
The generation of XSS leak is not verify owing to being employed program from the insincere data of user, and
It is reflected back browser and does not carry out encoding or being processed in the case of escape, cause browser engine to perform code
Time.A lot of websites have ignored the input validation of necessity on stream, lacks enough safeties, and such website holds the most very much
Easily it is attacked by cross-site scripting.Malicious script can be submitted to exist the Web page of XSS leak by generally assailant, when client is used
When family browses this page, script can automatically be resolved execution by browser, reach hang horse, go fishing, steal user Cookie, kidnap use
The purposes such as family Web behavior, therefore, the detection to XSS leak is very important.
Usually, the place that there may be XSS leak in Web page is referred to as decanting point.How to find in a large amount of pages
Potential decanting point also carries out detecting one of the key being to take precautions against XSS leak, is also a numerous and diverse job simultaneously.In website
Holding the today become increasingly abundant, manual detection decanting point is the most unpractical, and needs to use as far as possible automatic mode.Network
Reptile is important basic function for network automated test tool, and it can pass through from the beginning of an initial URL
Analyzing the content of webpage, using related algorithm to find new URL constantly circulation to capture webpage, until meeting certain end
Condition, thus obtain the substantial amounts of page to find decanting point.After finding decanting point, testing tool reconstructs attack test request and sends out
Give targeted sites, and judge whether leak according to the echo message of targeted sites.
Currently for the research of automatization XSS Hole Detection instrument be not the most the most sufficient, traditional method be all with static state
Reptile crawls the page, and the bibliographic structure by acquisition targeted sites, the source code to each page resolve, by list therein
Information extracts, to reach to find the purpose of decanting point.But, instantly webpage be supplied to user input mode multiple many
Sample, form also becomes increasingly complex, and some decanting point needs, by user operation, as clicked on certain button, to make browser resolves
JavaScript or loading Ajax could generate, and some decanting point then can not be searched by simple canonical, needs deep analysis
Structure of web page just can find its way of submission.Tradition reptile function singleness is the most thorough to web page analysis, it is also difficult to resolve
JavaScript or loading Ajax, thus the least to real decanting point coverage rate.Simultaneously when page parsing, tradition reptile is also
Need to extract whole list content, obtain the attribute of list by analyze could submit in the way of server submits data to attack to
Amount, more complicated, and can not dynamically analyze the echo message of targeted sites in terms of Hole Detection, therefore may not necessarily judge
Go out whether XSS leak exists.
In sum, in order to preferably carry out Aulomatizeted Detect, the present invention is to tradition reptile crawling in Hole Detection
The page, extraction decanting point, carry out attack test and four steps of analysis result strengthened, and realize the merit in terms of following two
Can: 1. it is able to carry out page script and deep analysis webpage format and injects to obtain concealed decanting point and unformatted in the page
The reptile framework of point.2. the logical mode dynamically analyzed judges the high efficiency method whether XSS leak exists, and compensate for traditional method
Defect.
Look first at the defect of traditional method:
1. acquisition decanting point step:
Traditional method is when obtaining decanting point, and the list generally found in server back page is tested.But should
Request in the page, some is not submitted to by list, and we are defined as unformatted decanting point, such as:
<input type=" text " id=" header_search_input "/>
< input type=" button " onclick=" search ($ (' #header_search_input') .val
())"/>
Submitting to of the value of this decanting point is realized by the search function of JavaScript script edit.
Also some request can not find in this back page, needs to update content of pages by Ajax the most permissible, I
Be defined as hide decanting point.Traditional method processes extremely difficult for such decanting point, needs to come by dynamic method
Realize.
2. test and analysis result step:
The test module of traditional method submits vector of attack according to the parameter extracted to server
<script>alert("XSS");</script>, request message form is as follows:
GET/s?Wd=<script>alert (" XSS ");</script>
HTTP/1.1
Host:www.baidu.com
Tradition reptile carries out static analysis to returned packet afterwards, if server returned packet encodes containing not carrying out or
The submission parameter of escape, i.e.<script>alert (" XSS ") in present example;</script>, then this script can be by browser
Engine performs, and illustrates to there is leak.
But after actually still suffering from the server parameter escape to submitting to, the situation that script is still performed by browser, as
Assume that<script>in parameter can be deleted by server, then only need to submit following statement to:
GET/s?Wd=<scri<script>pt>alert (' xss')</script>
HTTP/1.1
Host:www.baidu.com
After<script>is deleted, the parameter of submission becomes<script>alert (" XSS ");</script>, still may be used
Easily to walk around filtration, it is seen that traditional method may not necessarily conclude whether XSS leak exists.
Therefore, we determine the method using dynamically analysis, are detected by behavior when checking web application operation
XSS leak.Design dynamic reptile framework simultaneously, and based on its characteristic, propose a kind of more effectively Black-box Testing method, make up
The defect of traditional method, to complete the present invention.
Summary of the invention
Present disclosure is:
1. propose one based on the reptile framework containing browser kernel, it is advantageous that analysis the page time, Ke Yigen
Extract obtain unformatted decanting point in the page according to the feature of decanting point rather than simple list.And by browser
Core, automatic imitation user behavior performs event in webpage, to load Ajax to obtain hiding in the page decanting point.
2. propose a kind of by submitting vector of attack to, dynamically analyze and return result, judge what whether XSS leak existed
Method.The method realizes details and is described below, and due to method self character, there's almost no wrong report.
3. relevant framework and determination methods are tested, demonstrate its effectiveness.
Native system, by dynamically analyzing detection XSS leak more accurately, has been designed and Implemented decanting point resolution higher
Reptile framework, and show the detection information integrated by user interface.
For reaching above goal of the invention, discussing through research and repeatedly practise, this software system determines that final scheme is as follows.
1, overall system design
Native system is broadly divided into reptile module, detection module, the big module of subscriber interface module three, and this three big module is wrapped
Contain some submodules to realize Core Feature, wherein:
(1) reptile module enhances and crawls the page and extract the step of decanting point, and this module uses Ghost.py as clear
Look at device engine, use depth-first reptile, constantly circulation to capture webpage and be stored in URL queue, until by the same area page under one's name
All access, thus obtained the substantial amounts of page and detect for detection module.There is provided for employing browser engine
API, this module can be by complete for page dynamic load, and the event in the page of triggering generates to obtain JavaSricpt or Ajax
New URL be stored in URL queue.For the single page, reptile module uses BeautifulSoup storehouse to resolve, by dividing
Analysis page structure extracts unformatted decanting point, and preserves decanting point by data structure Form class and Input class, is used for afterwards
Test.
(2) Hole Detection module enhances the step carrying out attack test and analysis result, this module comprise multiple automatically
Change dynamic detection module and unformatted decanting point and general decanting point are carried out vector of attack submission, and an automatization is dynamic
Judge module is used for analysis result, and they use Ghost.py as browser engine equally.Automatization's dynamic detection module pair
The vector of attack changing decanting point employing is the multiple vector of attack (table 1) that can walk around XSS inspection after design.
The vector of attack of some process designs of table 1
These perform result and transfer to the dynamic judge module of automatization to judge after the vector of attack of design is submitted to, it
Can dynamically judge the behavior after page return.First, this system by means of third-party server, if contained in vector of attack
Request (request being non-malicious used during test) to this server, then system can automatically analyze third-party server
State, it is judged that whether back page performs this request, if performed, then there is XSS leak in decanting point.Secondly, this is
Unite the API by calling browser kernel, can detect whether webpage performs JavaScript script.If the page can perform
One is ejected the script reminding frame, and its content is that system is pre-set, then may determine that current decanting point is to exist
Leak.Comparing traditional method, the detection module of this system is more accurate to the judgement of leak, occurs showing of wrong report hardly
As.
2, running environment
This software system is write in 64 systems of Windows by python language completely, can be Windows 64
In system properly functioning.
3, the content that software system can change according to practical situation
Owing to native system has stronger universal, at the beginning of design, just take into account the support to other operating system.
This project core library includes re, pywebfuzz, ghost, bs4, pySide, pyQt, and these storehouses can be all masters
Run in the operating system of stream, therefore can well realize cross-platform transplanting.
Accompanying drawing explanation
Fig. 1 system general frame (by module)
Fig. 2 URL processes modelling
Fig. 3 Hole Detection flow scheme design
Detailed description of the invention
The principle of native system is the Black-box Testing to server based on Ghost.py, and it is by reptile module, Hole Detection
Module and three module compositions of user interface.System architecture is as shown in Figure 1.
4.1 reptile modules
The page is mainly explored by reptile module, uses the depth-priority-searching method of recurrence to excavate same area page under one's name
Face.
When exploring the page, in addition it is also necessary to carry out the dynamic analysis of webpage, by complete for page dynamic load, and trigger in the page
Event is to obtain new URL and the decanting point of JavaSricpt or Ajax generation, and the loading page therein is provided by Ghost.py
API complete.
After webpage has loaded, the URL of new page can be added in list by reptile.URL hyperlink is generally present in<a>label
Href attribute, for<a>label in HTML, the value of its href attribute can be any effective document relatively or definitely
URL, including fragment identifier and JavaScript code section.When general user clicks on the content in<a>label, browser except
The URL that href attribute is specified can be jumped to, it is also possible to perform JavaScript expression formula, method and the list of function.
Native system, when analyzing<a>label, can carry out multiple process for different situations to the value of href, as in figure 2 it is shown,
Convert thereof into the form of general URL.If the URL after Zhuan Huan is the most in lists, will store to url list for leakage afterwards
Hole is detected.
4.2 Hole Detection modules
(1) decanting point is extracted
Native system uses the Beautiful Soup storehouse of Python to complete web analysis.Beautiful Soup is one
With the resolver of the HTML/XML that Python writes, it can well process labelling lack of standardization and generate anatomy tree, and providing
Simple navigation conventional again, searches for and revises the operation dissecting tree.
Owing to current Web page becomes to become increasingly complex, form and the position of decanting point are the most varied, add inspection
The difficulty surveyed.First, decanting point may be hidden, and could generate after needing the event that user triggers in the page, and this is by tradition
Static crawler technology be difficulty with a bit, and use our system, its dynamic reptile module can be with automatic imitation user's row
For performing the event in the page, resolve script by its browser kernel, obtain page dom tree new after event performs.Secondly,
Decanting point is probably unformatted, and owing to webpage format is more and more diversified, decanting point may be not present in list, the most not
Submitted to by traditional submit mode, and be click on certain button, be submitted to server by JavaScript synthesis request.
The reptile module synthesis of native system is in consideration of it, the various decanting points of analysis and summary and the possible feature of interaction point add
To judge, as described in Table 1.Therefore, the function of the reptile analysis module of native system expands and covers decanting point identification in the page
Lid rate.Concrete steps such as algorithm 1 describes.
By algorithm 1, the unformatted decanting point in general DOM structure can be processed by we:
1.<input type=" text " id=" header_search_input "/>
< input type=" button " onclick=" search ($ (' #header_search_input') .val
())"/>
2.<input type=" text " id=" header_search_input "/>
<div><input type=" button " onclick=" search ($ (' #header_search_input')
.val())"/><div>
Certainly the situation of complexity is also included such as:
<div><input type="text"id="header_search_input"/></div>
<div>
<div><input type=" button " onclick=" search ($ (' #header_search_input')
.val())"/></div>
<div><span class="SomeClass">clickable</span></div>
</div>
Now decanting point extraction algorithm can judge that first is input decanting point, and second input and span is mutual
Point, and interaction point is connected to decanting point as list, it is then stored in Input apoplexy due to endogenous wind.Can be surveyed by Hole Detection module
Try out which interaction point and can submit this decanting point to request.
The formatting decanting point submitted to by list then stores Form apoplexy due to endogenous wind.
(2) automatization submits vector of attack to
Native system uses JavaScript script to edit webpage dynamically, is XSS including the value arranging decanting point
Vector of attack, submits to and asks to server, and the process of checking function etc..
List there may exist restriction input length, does not allow the Front End Authentication such as some forbidden characters, causes vector of attack
Can not submit to.These checking events are present in the attribute of list, need to remove these attributes.
Afterwards the concrete steps such as algorithm 2 of list operation is described:
(3) Hole Detection
Native system uses Black-box Testing method to detect whether target list exists XSS leak.Hole Detection the most square
Method is to use through the vector of attack designed to fill in list and to submit to.This Cheat Sheet includes that the multiple XSS that can walk around examines
The vector of attack tested, as shown in table 2.
The detection module of this system, after submitting vector of attack request to, dynamically judges the behavior after page return.First, should
System by means of third-party server and carries out the work, if containing request (employing during test to this server in vector of attack
The request being non-malicious), then system can automatically analyze the state of third-party server, it is judged that whether back page performs
This request.If performed, then it is assumed that this decanting point exists XSS leak.Secondly, this system is by calling browser kernel
API, can detect whether webpage performs JavaScript script.If the page performs one and ejects the script reminding frame,
Its content is that system is pre-set, then may determine that current decanting point exists leak.Comparing traditional method, this is
The detection module of system is more accurate to the judgement of leak.The execution process of Hole Detection is as shown in Figure 3.
Table 2
Claims (3)
1. the automated detection system that can dynamically judge XSS leak, it is characterised in that: native system is broadly divided into reptile mould
Block, detection module, the big module of subscriber interface module three, and this three big module contains some submodules to realize core merit
Can, wherein:
(1) reptile module enhances and crawls the page and extract the step of decanting point, and this module uses Ghost.py as browser
Engine, uses depth-first reptile, constantly circulation to capture webpage and be stored in URL queue, until by whole for the same area page under one's name
Access completes, thus obtains the substantial amounts of page and detect for detection module;For employing what browser engine provided
API, this module by complete for page dynamic load, and can trigger what the event in the page generated with acquisition JavaSricpt or Ajax
New URL is stored in URL queue;For the single page, reptile module uses BeautifulSoup storehouse to resolve, by analyzing
Page structure extracts unformatted decanting point, and preserves decanting point by data structure Form class and Input class, for survey afterwards
Examination;
(2) Hole Detection module enhances the step carrying out attack test and analysis result, and this module comprises multiple automatization and moves
State detection module carries out vector of attack submission to unformatted decanting point and general decanting point, and an automatization dynamically judges
Module is used for analysis result, and they use Ghost.py as browser engine equally;Automatization's dynamic detection module is to changing note
The vector of attack that access point uses is the multiple vector of attack (table 1) that can walk around XSS inspection after design;
The vector of attack of some process designs of table 1
These perform result and transfer to the dynamic judge module of automatization to judge after the vector of attack of design is submitted to, and it can
Dynamically judge the behavior after page return;First, this system by means of third-party server, if containing to this in vector of attack
The request (request being non-malicious used during test) of server, then system can automatically analyze the shape of third-party server
State, it is judged that whether back page performs this request, if performed, then there is XSS leak in decanting point;Secondly, this system
By calling the API of browser kernel, can detect whether webpage performs JavaScript script;If the page can perform
One is ejected the script reminding frame, and its content is that system is pre-set, then may determine that current decanting point is to there is leakage
Hole;Comparing traditional method, the detection module of this system is more accurate to the judgement of leak, occurs showing of wrong report hardly
As.
A kind of automated detection system that can dynamically judge XSS leak the most according to claim 1, it is characterised in that: this
System is write in 64 systems of Windows by python language completely, properly functioning in 64 systems of Windows.
A kind of automated detection system that can dynamically judge XSS leak the most according to claim 1, it is characterised in that: this
The principle of system is the Black-box Testing to server based on Ghost.py, and it is by reptile module, Hole Detection module and user
Three, interface module composition;
Reptile module
The page is mainly explored by reptile module, uses the depth-priority-searching method of recurrence to excavate the same area page under one's name;
When exploring the page, in addition it is also necessary to carry out the dynamic analysis of webpage, by complete for page dynamic load, and trigger the event in the page
To obtain new URL and decanting point, the API that the loading page therein is provided that JavaSricpt or Ajax generates by Ghost.py
Complete;
After webpage has loaded, the URL of new page can be added in list by reptile;URL hyperlink is generally present in<a>label
Href attribute, for<a>label in HTML, the value of its href attribute can be the relative of any effective document or absolute URL,
Including fragment identifier and JavaScript code section;When general user clicks on the content in<a>label, browser is except jumping
Forward the URL that href attribute is specified to, it is also possible to perform JavaScript expression formula, method and the list of function;
Native system, when analyzing<a>label, can carry out multiple process for different situations to the value of href, converts thereof into general
The form of URL;If the URL after Zhuan Huan is the most in lists, will store to url list for Hole Detection afterwards;
Hole Detection module
(1) decanting point is extracted
Native system uses the Beautiful Soup storehouse of Python to complete web analysis;Beautiful Soup is a use
The resolver of the HTML/XML that Python writes, it can well process labelling lack of standardization and generate anatomy tree, and providing letter
Single navigation conventional again, searches for and revises the operation dissecting tree;
Owing to current Web page becomes to become increasingly complex, form and the position of decanting point are the most varied, add detection
Difficulty;First, decanting point may be hidden, and could generate after needing the event that user triggers in the page, and this is to use traditional static
Crawler technology be difficulty with a bit, and use our system, its dynamic reptile module can be held with automatic imitation user behavior
Event in the row page, resolves script by its browser kernel, obtains page dom tree new after event performs;Secondly, inject
Point is probably unformatted, and owing to webpage format is more and more diversified, decanting point may be not present in list, does not passes through
Traditional submit mode is submitted to, and is click on certain button, is submitted to server by JavaScript synthesis request;This is
The reptile module synthesis of system is in consideration of it, the various decanting points of analysis and summary and the possible feature of interaction point sentenced
Disconnected, as described in Table 1;Therefore, the function of the reptile analysis module of native system expands the coverage rate of decanting point identification in the page;
Concrete steps such as algorithm 1 describes;
By algorithm 1, the unformatted decanting point in general DOM structure can be processed by we:
1.<input type=" text " id=" header_search_input "/>
<input type=" button " onclick=" search ($ (' #header_search_input') .val ()) "/>
2.<input type=" text " id=" header_search_input "/>
<div><input type=" button " onclick=" search ($ (' #header_search_input') .val
())"/><div>
Certainly the situation of complexity is also included such as:
<div><input type="text"id="header_search_input"/></div>
<div>
<div><input type=" button " onclick=" search ($ (' #header_search_input') .val
())"/></div>
<div><span class="SomeClass">clickable</span></div>
</div>
Now decanting point extraction algorithm can judge that first is input decanting point, and second input and span is interaction point,
And interaction point is connected to decanting point as list, it is then stored in Input apoplexy due to endogenous wind;Can be tested out by Hole Detection module
Which interaction point can submit this decanting point to request;
The formatting decanting point submitted to by list then stores Form apoplexy due to endogenous wind;
(2) automatization submits vector of attack to
Native system uses JavaScript script to edit webpage dynamically, is XSS attack including the value arranging decanting point
Vector, submits to and asks to server, and the process of checking function etc.;
List there may exist restriction input length, does not allow the Front End Authentication such as some forbidden characters, causes the vector of attack can not
Submit to;These checking events are present in the attribute of list, need to remove these attributes;Concrete step to list operation afterwards
Suddenly describe such as algorithm 2:
(3) Hole Detection
Native system uses Black-box Testing method to detect whether target list exists XSS leak;The basic skills of Hole Detection is
The vector of attack through design is used to fill in list and submit to;This Cheat Sheet include multiple can walk around XSS inspection
Vector of attack, as shown in table 2;
The detection module of this system, after submitting vector of attack request to, dynamically judges the behavior after page return;First, this system
By means of third-party server to carry out the work, if containing the request to this server in vector of attack, (use during test is equal
Request for non-malicious), then system can automatically analyze the state of third-party server, it is judged that whether back page performs this
Request;If performed, then it is assumed that this decanting point exists XSS leak;Secondly, this system by calling the API of browser kernel,
Can detect whether webpage performs JavaScript script;If the page performs one and ejects the script reminding frame, in it
Hold for system pre-set, then may determine that current decanting point exists leak;Compare traditional method, this system
Detection module is more accurate to the judgement of leak.
Table 2
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610099346.0A CN106022135A (en) | 2016-02-23 | 2016-02-23 | Automatic detection system capable of dynamically determining XSS vulnerability |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610099346.0A CN106022135A (en) | 2016-02-23 | 2016-02-23 | Automatic detection system capable of dynamically determining XSS vulnerability |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106022135A true CN106022135A (en) | 2016-10-12 |
Family
ID=57082862
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610099346.0A Pending CN106022135A (en) | 2016-02-23 | 2016-02-23 | Automatic detection system capable of dynamically determining XSS vulnerability |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106022135A (en) |
Cited By (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106845248A (en) * | 2017-01-18 | 2017-06-13 | 北京工业大学 | A kind of XSS leak detection methods based on state transition graph |
CN106909846A (en) * | 2017-01-16 | 2017-06-30 | 安徽开源互联网安全技术有限公司 | One kind is based on empty quasi-analytic leak detection method and its device |
CN107026854A (en) * | 2017-03-27 | 2017-08-08 | 北京神州绿盟信息安全科技股份有限公司 | Validating vulnerability method and device |
CN107046533A (en) * | 2017-03-15 | 2017-08-15 | 广西科技大学 | A kind of automatic generation method of storage-type XSS attack vector |
CN107103241A (en) * | 2017-03-15 | 2017-08-29 | 广西科技大学 | A kind of method of testing for automatically generating storage-type XSS attack vector |
CN107332736A (en) * | 2017-07-06 | 2017-11-07 | 苏州工业园区服务外包职业学院 | Automation cluster detecting system based on ModBus agreements |
CN107749835A (en) * | 2017-09-11 | 2018-03-02 | 哈尔滨工程大学 | A kind of penetration testing method of the click hijack attack based on prediction |
CN107800692A (en) * | 2017-10-13 | 2018-03-13 | 郑州云海信息技术有限公司 | A kind of XSS leak detection methods and system based on web browser |
CN108073828A (en) * | 2016-11-16 | 2018-05-25 | 阿里巴巴集团控股有限公司 | A kind of webpage integrity assurance, apparatus and system |
CN108512818A (en) * | 2017-02-28 | 2018-09-07 | 腾讯科技(深圳)有限公司 | Detect the method and device of loophole |
CN108830082A (en) * | 2018-05-24 | 2018-11-16 | 东南大学 | A kind of XSS vulnerability detection parameter automatically selecting method based on output point position |
CN109391600A (en) * | 2017-08-10 | 2019-02-26 | 东软集团股份有限公司 | Distributed denial of service attack means of defence, device, system, medium and equipment |
CN109922052A (en) * | 2019-02-22 | 2019-06-21 | 中南大学 | A kind of malice URL detection method of combination multiple characteristics |
CN110020066A (en) * | 2017-07-31 | 2019-07-16 | 北京国双科技有限公司 | A kind of method and device of past crawler platform note task |
CN110309658A (en) * | 2019-06-27 | 2019-10-08 | 暨南大学 | A kind of dangerous XSS defensive system recognition methods based on intensified learning |
CN111949992A (en) * | 2020-08-17 | 2020-11-17 | 中国工商银行股份有限公司 | Automatic safety monitoring method and system for WEB application program |
CN112131136A (en) * | 2020-11-24 | 2020-12-25 | 智道网联科技(北京)有限公司 | Automatic interactive testing method and device |
CN113704760A (en) * | 2021-08-31 | 2021-11-26 | 深信服科技股份有限公司 | Page detection method and related device |
CN114467282A (en) * | 2019-07-23 | 2022-05-10 | 阿卡麦科技公司 | Behavioral analysis detection and prevention of malicious script attacks using runtime script execution events |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101964025A (en) * | 2009-07-23 | 2011-02-02 | 中联绿盟信息技术(北京)有限公司 | XSS (Cross Site Scripting) detection method and device |
CN104881607A (en) * | 2015-05-21 | 2015-09-02 | 北京工业大学 | XSS vulnerability detection method based on simulating browser behavior |
CN104881608A (en) * | 2015-05-21 | 2015-09-02 | 北京工业大学 | XSS vulnerability detection method based on simulating browser behavior |
-
2016
- 2016-02-23 CN CN201610099346.0A patent/CN106022135A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101964025A (en) * | 2009-07-23 | 2011-02-02 | 中联绿盟信息技术(北京)有限公司 | XSS (Cross Site Scripting) detection method and device |
CN104881607A (en) * | 2015-05-21 | 2015-09-02 | 北京工业大学 | XSS vulnerability detection method based on simulating browser behavior |
CN104881608A (en) * | 2015-05-21 | 2015-09-02 | 北京工业大学 | XSS vulnerability detection method based on simulating browser behavior |
Non-Patent Citations (2)
Title |
---|
LIU YUAN 等: "A XSS vulnerability detection approach based on simulating browser behavior", 《INFORMATION SCIENCE AND SECURITY(ICISS),2015 2ND INTERNATIONAL CONFERENCE》 * |
曹黎波 等: "基于动态测试的XSS漏洞检测方法研究", 《计算机应用与软件》 * |
Cited By (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108073828A (en) * | 2016-11-16 | 2018-05-25 | 阿里巴巴集团控股有限公司 | A kind of webpage integrity assurance, apparatus and system |
CN106909846A (en) * | 2017-01-16 | 2017-06-30 | 安徽开源互联网安全技术有限公司 | One kind is based on empty quasi-analytic leak detection method and its device |
CN106909846B (en) * | 2017-01-16 | 2020-04-24 | 安徽开源互联网安全技术有限公司 | Vulnerability detection method and device based on virtual analysis |
CN106845248A (en) * | 2017-01-18 | 2017-06-13 | 北京工业大学 | A kind of XSS leak detection methods based on state transition graph |
CN108512818A (en) * | 2017-02-28 | 2018-09-07 | 腾讯科技(深圳)有限公司 | Detect the method and device of loophole |
CN108512818B (en) * | 2017-02-28 | 2020-09-04 | 腾讯科技(深圳)有限公司 | Method and device for detecting vulnerability |
CN107103241A (en) * | 2017-03-15 | 2017-08-29 | 广西科技大学 | A kind of method of testing for automatically generating storage-type XSS attack vector |
CN107046533A (en) * | 2017-03-15 | 2017-08-15 | 广西科技大学 | A kind of automatic generation method of storage-type XSS attack vector |
CN107026854B (en) * | 2017-03-27 | 2020-02-07 | 北京神州绿盟信息安全科技股份有限公司 | Vulnerability verification method and device |
CN107026854A (en) * | 2017-03-27 | 2017-08-08 | 北京神州绿盟信息安全科技股份有限公司 | Validating vulnerability method and device |
CN107332736A (en) * | 2017-07-06 | 2017-11-07 | 苏州工业园区服务外包职业学院 | Automation cluster detecting system based on ModBus agreements |
CN110020066A (en) * | 2017-07-31 | 2019-07-16 | 北京国双科技有限公司 | A kind of method and device of past crawler platform note task |
CN109391600A (en) * | 2017-08-10 | 2019-02-26 | 东软集团股份有限公司 | Distributed denial of service attack means of defence, device, system, medium and equipment |
CN107749835A (en) * | 2017-09-11 | 2018-03-02 | 哈尔滨工程大学 | A kind of penetration testing method of the click hijack attack based on prediction |
CN107749835B (en) * | 2017-09-11 | 2020-11-20 | 哈尔滨工程大学 | Penetration test method for click hijack attack based on prediction |
CN107800692A (en) * | 2017-10-13 | 2018-03-13 | 郑州云海信息技术有限公司 | A kind of XSS leak detection methods and system based on web browser |
CN108830082B (en) * | 2018-05-24 | 2022-05-10 | 东南大学 | XSS vulnerability detection parameter automatic selection method based on output point position |
CN108830082A (en) * | 2018-05-24 | 2018-11-16 | 东南大学 | A kind of XSS vulnerability detection parameter automatically selecting method based on output point position |
CN109922052A (en) * | 2019-02-22 | 2019-06-21 | 中南大学 | A kind of malice URL detection method of combination multiple characteristics |
CN109922052B (en) * | 2019-02-22 | 2020-12-29 | 中南大学 | Malicious URL detection method combining multiple features |
CN110309658B (en) * | 2019-06-27 | 2021-02-05 | 暨南大学 | Unsafe XSS defense system identification method based on reinforcement learning |
CN110309658A (en) * | 2019-06-27 | 2019-10-08 | 暨南大学 | A kind of dangerous XSS defensive system recognition methods based on intensified learning |
CN114467282A (en) * | 2019-07-23 | 2022-05-10 | 阿卡麦科技公司 | Behavioral analysis detection and prevention of malicious script attacks using runtime script execution events |
CN111949992A (en) * | 2020-08-17 | 2020-11-17 | 中国工商银行股份有限公司 | Automatic safety monitoring method and system for WEB application program |
CN111949992B (en) * | 2020-08-17 | 2023-09-29 | 中国工商银行股份有限公司 | Automatic safety monitoring method and system for WEB application program |
CN112131136A (en) * | 2020-11-24 | 2020-12-25 | 智道网联科技(北京)有限公司 | Automatic interactive testing method and device |
CN113704760A (en) * | 2021-08-31 | 2021-11-26 | 深信服科技股份有限公司 | Page detection method and related device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106022135A (en) | Automatic detection system capable of dynamically determining XSS vulnerability | |
CN104881608B (en) | A kind of XSS leak detection methods based on simulation browser behavior | |
CN104881607B (en) | A kind of XSS leakage locations based on simulation browser behavior | |
Huang et al. | Web application security assessment by fault injection and behavior monitoring | |
Dahse et al. | Simulation of Built-in PHP Features for Precise Static Code Analysis. | |
Dahse et al. | Static Detection of {Second-Order} Vulnerabilities in Web Applications | |
Junjin | An approach for SQL injection vulnerability detection | |
Jueckstock et al. | Visiblev8: In-browser monitoring of javascript in the wild | |
Alhuzali et al. | Chainsaw: Chained automated workflow-based exploit generation | |
CN105491053A (en) | Web malicious code detection method and system | |
CN103279710B (en) | Method and system for detecting malicious codes of Internet information system | |
Li et al. | Perturbation-based user-input-validation testing of web applications | |
CN110460612B (en) | Security test method, device, storage medium and apparatus | |
CN101751530B (en) | Method for detecting loophole aggressive behavior and device | |
CN107832622A (en) | Leak detection method, device, computer equipment and storage medium | |
Ocariza Jr et al. | Automatic fault localization for client‐side JavaScript | |
Hou et al. | A dynamic detection technique for XSS vulnerabilities | |
Mitropoulos et al. | Time present and time past: analyzing the evolution of JavaScript code in the wild | |
ÐURIĆ | WAPTT-Web application penetration testing tool | |
Hassanshahi et al. | Gelato: Feedback-driven and guided security analysis of client-side web applications | |
Liang et al. | Malicious web pages detection based on abnormal visibility recognition | |
Liu et al. | A XSS vulnerability detection approach based on simulating browser behavior | |
CN108200191B (en) | Utilize the client dynamic URL associated script character string detection system of perturbation method | |
Shahriar et al. | Early detection of SQL injection attacks | |
Steinhauser et al. | DjangoChecker: Applying extended taint tracking and server side parsing for detection of context‐sensitive XSS flaws |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20161012 |