CN107908959A - Site information detection method, device, electronic equipment and storage medium - Google Patents

Site information detection method, device, electronic equipment and storage medium Download PDF

Info

Publication number
CN107908959A
CN107908959A CN201711107083.4A CN201711107083A CN107908959A CN 107908959 A CN107908959 A CN 107908959A CN 201711107083 A CN201711107083 A CN 201711107083A CN 107908959 A CN107908959 A CN 107908959A
Authority
CN
China
Prior art keywords
result
sensitive information
access
judge
network addresses
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201711107083.4A
Other languages
Chinese (zh)
Other versions
CN107908959B (en
Inventor
陈诚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Knownsec Information Technology Co Ltd
Original Assignee
Beijing Knownsec Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Knownsec Information Technology Co Ltd filed Critical Beijing Knownsec Information Technology Co Ltd
Priority to CN201711107083.4A priority Critical patent/CN107908959B/en
Publication of CN107908959A publication Critical patent/CN107908959A/en
Application granted granted Critical
Publication of CN107908959B publication Critical patent/CN107908959B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/556Detecting local intrusion or implementing counter-measures involving covert channels, i.e. data leakage between processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The present invention provides a kind of site information detection method, device, electronic equipment and storage medium, it is related to field of computer technology.The site information detection method includes:Destination network addresses to be detected are accessed using default web applications testing tool, wherein, the driving engine of the web applications testing tool is preset browsing device engine;Judge whether that getting the destination network addresses corresponds to the first access result that the server of targeted website returns;When to be, judge that described first accesses in result with the presence or absence of default sensitive information;If so, then judge that there are sensitive information leakage for the targeted website.The site information detection method can comprehensively detect website and whether there is sensitive information leakage.

Description

Site information detection method, device, electronic equipment and storage medium
Technical field
The present invention relates to field of computer technology, in particular to a kind of site information detection method, device, electronics Equipment and storage medium.
Background technology
At present, the web data of many websites is more and more huger, and link is more and more, makes the maintenance of the data of website become It is extremely important.Wherein, the sensitive information leakage for detecting website is the important ring in the data maintenance of website.
The method of existing detection website sensitive information leakage is to travel through link by way of reptile to be returned the result, Then judge to whether there is sensitive information in returning the result by customized sensitive information feature database.But website is mostly The separated framework in front and back end, i.e., render html, and asynchronous acquisition Back end data using front end JS templates, and reptile is without execution The function of JS, therefore html information and asynchronous hyperlink request that front end JS templates render can not be grabbed, cause to obtain less than The whole of site information return the result.Returning the result for being used to detect is imperfect, causes the sensitive information leakage of website Detection is inaccurate.
The content of the invention
In view of this, an embodiment of the present invention provides a kind of site information detection method, device, electronic equipment and storage to be situated between Matter, it is imperfect to solve to be used in the prior art returning the result for detection, cause the detection of the sensitive information leakage of website to be not allowed The problem of true.
To achieve these goals, the technical solution adopted by the present invention is as follows:
In a first aspect, an embodiment of the present invention provides a kind of site information detection method, the described method includes:Using default Web applications testing tool access destination network addresses to be detected, wherein, the driving engine of the web applications testing tool For preset browsing device engine;Judge whether to get the first of the server return that the destination network addresses correspond to targeted website Access result;When to be, judge that described first accesses in result with the presence or absence of default sensitive information;If so, described in then judging There are sensitive information leakage for targeted website.
Second aspect, an embodiment of the present invention provides a kind of site information detection device, described device includes analog access Module, the first judgment module, the second judgment module and the first execution module, wherein, the analog access module is used to utilize Default web applications testing tool accesses destination network addresses to be detected, wherein, the driving of the web applications testing tool Engine is preset browsing device engine;First judgment module is used to judge whether that getting the destination network addresses corresponds to mesh Mark the first access result that the server of website returns;Second judgment module, which is used to work as, gets the destination network addresses During the first access result that the server of corresponding targeted website returns, judge that described first accesses in result with the presence or absence of pre- If sensitive information;First execution module is used to when described first accesses and there is default sensitive information in result, then judge There are sensitive information leakage for the targeted website.
The third aspect, an embodiment of the present invention provides a kind of electronic equipment, the electronic equipment includes memory and processing Device, the memory storage have computer instruction, when the computer instruction is read and performed by the processor, make described Processor performs the method that above-mentioned first aspect provides.
Fourth aspect, is stored with computer an embodiment of the present invention provides a kind of storage medium, in the storage medium and refers to Order, wherein, the computer instruction performs the method that above-mentioned first aspect provides when being read and running.
Site information detection method, device, electronic equipment and storage medium provided in an embodiment of the present invention, by default Web applications testing tool accesses destination network addresses to be detected, wherein, the driving engine of web application testing tools is default Browser engine, so judges whether that getting destination network addresses corresponds to the first access knot that the server of targeted website returns Fruit, when getting the first access result of the server return that destination network addresses correspond to targeted website, then judges the first visit Ask in result with the presence or absence of default sensitive information, when finally there is default sensitive information in the first access result, judge target There are sensitive information leakage for website.It is thus possible to make the access result that access target network address obtains more complete, make detection Website is improved with the presence or absence of the accuracy of sensitive information leakage, and the access result for solving to be used to detect in the prior art is imperfect, The problem of causing the detection of the sensitive information leakage of website inaccurate.
To enable the above objects, features and advantages of the present invention to become apparent, preferred embodiment cited below particularly, and coordinate Appended attached drawing, is described in detail below.
Brief description of the drawings
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, the technical solution in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is Part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art All other embodiments obtained without making creative work, belong to the scope of protection of the invention.
Fig. 1 shows the schematic diagram that electronic equipment provided in an embodiment of the present invention is interacted with server;
Fig. 2 shows the block diagram of electronic equipment provided in an embodiment of the present invention;
Fig. 3 shows the flow chart of site information detection method provided in an embodiment of the present invention;
Fig. 4 shows the flow chart of step S130 in site information detection method provided in an embodiment of the present invention;
Fig. 5 shows the module map of site information detection device provided in an embodiment of the present invention;
Fig. 6 shows the module map of the second judgment module in site information detection device provided in an embodiment of the present invention.
Embodiment
Below in conjunction with attached drawing in the embodiment of the present invention, the technical solution in the embodiment of the present invention is carried out clear, complete Ground describes, it is clear that described embodiment is only part of the embodiment of the present invention, instead of all the embodiments.Usually exist The component of the embodiment of the present invention described and illustrated in attached drawing can be arranged and designed with a variety of configurations herein.Cause This, the detailed description of the embodiment of the present invention to providing in the accompanying drawings is not intended to limit claimed invention below Scope, but it is merely representative of the selected embodiment of the present invention.Based on the embodiment of the present invention, those skilled in the art are not doing Go out all other embodiments obtained on the premise of creative work, belong to the scope of protection of the invention.
It should be noted that:Similar label and letter represents similar terms in following attached drawing, therefore, once a certain Xiang Yi It is defined, then it further need not be defined and explained in subsequent attached drawing in a attached drawing.Meanwhile the present invention's In description, term " first ", " second " etc. are only used for distinguishing description, and it is not intended that instruction or hint relative importance.
Fig. 1 shows the schematic diagram that server provided in an embodiment of the present invention is interacted with electronic equipment.Server 200 It is communicatively coupled by network and one or more electronic equipment 100, with into row data communication or interaction.Server 200 Can be webserver etc., server 200 can be as the server of the targeted website in the embodiment of the present invention.The electronics Equipment 100 can be PC (personal computer, PC), and certainly, which also can also be service Device etc..
Fig. 2 shows a kind of structure diagram that can be applied to the electronic equipment in the embodiment of the present invention.It is as shown in Fig. 2, electric Sub- equipment 100 includes memory 102, storage control 104, one or more (one is only shown in figure) processors 106, peripheral hardware Interface 108, radio-frequency module 110, audio-frequency module 112, display unit 114 etc..These components by one or more communication bus/ Signal wire 116 mutually communicates.
Memory 102 can be used for storage software program and module, such as the site information detection side in the embodiment of the present invention Method and the corresponding programmed instruction/module of device, processor 106 by operation be stored in software program in memory 102 and Module, so that application and data processing are performed various functions, such as site information detection method provided in an embodiment of the present invention.
Memory 102 may include high speed random access memory, may also include nonvolatile memory, such as one or more magnetic Property storage device, flash memory or other non-volatile solid state memories.Processor 106 and other possible components are to storage The access of device 102 can carry out under the control of storage control 104.
Various input/output devices are coupled to processor 106 and memory 102 by Peripheral Interface 108.In some implementations In example, Peripheral Interface 108, processor 106 and storage control 104 can be realized in one single chip.In some other reality In example, they can be realized by independent chip respectively.
Radio-frequency module 110 is used to receiving and sending electromagnetic wave, realizes the mutual conversion of electromagnetic wave and electric signal, so that with Communication network or other equipment are communicated.
Audio-frequency module 112 provides a user audio interface, it may include one or more microphones, one or more raises Sound device and voicefrequency circuit.
Display unit 114 provides a display interface between electronic equipment 100 and user.Specifically, display unit 114 Video output is shown to user, and the content of these videos output may include word, figure, video and its any combination.
It is appreciated that structure shown in Fig. 2 is only to illustrate, electronic equipment 100 may also include it is more more than shown in Fig. 2 or Less component, or there is the configuration different from shown in Fig. 2.Each component shown in Fig. 2 can use hardware, software or its Combination is realized.
First embodiment
As Fig. 3 shows the flow chart of site information detection method provided in an embodiment of the present invention.Refer to Fig. 3, the party Method includes:
Step S110:Destination network addresses to be detected are accessed using default web applications testing tool, wherein, it is described The driving engine of web application testing tools is preset browsing device engine.
In existing site information detection method, since reptile without JS renders correlation function, so as to cause to mesh When mark network address accesses, the access result of acquisition is imperfect.Therefore, it is necessary to be obtained for guarantee access target network address The requirement of the integrality of the access result obtained, is improved the instrument or mode of access target network address.
Default web applications testing tool can be WebDriver instruments in embodiments of the present invention.Certainly, web is preset Restriction or other instruments are not intended as in embodiments of the present invention using the particular type of testing tool, for example, Selenium instruments.
In web test applications, WebDriver instruments are a open source softwares, it can be by defining driving engine Mode controls different browser (such as Firefox, Chrome, Safari, IE), it can open URL and the page rendered Face interacts.The API that the target of WebDriver is to provide a set of well-designed object-oriented preferably to support modern height The test job of level web applications.
In embodiments of the present invention, driving engine of the preset browsing device engine as WebDriver instruments can be selected, from And it can realize the access to a network address.
Browser engine is the most critically important part of browser, it has the function of that JS is rendered.It is mainly used for webpage language The explanation (one under such as standard generalized markup language is applied HTML, JavaScript) of method simultaneously renders (display) webpage.
In embodiments of the present invention, preset browsing device engine can be PhantomJS engines.Certainly, preset browsing device draws The particular type held up is not intended as limiting in embodiments of the present invention.FirefoxDriver engines, InternetExplorerDriver engines, ChromeDriver engines etc..
In embodiments of the present invention, PhantomJS be one without interface, can the WebKit browsers of Script Programming draw Hold up.PhantomJS is a complete browser kernel, including JS analytics engines, rendering engine, request processing etc..
In embodiments of the present invention, the targeted website corresponding destination network addresses in need that are detected can be set to arrange Table.Furthermore it is possible to accessed in a manner of traversal to each destination network addresses in list.
In embodiments of the present invention, when accessing destination network addresses to be detected using default web applications testing tool, Can be carried out in a manner of simulation browser behavior, that is, simulate the behaviors such as mouse action, keyboard operation that receive, and it is corresponding Generation and the request for performing access target network address.
Step S120:Judge whether to get the first of the server return that the destination network addresses correspond to targeted website Access result.
After accessing to destination network addresses, it can in most cases get by the objective network that accesses The first access result that the server that location corresponds to targeted website returns.It is also possible to occur that the first access result can not be got Situation, such as, the server that access request is corresponded to targeted website by destination network addresses is refused, and leads to not get access knot Fruit.
Therefore, it is possible to judge that whether get the first visit for being corresponded to the server of targeted website by destination network addresses and being returned Ask result.To determine subsequently to accessing whether the step of result carries out sensitive information detection performs.
In embodiments of the present invention, the first visit that the server that the destination network addresses got correspond to targeted website returns Ask as a result, possible first accesses in result there is link, and these links are probably the target network with being accessed in step S110 The relevant link of rhizosphere name of network address, that is, belong to the link of same website.
Therefore, it is possible to judge that first access result in link rhizosphere name whether the rhizosphere famous prime minister with destination network addresses Together.
Judge first access the link in result rhizosphere name whether with the rhizosphere famous prime ministers of destination network addresses at the same time, can Link as first identical with the rhizosphere name of destination network addresses to be linked, and the first link can insert step S110 In the list of the middle destination network addresses to be detected for needing to access, so that follow-up again visit the first link location Ask, so as to the access that links identical with the rhizosphere name of destination network addresses that gets as a result, so as to site information Detection it is more complete.
Therefore, in embodiments of the present invention, judge whether to get the server that destination network addresses correspond to targeted website First returned accesses result or for the above-mentioned network address identical with the rhizosphere name of destination network addresses in step For access operation in rapid S110, i.e., step S120 can also include:
Judge whether that the server for obtaining the first corresponding targeted website of link returns first is accessed as a result, wherein, described First is linked as and the rhizosphere name of the destination network addresses is identical links.
It is understood that judge whether that obtaining link identical with the rhizosphere name of destination network addresses corresponds to targeted website Server whether returned to the first access result.
Due to being produced when after accessing to destination network addresses to be detected, while in the presence of other requests.For example, When again accessing to certain webpage, it may need to ask user's login page at the same time.Network in these other requests produced Address, it may be possible to which the rhizosphere name of the destination network addresses with being accessed in step S110 is relevant to be linked, that is, belongs to same website Address.
Therefore, it is possible to judge that produce other requests in network address rhizosphere name whether the root with destination network addresses Domain name is identical.
The rhizosphere name of network address in other requests of generation are determined whether the rhizosphere name with destination network addresses , can be using the network address identical with the rhizosphere name of destination network addresses as network address to be detected when identical, and treat The network address of detection can be inserted in step S110 in the list for the destination network addresses to be detected for needing to access, with Make subsequently again to access to the network address to be detected, so as to the rhizosphere famous prime minister with destination network addresses got The access of same link is as a result, so that the detection to site information is more complete.
Therefore, in embodiments of the present invention, judge whether to get the server that destination network addresses correspond to targeted website First returned accesses result or for the network address identical with the rhizosphere name of destination network addresses in step S110 In access operation for, i.e., step S120 can also include:
Judge whether to get the server return that the corresponding network address of other network request information corresponds to targeted website First access as a result, wherein, the corresponding network address of the other network request information is and the destination network addresses The identical network address of rhizosphere name.
Target network is corresponded to by the corresponding network address of other network request information it is understood that judging whether to get The server stood return first access as a result, and the rhizosphere name of the corresponding network address of other network request information therein with The rhizosphere name of destination network addresses in step S110 is identical.
Step S130:When to be, judge that described first accesses in result with the presence or absence of default sensitive information.
When determined in step S120 get the first access result when, then can perform judge first access result in be It is no to there is the step of default sensitive information.
In embodiments of the present invention, more height results can be included in the first access result.Refer to Fig. 4, step S130 It can include:
Step S131:When to be, matched rule corresponding with the default sensitive information in first database is read.
It can be prestored in the first database for storing sensitive information feature and be useful for determining whether to preset The matched rule of sensitive information.
Determine get the first access result when, then default sensitive information can be read from first database and is corresponded to Matched rule.
Step S132:Judge in the multiple sub- result with the presence or absence of the sub- result for meeting the matched rule.
It is understood that can include multistage HTML character strings in the first access result, i.e., sub- result can be one section HTML character strings, certain sub- result can also be the HTML character strings of multistage.
In embodiments of the present invention, first particular content of result and sub- result is accessed in embodiments of the present invention not As restriction.
In embodiments of the present invention, matched rule can be a corresponding rule of default sensitive information.For example, phone number Corresponding default sensitive information, its matched rule can be 11 bit digitals, and the first numeral is 1 etc..For another example E-mail address pair The default sensitive information answered, its matched rule may be greater than the combination+@of the English alphabet/numeral/symbol of 1+be more than 1 English alphabet/numeral/symbol combination+.+ more than the English alphabet/numeral/symbol of 1 combination.
It is thus possible to determine in the first access result with the presence or absence of the sub- result for meeting matched rule.
Step S133:If so, then judge that there are the default sensitive information in the first access result;If it is not, then sentence The default sensitive information is not present in the fixed first access result.
It is understood that meet the sub- result of matched rule when determining to exist in the first access result in step S132 When, then it may determine that in the first access result there is default sensitive information;When determining the first access result in step S132 In there is no during the sub- result for meeting matched rule, then may determine that there is no default sensitive information in the first access result.
In embodiments of the present invention, when in judging the first access result with the presence or absence of default sensitive information, due to default Sensitive information can have a variety of, and therefore, can accessing result by first, matching corresponding with every kind of default sensitive information is advised successively Matching judgment is then carried out, it is thus possible to accurately determine out all default sensitive informations present in the first access result.
Step S140:If so, then judge that there are sensitive information leakage for the targeted website.
Judging result in step s 130 is when there is default sensitive information in the first access result, that is, represents to access to be somebody's turn to do During the corresponding targeted website of destination address, default sensitive information can be got, it is thus possible to which it is sensitive to judge that targeted website exists Information leakage.
In embodiments of the present invention, when determining the corresponding targeted website of objective network there are after sensitive information leakage, go back Specific sensitive information can be recorded, and sensitive information and the correspondence of the destination network addresses are stored.
Therefore, in embodiments of the present invention, which can also include:Obtain described first and access knot Corresponding content corresponding with the default sensitive information in fruit;By pair between the corresponding content and the destination network addresses It should be related to and be stored in database.
It is understood that when judging in step s 130 in the first access result with the presence or absence of default sensitive information, can The contents extraction for meeting the default corresponding matched rule of sensitive information to be gone out, thus obtain in the first access result with preset it is quick Feel the corresponding corresponding content of information.
In embodiments of the present invention, can also there are sensitive information leakage when determining the corresponding targeted website of objective network Afterwards, prompting message is exported, to prompt the server of the website that there are sensitive information leakage.
The site information detection method that first embodiment of the invention provides, is accessed using default web applications testing tool Destination network addresses to be detected, and the driving engine of the web application testing tools is browser engine, so as to effective Get complete access as a result, in addition, also to being obtained during access target network address and the website is relevant links or production Access in other raw requests with the relevant address in the website, acquisition is more accessed as a result, so as to realize to this The information of website carries out the detection of comprehensive sensitive information leakage, detection website is whether there is the accuracy of sensitive information leakage Improve, the access result for solving to be used to detect in the prior art is imperfect, causes the detection of the sensitive information leakage of website to be not allowed The problem of true.
Second embodiment
Second embodiment of the invention provides a kind of site information detection device 300, refers to Fig. 5, the site information Detection device 300 includes analog access module 310, the first judgment module 320, the second judgment module 330 and first and performs mould Block 340.Wherein, the analog access module 310 is used to access target network to be detected using default web applications testing tool Network address, wherein, the driving engine of the web applications testing tool is preset browsing device engine;First judgment module 320 Correspond to that the server of targeted website is returned for judging whether to get the destination network addresses first accesses result;It is described Second judgment module 330 is used to work as the first access for getting the server return that the destination network addresses correspond to targeted website When as a result, judge that described first accesses in result with the presence or absence of default sensitive information;First execution module 340 is used for When described first, which accesses, there is default sensitive information in result, then judge that there are sensitive information leakage for the targeted website.
In embodiments of the present invention, the first access result includes more height results.Fig. 6 is referred to, described second sentences Disconnected mould 330 includes regular reading unit 331, rule judgment unit 332 and result determination unit 333.Wherein, the rule is read Take unit 331 be used for when get the destination network addresses corresponds to targeted website server return first access result When, read matched rule corresponding with the default sensitive information in first database;The rule judgment unit 332 is used to sentence With the presence or absence of the sub- result for meeting the matched rule in the multiple sub- result of breaking;The result determination unit 333 is used to work as When there is the sub- result for meeting the matched rule in the multiple sub- result, then judge that there are institute in the first access result State default sensitive information;The result determination unit, which is additionally operable to work as to be not present in the multiple sub- result, meets the matched rule Sub- result when, then judge it is described first access result in the default sensitive information is not present.
In embodiments of the present invention, the site information detection device 300 further includes content obtaining module and storage is held Row module.Wherein, the content obtaining module is used to obtain corresponding with the default sensitive information in the first access result Corresponding content;The storage execution module is used for the correspondence between the corresponding content and the destination network addresses It is stored in database.
In embodiments of the present invention, the first judgment module 320 can be specifically used for judging whether that obtaining the first link corresponds to The first access that the server of targeted website returns is as a result, wherein, described first is linked as the root with the destination network addresses The identical link of domain name.
In embodiments of the present invention, the first judgment module 320 can also be specifically used for judging whether to get other networks What the server that the corresponding network address of solicited message corresponds to targeted website returned first accesses as a result, wherein, other nets The corresponding network address of network solicited message is the network address identical with the rhizosphere name of the destination network addresses.
3rd embodiment
Third embodiment of the invention provides a kind of electronic equipment 100, refers to Fig. 2, and the electronic equipment 100 includes depositing Reservoir 102 and processor 106, the memory 102 are stored with computer instruction, when the computer instruction is by the processor 106 read and when performing, and the processor 106 is performed the site information detection method that first embodiment of the invention provides.
Fourth embodiment
Fourth embodiment of the invention provides a kind of storage medium, and computer instruction is stored with the storage medium, its In, the computer instruction performs the site information detection method of first embodiment of the invention offer when being read and running.
In conclusion site information detection method, device, electronic equipment and storage medium provided in an embodiment of the present invention, Destination network addresses to be detected are accessed by default web applications testing tool, wherein, the driving of web application testing tools Engine is preset browsing device engine, so judges whether to get that destination network addresses correspond to that the server of targeted website returns the One accesses as a result, in the first access result that the server for getting destination network addresses and corresponding to targeted website returns, then sentences Disconnected first accesses with the presence or absence of sensitive information is preset in result, when finally there is default sensitive information in the first access result, Judge that there are sensitive information leakage for targeted website.It is thus possible to make the access result that access target network address obtains more complete It is whole, detection website is improved with the presence or absence of the accuracy of sensitive information leakage, solve to be used for the access knot detected in the prior art Fruit is imperfect, the problem of causing the detection of the sensitive information leakage of website inaccurate.
It should be noted that each embodiment in this specification is described by the way of progressive, each embodiment weight Point explanation is all difference with other embodiment, between each embodiment identical similar part mutually referring to. For device class embodiment, since it is substantially similar to embodiment of the method, so description is fairly simple, related part ginseng See the part explanation of embodiment of the method.
In several embodiments provided herein, it should be understood that disclosed apparatus and method, can also pass through it Its mode is realized.Device embodiment described above is only schematical, for example, the flow chart and block diagram in attached drawing are shown Device, architectural framework in the cards, the work(of method and computer program product of multiple embodiments according to the present invention are shown Can and it operate.At this point, each square frame in flow chart or block diagram can represent one of a module, program segment or code Point, a part for the module, program segment or code includes one or more and is used for realization the executable of defined logic function Instruction.It should also be noted that at some as in the implementation replaced, the function of being marked in square frame can also be with different from attached The order marked in figure occurs.For example, two continuous square frames can essentially perform substantially in parallel, they also may be used sometimes To perform in the opposite order, this is depending on involved function.It is it is also noted that each in block diagram and/or flow chart The combination of square frame and the square frame in block diagram and/or flow chart, function or the dedicated of action can be based on as defined in execution The system of hardware is realized, or can be realized with the combination of specialized hardware and computer instruction.
In addition, each function module in each embodiment of the present invention can integrate to form an independent portion Point or modules individualism, can also two or more modules be integrated to form an independent part.
If the function is realized in the form of software function module and is used as independent production marketing or in use, can be with It is stored in a computer read/write memory medium.Based on such understanding, technical scheme is substantially in other words The part to contribute to the prior art or the part of the technical solution can be embodied in the form of software product, the meter Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be People's computer, server, or network equipment etc.) perform all or part of step of each embodiment the method for the present invention. And foregoing storage medium includes:USB flash disk, mobile hard disk, read-only storage (ROM, Read-Only Memory), arbitrary access are deposited Reservoir (RAM, Random Access Memory), magnetic disc or CD etc. are various can be with the medium of store program codes.Need Illustrate, herein, relational terms such as first and second and the like be used merely to by an entity or operation with Another entity or operation distinguish, without necessarily requiring or implying there are any this reality between these entities or operation The relation or order on border.Moreover, term " comprising ", "comprising" or its any other variant are intended to the bag of nonexcludability Contain, so that process, method, article or equipment including a series of elements not only include those key elements, but also including Other elements that are not explicitly listed, or further include as elements inherent to such a process, method, article, or device. In the absence of more restrictions, the key element limited by sentence "including a ...", it is not excluded that including the key element Process, method, also there are other identical element in article or equipment.
The foregoing is only a preferred embodiment of the present invention, is not intended to limit the invention, for the skill of this area For art personnel, the invention may be variously modified and varied.Within the spirit and principles of the invention, that is made any repaiies Change, equivalent substitution, improvement etc., should all be included in the protection scope of the present invention.It should be noted that:Similar label and letter exists Similar terms is represented in following attached drawing, therefore, once being defined in a certain Xiang Yi attached drawing, is then not required in subsequent attached drawing It is further defined and is explained.
The above description is merely a specific embodiment, but protection scope of the present invention is not limited thereto, any Those familiar with the art the invention discloses technical scope in, change or replacement can be readily occurred in, should all be contained Cover within protection scope of the present invention.Therefore, protection scope of the present invention answers the scope of the claims of being subject to.

Claims (10)

  1. A kind of 1. site information detection method, it is characterised in that the described method includes:
    Destination network addresses to be detected are accessed using default web applications testing tool, wherein, the web applications test work The driving engine of tool is preset browsing device engine;
    Judge whether that getting the destination network addresses corresponds to the first access result that the server of targeted website returns;
    When to be, judge that described first accesses in result with the presence or absence of default sensitive information;
    If so, then judge that there are sensitive information leakage for the targeted website.
  2. 2. according to the method described in claim 1, it is characterized in that, described first accesses result including more height as a result, described When to be, judge that described first accesses with the presence or absence of default sensitive information in result, including:
    When to be, matched rule corresponding with the default sensitive information in first database is read;
    Judge in the multiple sub- result with the presence or absence of the sub- result for meeting the matched rule;
    If so, then judge that there are the default sensitive information in the first access result;
    If it is not, then judge the default sensitive information is not present in the first access result.
  3. 3. method according to claim 1 or 2, it is characterised in that described if so, then judging that there are quick for the targeted website After feeling information leakage, the method further includes:
    Obtain described first and access corresponding content corresponding with the default sensitive information in result;
    Correspondence between the corresponding content and the destination network addresses is stored in database.
  4. 4. according to the method described in claim 3, it is characterized in that, described judge whether to get the destination network addresses pair Answer that the server of targeted website returns first access as a result, including:
    Judge whether that the server for obtaining the first corresponding targeted website of link returns first is accessed as a result, wherein, and described first It is linked as and the rhizosphere name of the destination network addresses is identical links.
  5. 5. according to the method described in claim 3, it is characterized in that, described judge whether to get the destination network addresses pair Answer that the server of targeted website returns first access as a result, including:
    Judge whether to get that the corresponding network address of other network request information corresponds to that the server of targeted website returns the One accesses as a result, wherein, and the corresponding network address of the other network request information is the rhizosphere with the destination network addresses The identical network address of name.
  6. A kind of 6. site information detection device, it is characterised in that described device include analog access module, the first judgment module, Second judgment module and the first execution module, wherein,
    The analog access module is used to access destination network addresses to be detected using default web applications testing tool, its In, the driving engine of the web applications testing tool is preset browsing device engine;
    First judgment module, which is used to judging whether to get the destination network addresses and corresponds to the server of targeted website, to be returned First returned accesses result;
    Second judgment module is used for when get that the destination network addresses correspond to the server return of targeted website the During one access result, judge that described first accesses in result with the presence or absence of default sensitive information;
    First execution module is used to when described first accesses and there is default sensitive information in result, then judge the target There are sensitive information leakage for website.
  7. 7. device according to claim 6, it is characterised in that described first, which accesses result, includes more height as a result, described Second judgment module includes regular reading unit, rule judgment unit and result determination unit, wherein,
    The rule reading unit is used for when get that the destination network addresses correspond to the server return of targeted website the One when accessing result, reads matched rule corresponding with the default sensitive information in first database;
    The rule judgment unit is used to judge in the multiple sub- result with the presence or absence of the sub- result for meeting the matched rule;
    The result determination unit is used to when there is the sub- result for meeting the matched rule in the multiple sub- result, then sentence There are the default sensitive information in the fixed first access result;
    The result determination unit is additionally operable to when the sub- result for meeting the matched rule is not present in the multiple sub- result, Then judge the default sensitive information is not present in the first access result.
  8. 8. device according to claim 6, it is characterised in that described device further includes content obtaining module and storage is held Row module, wherein,
    The content obtaining module be used to obtaining described first access in result with the default sensitive information it is corresponding it is corresponding in Hold;
    The storage execution module is used to the correspondence between the corresponding content and the destination network addresses being stored in Database.
  9. 9. a kind of electronic equipment, it is characterised in that the electronic equipment includes memory and processor, and the memory storage has Computer instruction, when the computer instruction is read and performed by the processor, the processor is performed right such as will Seek the method described in any claim in 1-5.
  10. A kind of 10. storage medium, it is characterised in that computer instruction is stored with the storage medium, wherein, the computer Instruct the method performed when being read and running as described in any claim in claim 1-5.
CN201711107083.4A 2017-11-10 2017-11-10 Website information detection method and device, electronic equipment and storage medium Active CN107908959B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711107083.4A CN107908959B (en) 2017-11-10 2017-11-10 Website information detection method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711107083.4A CN107908959B (en) 2017-11-10 2017-11-10 Website information detection method and device, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN107908959A true CN107908959A (en) 2018-04-13
CN107908959B CN107908959B (en) 2020-02-14

Family

ID=61844988

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711107083.4A Active CN107908959B (en) 2017-11-10 2017-11-10 Website information detection method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN107908959B (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109327436A (en) * 2018-09-27 2019-02-12 中国平安人寿保险股份有限公司 Safety detecting method, device, computer equipment and storage medium
CN109800378A (en) * 2019-01-23 2019-05-24 北京字节跳动网络技术有限公司 Content processing method, device and electronic equipment based on custom browser
WO2020000747A1 (en) * 2018-06-27 2020-01-02 平安科技(深圳)有限公司 Anti-crawler method and terminal and computer readable storage medium
CN110719274A (en) * 2019-09-29 2020-01-21 武汉极意网络科技有限公司 Network security control method, device, equipment and storage medium
CN111723400A (en) * 2020-06-16 2020-09-29 杭州安恒信息技术股份有限公司 JS sensitive information leakage detection method, device, equipment and medium
CN111753149A (en) * 2020-06-28 2020-10-09 深圳前海微众银行股份有限公司 Sensitive information detection method, device, equipment and storage medium
CN112000984A (en) * 2020-08-24 2020-11-27 杭州安恒信息技术股份有限公司 Data leakage detection method, device, equipment and readable storage medium
CN112653674A (en) * 2020-12-10 2021-04-13 网神信息技术(北京)股份有限公司 Interface security detection method and device, electronic equipment and storage medium
CN112671849A (en) * 2020-12-08 2021-04-16 北京健康之家科技有限公司 Sensitive data processing method and device based on real-time flow analysis
CN114006776A (en) * 2021-12-31 2022-02-01 北京微步在线科技有限公司 Sensitive information leakage detection method and device
WO2022143145A1 (en) * 2021-01-04 2022-07-07 北京沃东天骏信息技术有限公司 Over-permission loophole detection method and apparatus
CN111753149B (en) * 2020-06-28 2024-05-31 深圳前海微众银行股份有限公司 Sensitive information detection method, device, equipment and storage medium

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101242279A (en) * 2008-03-07 2008-08-13 北京邮电大学 Automatic penetration testing system and method for WEB system
CN101799855A (en) * 2010-03-12 2010-08-11 北京大学 Simulated webpage Trojan detecting method based on ActiveX component
CN101808093A (en) * 2010-03-15 2010-08-18 北京安天电子设备有限公司 System and method for automatically detecting WEB security
CN102880830A (en) * 2011-07-15 2013-01-16 华为软件技术有限公司 Acquisition method and device of original test data
CN103699480A (en) * 2013-11-29 2014-04-02 杭州安恒信息技术有限公司 WEB dynamic security flaw detection method based on JAVA
CN103942497A (en) * 2013-09-11 2014-07-23 杭州安恒信息技术有限公司 Forensics type website vulnerability scanning method and system
CN104200166A (en) * 2014-08-05 2014-12-10 杭州安恒信息技术有限公司 Script-based website vulnerability scanning method and system
CN106326734A (en) * 2015-06-30 2017-01-11 阿里巴巴集团控股有限公司 Method and device for detecting sensitive information
CN106789877A (en) * 2016-11-15 2017-05-31 杭州安恒信息技术有限公司 A kind of validating vulnerability system based on sandbox
CN106845248A (en) * 2017-01-18 2017-06-13 北京工业大学 A kind of XSS leak detection methods based on state transition graph

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101242279A (en) * 2008-03-07 2008-08-13 北京邮电大学 Automatic penetration testing system and method for WEB system
CN101799855A (en) * 2010-03-12 2010-08-11 北京大学 Simulated webpage Trojan detecting method based on ActiveX component
CN101808093A (en) * 2010-03-15 2010-08-18 北京安天电子设备有限公司 System and method for automatically detecting WEB security
CN102880830A (en) * 2011-07-15 2013-01-16 华为软件技术有限公司 Acquisition method and device of original test data
CN103942497A (en) * 2013-09-11 2014-07-23 杭州安恒信息技术有限公司 Forensics type website vulnerability scanning method and system
CN103699480A (en) * 2013-11-29 2014-04-02 杭州安恒信息技术有限公司 WEB dynamic security flaw detection method based on JAVA
CN104200166A (en) * 2014-08-05 2014-12-10 杭州安恒信息技术有限公司 Script-based website vulnerability scanning method and system
CN106326734A (en) * 2015-06-30 2017-01-11 阿里巴巴集团控股有限公司 Method and device for detecting sensitive information
CN106789877A (en) * 2016-11-15 2017-05-31 杭州安恒信息技术有限公司 A kind of validating vulnerability system based on sandbox
CN106845248A (en) * 2017-01-18 2017-06-13 北京工业大学 A kind of XSS leak detection methods based on state transition graph

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020000747A1 (en) * 2018-06-27 2020-01-02 平安科技(深圳)有限公司 Anti-crawler method and terminal and computer readable storage medium
CN109327436A (en) * 2018-09-27 2019-02-12 中国平安人寿保险股份有限公司 Safety detecting method, device, computer equipment and storage medium
CN109800378A (en) * 2019-01-23 2019-05-24 北京字节跳动网络技术有限公司 Content processing method, device and electronic equipment based on custom browser
CN110719274B (en) * 2019-09-29 2022-10-04 武汉极意网络科技有限公司 Network security control method, device, equipment and storage medium
CN110719274A (en) * 2019-09-29 2020-01-21 武汉极意网络科技有限公司 Network security control method, device, equipment and storage medium
CN111723400A (en) * 2020-06-16 2020-09-29 杭州安恒信息技术股份有限公司 JS sensitive information leakage detection method, device, equipment and medium
CN111753149A (en) * 2020-06-28 2020-10-09 深圳前海微众银行股份有限公司 Sensitive information detection method, device, equipment and storage medium
CN111753149B (en) * 2020-06-28 2024-05-31 深圳前海微众银行股份有限公司 Sensitive information detection method, device, equipment and storage medium
CN112000984A (en) * 2020-08-24 2020-11-27 杭州安恒信息技术股份有限公司 Data leakage detection method, device, equipment and readable storage medium
CN112671849A (en) * 2020-12-08 2021-04-16 北京健康之家科技有限公司 Sensitive data processing method and device based on real-time flow analysis
CN112653674B (en) * 2020-12-10 2023-01-10 奇安信网神信息技术(北京)股份有限公司 Interface security detection method and device, electronic equipment and storage medium
CN112653674A (en) * 2020-12-10 2021-04-13 网神信息技术(北京)股份有限公司 Interface security detection method and device, electronic equipment and storage medium
WO2022143145A1 (en) * 2021-01-04 2022-07-07 北京沃东天骏信息技术有限公司 Over-permission loophole detection method and apparatus
CN114006776A (en) * 2021-12-31 2022-02-01 北京微步在线科技有限公司 Sensitive information leakage detection method and device
CN114006776B (en) * 2021-12-31 2022-03-18 北京微步在线科技有限公司 Sensitive information leakage detection method and device

Also Published As

Publication number Publication date
CN107908959B (en) 2020-02-14

Similar Documents

Publication Publication Date Title
CN107908959A (en) Site information detection method, device, electronic equipment and storage medium
US10445377B2 (en) Automatically generating a website specific to an industry
CN107729475B (en) Webpage element acquisition method, device, terminal and computer-readable storage medium
CN107220094A (en) Page loading method and device and electronic equipment
US20160140626A1 (en) Web page advertisement configuration and optimization with visual editor and automatic website and webpage analysis
CN102930057A (en) Search implementation method and device
CN102930058A (en) Method and device for realizing search in address field of browser
CN106909694A (en) Tag along sort data capture method and device
CN105868096A (en) Methods and apparatuses used for displaying web page test result in browser and device
CN105282096A (en) XSS vulnerability detection method and device
CN107294918B (en) Phishing webpage detection method and device
CN109033282A (en) A kind of Web page text extracting method and device based on extraction template
CN108763274A (en) Recognition methods, device, electronic equipment and the storage medium of access request
CN107016282A (en) A kind of information processing method and device
CN107003923A (en) The website statistics data that browser is provided
CN116015842A (en) Network attack detection method based on user access behaviors
CN107016043A (en) A kind of information processing method and device
CN114356747A (en) Display content testing method, device, equipment, storage medium and program product
CN110647504B (en) Method and device for searching judicial documents
CN104268246B (en) Generation accesses the method and access method and device of internet sites command script
CN103581321B (en) A kind of creation method of refer chains, device and safety detection method and client
CN111125704B (en) Webpage Trojan horse recognition method and system
CN111813816B (en) Data processing method, device, computer readable storage medium and computer equipment
CN104636420B (en) System and method for hyperlink data to be presented
WO2014194440A1 (en) Method and system for providing content with user interface

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: Room 311501, Unit 1, Building 5, Courtyard 1, Futong East Street, Chaoyang District, Beijing

Applicant after: Beijing Zhichuangyu Information Technology Co., Ltd.

Address before: Room 803, Jinwei Building, 55 Lanindichang South Road, Haidian District, Beijing

Applicant before: Beijing Knows Chuangyu Information Technology Co.,Ltd.

GR01 Patent grant
GR01 Patent grant