CN102789502A - Method and device for scanning website - Google Patents
Method and device for scanning website Download PDFInfo
- Publication number
- CN102789502A CN102789502A CN201210248401XA CN201210248401A CN102789502A CN 102789502 A CN102789502 A CN 102789502A CN 201210248401X A CN201210248401X A CN 201210248401XA CN 201210248401 A CN201210248401 A CN 201210248401A CN 102789502 A CN102789502 A CN 102789502A
- Authority
- CN
- China
- Prior art keywords
- rank
- url
- scanning
- level
- scanned
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 39
- 239000004606 Fillers/Extenders Substances 0.000 claims description 3
- 230000035945 sensitivity Effects 0.000 claims description 2
- 238000005457 optimization Methods 0.000 abstract description 4
- 230000009286 beneficial effect Effects 0.000 abstract 1
- 238000001514 detection method Methods 0.000 description 8
- 238000002347 injection Methods 0.000 description 6
- 239000007924 injection Substances 0.000 description 6
- 238000010586 diagram Methods 0.000 description 2
- 241000270322 Lepidosauria Species 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000000243 solution Substances 0.000 description 1
- 238000010998 test method Methods 0.000 description 1
Images
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a method and a device for scanning a website, which are used for scanning the website according to the level of a URL (Uniform Resource Locator), wherein a corresponding scanning engine and a corresponding rule base for scanning are preset for each level. The method comprises the following steps of: determining the level of the URL to be scanned; calling the scanning engine corresponding to the determined level, so that the called scanning engine utilizes the rule base corresponding to the level to scan the URL; and acquiring a scanning result of the called scanning engine and determining the security of the website according to the scanning result. According to the invention, by distinguishing the levels of the URLs, presetting the corresponding rule bases and calling the scanning engine to scan the website by utilizing the rule base corresponding to the level of the URL to be scanned, the accuracy of scanning the vulnerability can be improved, the scanning speed can be quickened and the aim of accurately and rapidly scanning is fulfilled; and the method and the device are beneficial to parallel execution of tasks and optimization treatment on the resource utilization.
Description
Technical field
The present invention relates to the web portal security field, particularly, relate to a kind of scan method and device of website.
Background technology
At present, proposed technology that the website is scanned, for example, can scan URL (Uniform Resource Locator abbreviates URL as).
In common scanning technique, scanning engine need scan the many aspects of website, and adopts unified rule base to confirm whether the website exists leak.
But; Because the content that comprises in the rule base that adopts during scanning a lot (need wherein comprise a large amount of types complicated information and matched rule), therefore, it is very long to scan the shared time; Efficient is low; And because the rule in the rule base is all enumerated together, so accuracy rate is also lower, erroneous judgement appears easily.
Problem to low, the easy appearance erroneous judgement of web site scan efficient in the correlation technique does not propose effective solution at present as yet.
Summary of the invention
Problem to low, the easy appearance erroneous judgement of web site scan efficient in the correlation technique; The present invention proposes a kind of scan method and device of website; Can distinguish rank to the URL (URL) of website; Corresponding rule base is set in advance, calls the scanning engine utilization rule base corresponding URL is scanned with this rank.
Technical scheme of the present invention is achieved in that
According to an aspect of the present invention; A kind of scan method of website is provided; Be used for the website being scanned, wherein, be provided with corresponding scanning engine and the rule base that is used to scan in advance for each rank according to the rank of the uniform resource position mark URL of said website.
Scan method according to the website of the embodiment of the invention comprises:
Confirm the rank of URL to be scanned;
Call and the corresponding scanning engine of confirming of rank, so that URL is scanned by the invoked scanning engine utilization rule base corresponding with this rank;
Obtain the scanning result of invoked scanning engine, confirm the security of website according to scanning result.
Wherein, confirm that the rank of URL to be scanned comprises: the field to URL to be scanned is resolved, and obtains the field that URL comprises, and confirms the rank that needs that URL comprises scan according to field.
And call with the corresponding scanning engine of confirming of rank and comprise: according to by the determined rank of extracting of field, call and the pairing scanning engine of this rank, each invoked scanning engine is directed against appropriate level and scans.
Alternatively, for confirming of rank, process is following:
If URL comprises field host, then confirm and to carry out other scanning of server level to URL;
If URL comprises field port, then confirm and to carry out other scanning of port level to URL;
If URL comprises field directory, then confirm to carry out the scanning of directory level to URL;
If URL comprises field file, then confirm to carry out the scanning of file-level to URL;
If URL comprises field parameter, then confirm and to carry out other scanning of parametric degree to URL;
If URL comprises field form, then confirm and to carry out other scanning of list level to URL;
If URL comprises field text, then confirm and to carry out other scanning of text level to URL.
In addition, comprise the mode of this rank being carried out vulnerability scanning in the rule base of each rank correspondence.
Alternatively, the rank of URL comprise following one of at least: server rank, port rank, directory level, file-level, parameter rank, list rank, text rank.
Preferably, for different stage, the mode that scans is following:
For the server rank, the mode that scans comprise following one of at least: detect server and whether launched dangerous approach, whether existed unsafe third party to use, whether have unsafe server extender, whether shielded by search engine;
For the port rank, the mode that scans comprise following one of at least: the risk and the sensitivity that detect the port of launching;
For directory level, the mode that scans comprise following one of at least: detect and whether exist responsive catalogue, scanning backup directory, scanning directory whether to have sensitive document, detect and whether have irrational directory permission setting, detect catalogue and whether have CGI(Common gateway interface) CGI leak;
For file-level, the mode that scans comprise following one of at least: detect whether there is backup file;
For the parameter rank, the mode that scans comprise following one of at least: whether have malicious script in the detected parameters, whether have error code, whether have malice URL redirect;
For the list rank, the mode that scans comprise following one of at least: detect list and whether have malicious script, whether have error code, whether have malice URL redirect;
For the text rank, the mode that scans comprise following one of at least: detect text and whether exist source code to leak, detect and whether have sensitive content, detect and whether exist local path to leak.
According to a further aspect in the invention; A kind of scanister of website is provided; The rank that is used for the uniform resource position mark URL of website scans the website, and scanister comprises a plurality of rule bases, a plurality of scanning engine, determination module, calling module, judge module.
In this device, determination module is used for confirming the rank of URL to be scanned; Calling module is used to call the corresponding scanning engine of confirming with determination module of rank; For each scanning engine in a plurality of scanning engines, corresponding at least one rank of URL, and each scanning engine is used under the calling of calling module, according to the rule base of this scanning engine institute corresponding level this rank scanned; Each rule base comprises the mode that this rank is scanned corresponding to the rank of URL in a plurality of rule bases; Judge module is used for confirming according to the scanning result of invoked scanning engine the security of website.
Wherein, determination module is used for the field of URL to be scanned is resolved, and obtains the field that URL comprises, and confirms the rank that needs that URL comprises scan according to field.
In addition, calling module is used for calling and the pairing scanning engine of this rank according to by the determined rank of extracting of field, and each invoked scanning engine scans to appropriate level.
In addition, alternatively, the rank of URL comprise following one of at least:
Server rank, port rank, directory level, file-level, parameter rank, list rank, text rank.
The present invention distinguishes rank through the URL to the website; Corresponding rule base is set in advance, calls the scanning engine utilization rule base corresponding URL is scanned, because each URL possesses the rank that need scan after the classification with this rank; So the pairing rule base of the rank that need not to scan just need not to use; And when the rank that needs are scanned scanned, the rule base that need not to use can not produce ongoing scanning yet and disturb, and having reduced needs matching rules quantity when scanning; Thereby can improve the accuracy of scanning leak and add fast scan speed; Reach purpose accurate, that scan fast, and help the executed in parallel of task, the utilization of optimization process resource.
Description of drawings
In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art; To do to introduce simply to the accompanying drawing of required use among the embodiment below; Obviously, the accompanying drawing in describing below only is some embodiments of the present invention, for those of ordinary skills; Under the prerequisite of not paying creative work, can also obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is the process flow diagram according to the scan method of the website of the embodiment of the invention;
Fig. 2 is the block diagram according to the scanister of the website of the embodiment of the invention.
Embodiment
To combine the accompanying drawing in the embodiment of the invention below, the technical scheme in the embodiment of the invention is carried out clear, intactly description, obviously, described embodiment only is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, the every other embodiment that those of ordinary skills obtained belongs to the scope that the present invention protects.
According to embodiments of the invention; A kind of scan method of website is provided; Be used for the website being scanned, wherein, be provided with corresponding scanning engine and the rule base that is used to scan in advance for each rank according to the rank of the uniform resource position mark URL of website.Because each URL possesses the rank that need scan after the classification; So the pairing rule base of the rank that need not to scan just need not to use; And when the rank that needs are scanned scanned, the rule base that need not to use can not produce ongoing scanning yet and disturb, and having reduced needs matching rules quantity when scanning; Thereby can improve the accuracy of scanning leak and add fast scan speed; Reach purpose accurate, that scan fast, and help the executed in parallel of task, the utilization of optimization process resource.To describe in detail below embodiments of the invention with and can reach the principle of above-mentioned effect.
As shown in Figure 1, comprise according to the scan method of the website of the embodiment of the invention:
Step S101 confirms the rank of URL to be scanned; Step S103 calls and the corresponding scanning engine of confirming of rank, so that by the invoked scanning engine utilization rule base corresponding with this rank URL is scanned;
Step S105 obtains the scanning result of invoked scanning engine, confirms the security of website according to scanning result.
And, comprise the mode of this rank being carried out vulnerability scanning in the rule base of each rank correspondence.
When confirming the rank of URL to be scanned, can resolve the field of URL to be scanned, obtain the field that URL comprises, confirm the rank that needs that URL comprises scan according to field.Therefore, a URL possibly possess the rank that a plurality of needs scan.
Afterwards, just can call and the pairing scanning engine of this rank according to by the determined rank of extracting of field, each invoked scanning engine scans to appropriate level.
Alternatively, the rank of URL comprise following one of at least: server rank, port rank, directory level, file-level, parameter rank, list rank, text rank.Among the cited embodiment hereinafter, the corresponding rule base of each rank and a scanning engine, but in fact, each scanning engine and rule can also can corresponding a plurality of ranks.
Address with the URL form is an example: the host of " http: " " // " [": " port] path [parameters] ["? " Query]
Definite method for host (server) rank is: host part in the URL form promptly is divided into host (server);
Definite method for port (port) rank is: port part in the URL form promptly is divided into port (port);
Is definite method for directory (catalogue) rank is: the catalogue part in the URL form in the path part promptly divided into directory (catalogue), like http://webscan.360.cn/manager/file.php? Among the a=1/manager/ is directory level;
Definite method for file (file) rank is: the file part in the path part in the URL form promptly is divided into file (file); For example, with http://webscan.360.cn/manager/file.php? File.php confirms as and is file-level among the a=1;
Definite method for parameter (parameter) rank is: parameters part in the URL form promptly is divided into parameter (parameter);
Definite method for form (list) rank is: query part in the URL form promptly is divided into form (list);
Definite method for text (text) rank is: the complete URL part in the URL form all can be divided into text (text).
Carry out the process such as the following steps a-d of vulnerability scanning for the typing rule in service regeulations storehouse (vulnerability database):
(a) rank of analyzing and confirming to belong to:
If detect the leak of server, then be included into host (server) rank;
If the leak of detection port then is included into port (port) rank;
If detect the leak of catalogue, then be included into directory (catalogue) rank;
If detect the leak of file, then be included into file (file) rank;
If the leak of detected parameters then is included into parameter (parameter) rank;
If detect the leak of list, then be included into form (list) rank;
If detect the leak of text, then be included into text (text) rank.
(b) analyze for other leak of every kind of level, concrete leak method of testing and judgment rule (that is, corresponding to each level other rule base content) as follows:
To the server rank, then detect server whether launched dangerous approach, whether exist unsafe third party use, whether exist unsafe server extender, whether by the search engine shielding etc.;
To the port rank, then detect whether to have started and have excessive risk very, responsive port;
To directory level, then detect whether have responsive catalogue, backup directory, sensitive document, irrational directory permission setting, general CGI leak (sql of third party APP injects and cross-site scripting attack leak, sensitive content leak) etc.;
To file-level, then detect whether there is backup file etc.;
To the parameter rank, then detect whether have that cross-site scripting attack, sql injections, xpath injection, the blind injection of sql, any file of operating system read or carry out, any URL redirect etc.;
To the list rank, then detect whether have that cross-site scripting attack, sql injections, xpath injection, the blind injection of sql, any file of operating system read or carry out, any URL redirect etc.;
To the text rank, then detect whether have source code leakage, sensitive content, local path leakage etc.
(c) write the leak rule, and specify the affiliated rank of leak.
(d) save as vulnerability database.
For example, the step such as the following steps (A)-(I) of the execution of vulnerability scanning engine:
(A) reptile is found URL;
(B) resolve URL, extract host, port, directory, file, parameter, form, text part among the URL, save as host_1, port_1, directory_1, file_1, parameter_1, form_1, text_1 respectively
(C) scanning sequence obtains host_1, if for empty (this URL address need not to carry out other scanning of server level) or to this rank completion scanning, then skip; Otherwise start host (server) testing engine, load other vulnerability database of host (server) level (that is, above-mentioned corresponding to other rule base of server level), this server is carried out detailed Hole Detection;
(D) scanning sequence obtains port_1, if be that empty perhaps this rank the completion scanned, then skips; Otherwise start port (port) testing engine, load other vulnerability database of port (port) level, this port is carried out detailed Hole Detection;
(E) scanning sequence obtains directory_1, if be that empty perhaps this rank the completion scanned, then skips; Otherwise start directory (catalogue) testing engine, load other vulnerability database of directory (catalogue) level, this catalogue is carried out detailed Hole Detection;
(F) scanning sequence obtains file_1, if be that empty perhaps this rank the completion scanned, then skips; Otherwise start file (file) testing engine, load other vulnerability database of file (file) level, this document is carried out detailed Hole Detection;
(G) scanning sequence obtains parameter_1, if be that empty perhaps this rank the completion scanned, then skips; Otherwise start parameter (parameter) testing engine, load other vulnerability database of parameter (parameter) level, this parameter is carried out detailed Hole Detection;
(H) scanning sequence obtains form_1, if be that empty perhaps this rank the completion scanned, then skips; Otherwise start form (list) testing engine, load other vulnerability database of form (list) level, this list is carried out detailed Hole Detection;
(I) scanning sequence obtains text_1, if be that empty perhaps this rank the completion scanned, then skips; Otherwise start text (text) testing engine, load other vulnerability database of text (text) level, the text is carried out detailed Hole Detection;
Can find out that through above description a URL need not to carry out all other scannings of level probably, therefore, also just need not to mate, so can improve accuracy and saving speed with all other rule bases of level.
In addition, for each vulnerability database sweep limit, be described below:
Host (server): all leaks relevant with server are all returned this type of, do not limit operating system and WEB server;
Port (port): all leaks relevant with port all are included into this type of;
Directory (catalogue): the leak of influential catalogue all be included into this type of;
File (file): the leak of influential file all be included into this type of;
Parameter (parameter): the leak of influential parameter all be included into this type of;
Form (list): the leak of influential list all be included into this type of;
Text (text): the leak of influential text all be included into this type of.
According to embodiments of the invention, a kind of scanister of website also is provided, be used for the website being scanned according to the rank of URL.
As shown in Figure 2; Comprise that according to the scanister of the embodiment of the invention a plurality of rule bases are (from purpose clearly; 2 rule bases have been shown among Fig. 2, and in fact, the quantity of rule base can be decided according to other quantity of level) 21, a plurality of scanning engine 22, determination module 23, calling module 24 and judge module 25; Wherein
Determination module 23 is used for confirming the rank of URL to be scanned;
Calling module 24 is used to call the corresponding scanning engine of confirming with determination module 23 of rank;
For each scanning engine in a plurality of scanning engines 22, corresponding at least one rank of URL, and each scanning engine is used under the calling of calling module 24, according to the rule base of this scanning engine institute corresponding level this rank scanned;
Each rule base comprises the mode that this rank is scanned corresponding at least one rank of URL in a plurality of rule bases 21;
25 securities that are used for confirming the website of judge module according to the scanning result of invoked scanning engine 22.
Wherein, determination module 23 is used for the field of URL to be scanned is resolved, and obtains the field that URL comprises, and confirms the rank that needs that URL comprises scan according to field.
And calling module 24 can be used for calling and the pairing scanning engine of this rank according to by the determined rank of extracting of field, and each invoked scanning engine scans to appropriate level.
Alternatively, the rank of URL comprise following one of at least: server rank, port rank, directory level, file-level, parameter rank, list rank, text rank.
The rule that is comprised in the mode that each scanning engine scans and each rule base illustrates in method embodiment before, no longer repeats here.
In sum, by means of technique scheme of the present invention, the present invention is through distinguishing rank to URL; Corresponding rule base is set in advance, calls the scanning engine utilization rule base corresponding the website is scanned, because each URL possesses the rank that need scan after the classification with this rank; So the pairing rule base of the rank that need not to scan just need not to use; And when the rank that needs are scanned scanned, the rule base that need not to use can not produce ongoing scanning yet and disturb, and having reduced needs matching rules quantity when scanning; Thereby can improve the accuracy of scanning leak and add fast scan speed; Reach purpose accurate, that scan fast, and help the executed in parallel of task, the utilization of optimization process resource.
The above is merely preferred embodiment of the present invention, and is in order to restriction the present invention, not all within spirit of the present invention and principle, any modification of being done, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (11)
1. the scan method of a website; It is characterized in that, be used for said website being scanned, wherein according to the rank of the uniform resource position mark URL of said website; Be provided with corresponding scanning engine and the rule base that is used to scan in advance for each rank, said scan method comprises:
Confirm the rank of URL to be scanned;
Call and the corresponding scanning engine of confirming of said rank, so that said URL is scanned by the invoked said scanning engine utilization rule base corresponding with this rank;
Obtain the scanning result of said invoked scanning engine, confirm the security of said website according to scanning result.
2. scan method according to claim 1 is characterized in that, confirms that the rank of URL to be scanned comprises:
Field to said URL to be scanned is resolved, and obtains the field that said URL comprises, and confirms the rank that needs that said URL comprises scan according to said field.
3. scan method according to claim 2 is characterized in that, calls with the corresponding scanning engine of confirming of said rank to comprise:
According to by the determined rank of extracting of said field, call and the pairing scanning engine of this rank, each invoked scanning engine scans to appropriate level.
4. scan method according to claim 2 is characterized in that,
If said URL comprises field host, then confirm and to carry out other scanning of server level to said URL;
If said URL comprises field port, then confirm and to carry out other scanning of port level to said URL;
If said URL comprises field directory, then confirm to carry out the scanning of directory level to said URL;
If said URL comprises field file, then confirm to carry out the scanning of file-level to said URL;
If said URL comprises field parameter, then confirm and to carry out other scanning of parametric degree to said URL;
If said URL comprises field form, then confirm and to carry out other scanning of list level to said URL;
If said URL comprises field text, then confirm and to carry out other scanning of text level to said URL.
5. scan method according to claim 1 is characterized in that, comprises the mode of this rank being carried out vulnerability scanning in the rule base of each rank correspondence.
6. according to each described scan method among the claim 1-5, it is characterized in that, the rank of URL comprise following one of at least:
Server rank, port rank, directory level, file-level, parameter rank, list rank, text rank.
7. scan method according to claim 6 is characterized in that,
For the server rank, the mode that scans comprise following one of at least: detect server and whether launched dangerous approach, whether existed unsafe third party to use, whether have unsafe server extender, whether shielded by search engine;
For the port rank, the mode that scans comprise following one of at least: the risk and the sensitivity that detect the port of launching;
For directory level, the mode that scans comprise following one of at least: detect and whether exist responsive catalogue, scanning backup directory, scanning directory whether to have sensitive document, detect and whether have irrational directory permission setting, detect catalogue and whether have CGI(Common gateway interface) CGI leak;
For file-level, the mode that scans comprise following one of at least: detect whether there is backup file;
For the parameter rank, the mode that scans comprise following one of at least: whether have malicious script in the detected parameters, whether have error code, whether have malice URL redirect;
For the list rank, the mode that scans comprise following one of at least: detect list and whether have malicious script, whether have error code, whether have malice URL redirect;
For the text rank, the mode that scans comprise following one of at least: detect text and whether exist source code to leak, detect and whether have sensitive content, detect and whether exist local path to leak.
8. the scanister of a website; It is characterized in that the rank that is used for the uniform resource position mark URL of said website scans said website, said scanister comprises a plurality of rule bases, a plurality of scanning engine, determination module, calling module, judge module; Wherein
Said determination module is used for confirming the rank of URL to be scanned;
Said calling module is used to call the corresponding scanning engine of confirming with said determination module of said rank;
For each scanning engine in said a plurality of scanning engines, corresponding at least one rank of URL, and each scanning engine is used under the calling of said calling module, according to the rule base of this scanning engine institute corresponding level this rank scanned;
Each rule base comprises the mode that this rank is scanned corresponding at least one rank of URL in said a plurality of rule base;
Said judge module is used for confirming according to the scanning result of said invoked scanning engine the security of said website.
9. scanister according to claim 8; It is characterized in that; Said determination module is used for the field of said URL to be scanned is resolved, and obtains the field that said URL comprises, and confirms the rank that needs that said URL comprises scan according to said field.
10. scan method according to claim 7; It is characterized in that; Said calling module is used for calling and the pairing scanning engine of this rank according to by the determined rank of extracting of said field, and each invoked scanning engine scans to appropriate level.
11. each described scanister is characterized in that according to Claim 8-10, the rank of URL comprise following one of at least:
Server rank, port rank, directory level, file-level, parameter rank, list rank, text rank.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210248401.XA CN102789502B (en) | 2012-07-17 | 2012-07-17 | Method and device for scanning website |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210248401.XA CN102789502B (en) | 2012-07-17 | 2012-07-17 | Method and device for scanning website |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102789502A true CN102789502A (en) | 2012-11-21 |
| CN102789502B CN102789502B (en) | 2015-02-18 |
Family
ID=47154905
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210248401.XA Active CN102789502B (en) | 2012-07-17 | 2012-07-17 | Method and device for scanning website |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102789502B (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103581193A (en) * | 2013-11-08 | 2014-02-12 | 星云融创(北京)信息技术有限公司 | Website vulnerability scanning method, device and system |
| CN103685228A (en) * | 2013-10-12 | 2014-03-26 | 北京奇虎科技有限公司 | Website vulnerability rapid scanning method and device |
| CN103701815A (en) * | 2013-12-27 | 2014-04-02 | 北京神州绿盟信息安全科技股份有限公司 | Webpage scanning processing method, device and client |
| CN103914479A (en) * | 2013-01-06 | 2014-07-09 | 北京金山安全软件有限公司 | Resource request matching method and device |
| CN104426850A (en) * | 2013-08-23 | 2015-03-18 | 南京理工大学常熟研究院有限公司 | Vulnerability detection method based on plug-in |
| CN106302515A (en) * | 2016-09-08 | 2017-01-04 | 杭州迪普科技有限公司 | A kind of method and apparatus of web portal security protection |
| CN106528556A (en) * | 2015-09-10 | 2017-03-22 | 北京国双科技有限公司 | Analysis method and device for website access data |
| CN107046527A (en) * | 2016-12-29 | 2017-08-15 | 北京奇虎科技有限公司 | WEB vulnerability scannings method, apparatus and system |
| CN107526630A (en) * | 2017-07-31 | 2017-12-29 | 杭州安恒信息技术有限公司 | A kind of method for solving Distributed engine communication |
| CN107885995A (en) * | 2017-10-09 | 2018-04-06 | 阿里巴巴集团控股有限公司 | The security sweep method, apparatus and electronic equipment of small routine |
| CN108449355A (en) * | 2018-04-04 | 2018-08-24 | 上海有云信息技术有限公司 | A kind of vulnerability scanning method and system |
| CN109154966A (en) * | 2016-06-23 | 2019-01-04 | 国际商业机器公司 | Pregnable application program detection |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109727050A (en) * | 2017-10-31 | 2019-05-07 | 北京国双科技有限公司 | A kind of method and system obtaining monitoring of the advertisement analysis data |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040250115A1 (en) * | 2003-04-21 | 2004-12-09 | Trend Micro Incorporated. | Self-contained mechanism for deploying and controlling data security services via a web browser platform |
| CN1558605A (en) * | 2004-01-19 | 2004-12-29 | 上海交通大学 | Method for realizing loophole scanning |
| CN101242279A (en) * | 2008-03-07 | 2008-08-13 | 北京邮电大学 | Automatic penetration testing system and method for WEB system |
-
2012
- 2012-07-17 CN CN201210248401.XA patent/CN102789502B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040250115A1 (en) * | 2003-04-21 | 2004-12-09 | Trend Micro Incorporated. | Self-contained mechanism for deploying and controlling data security services via a web browser platform |
| CN1558605A (en) * | 2004-01-19 | 2004-12-29 | 上海交通大学 | Method for realizing loophole scanning |
| CN101242279A (en) * | 2008-03-07 | 2008-08-13 | 北京邮电大学 | Automatic penetration testing system and method for WEB system |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103914479B (en) * | 2013-01-06 | 2017-12-01 | 北京金山安全软件有限公司 | Resource request matching method and device |
| CN103914479A (en) * | 2013-01-06 | 2014-07-09 | 北京金山安全软件有限公司 | Resource request matching method and device |
| CN104426850A (en) * | 2013-08-23 | 2015-03-18 | 南京理工大学常熟研究院有限公司 | Vulnerability detection method based on plug-in |
| CN103685228A (en) * | 2013-10-12 | 2014-03-26 | 北京奇虎科技有限公司 | Website vulnerability rapid scanning method and device |
| CN103685228B (en) * | 2013-10-12 | 2017-05-17 | 北京奇安信科技有限公司 | Website vulnerability rapid scanning method and device |
| CN103581193A (en) * | 2013-11-08 | 2014-02-12 | 星云融创(北京)信息技术有限公司 | Website vulnerability scanning method, device and system |
| CN103701815A (en) * | 2013-12-27 | 2014-04-02 | 北京神州绿盟信息安全科技股份有限公司 | Webpage scanning processing method, device and client |
| CN106528556A (en) * | 2015-09-10 | 2017-03-22 | 北京国双科技有限公司 | Analysis method and device for website access data |
| CN106528556B (en) * | 2015-09-10 | 2019-07-30 | 北京国双科技有限公司 | The analysis method and device of website visitation data |
| CN109154966A (en) * | 2016-06-23 | 2019-01-04 | 国际商业机器公司 | Pregnable application program detection |
| CN109154966B (en) * | 2016-06-23 | 2021-09-10 | 国际商业机器公司 | Vulnerable application detection |
| CN106302515A (en) * | 2016-09-08 | 2017-01-04 | 杭州迪普科技有限公司 | A kind of method and apparatus of web portal security protection |
| CN106302515B (en) * | 2016-09-08 | 2019-09-06 | 杭州迪普科技股份有限公司 | A kind of method and apparatus of web portal security protection |
| CN107046527A (en) * | 2016-12-29 | 2017-08-15 | 北京奇虎科技有限公司 | WEB vulnerability scannings method, apparatus and system |
| CN107046527B (en) * | 2016-12-29 | 2020-12-08 | 北京奇虎科技有限公司 | WEB vulnerability scanning method, device and system |
| CN107526630A (en) * | 2017-07-31 | 2017-12-29 | 杭州安恒信息技术有限公司 | A kind of method for solving Distributed engine communication |
| CN107885995A (en) * | 2017-10-09 | 2018-04-06 | 阿里巴巴集团控股有限公司 | The security sweep method, apparatus and electronic equipment of small routine |
| US10846402B2 (en) | 2017-10-09 | 2020-11-24 | Advanced New Technologies Co., Ltd. | Security scanning method and apparatus for mini program, and electronic device |
| CN108449355A (en) * | 2018-04-04 | 2018-08-24 | 上海有云信息技术有限公司 | A kind of vulnerability scanning method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102789502B (en) | 2015-02-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102789502B (en) | Method and device for scanning website | |
| US8745740B2 (en) | Apparatus and method for detecting malicious sites | |
| CN101242279B (en) | Automatic penetration testing system and method for WEB system | |
| US20100293616A1 (en) | Web Application Vulnerability Scanner | |
| CN103632100A (en) | Method and device for detecting website bugs | |
| CN104102880B (en) | A kind of application program rewrite method detecting the attack of Android privilege-escalation and system | |
| CN102739663A (en) | Detection method and scanning engine of web pages | |
| CN103023712A (en) | Method and system for monitoring malicious property of webpage | |
| US20110219454A1 (en) | Methods of identifying activex control distribution site, detecting security vulnerability in activex control and immunizing the same | |
| CN106101145A (en) | A kind of website vulnerability detection method and device | |
| CN102664876A (en) | Method and system for detecting network security | |
| US20170329962A1 (en) | Identification device, identification method, and identification program | |
| CN102999420A (en) | XSS (Cross Site Scripting) testing method and XSS testing system based on DOM (Document Object Model) | |
| CN111611590B (en) | Method and device for data security related to application program | |
| CN105046150A (en) | Method and system for preventing structured query language (SQL) implantation | |
| CN105975526A (en) | URL link validity verification method | |
| CN110472165B (en) | URL extraction method, device, equipment and computer readable storage medium | |
| CN105631312A (en) | Method and system for processing rogue programs | |
| CN105610812B (en) | Method and device for preventing webpage from being hijacked | |
| CN103793649A (en) | Method and device for cloud-based safety scanning of files | |
| CN102004882A (en) | Method and device for detecting and processing remote-thread injection type Trojan | |
| CN107360192A (en) | Improve the fingerprint identification method of vulnerability scanning efficiency and precision | |
| CN105404816A (en) | Content-based vulnerability detection method and device | |
| CN104978517B (en) | The illegal root detection methods and system of a kind of android system | |
| CN101807232A (en) | Method for detecting Java source code insecure input loophole |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20161214 Address after: 100015 Jiuxianqiao Chaoyang District Beijing Road No. 10, building 15, floor 17, layer 1701-26, 3 Patentee after: BEIJING QIANXIN TECHNOLOGY Co.,Ltd. Address before: 100088 Beijing city Xicheng District xinjiekouwai Street 28, block D room 112 (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |
|
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 100088 Building 3 332, 102, 28 Xinjiekouwai Street, Xicheng District, Beijing Patentee after: QAX Technology Group Inc. Address before: 100015 15, 17 floor 1701-26, 3 building, 10 Jiuxianqiao Road, Chaoyang District, Beijing. Patentee before: BEIJING QIANXIN TECHNOLOGY Co.,Ltd. |