CN103200230A - 基于可移动代理的漏洞扫描方法 - Google Patents
基于可移动代理的漏洞扫描方法 Download PDFInfo
- Publication number
- CN103200230A CN103200230A CN2013100647286A CN201310064728A CN103200230A CN 103200230 A CN103200230 A CN 103200230A CN 2013100647286 A CN2013100647286 A CN 2013100647286A CN 201310064728 A CN201310064728 A CN 201310064728A CN 103200230 A CN103200230 A CN 103200230A
- Authority
- CN
- China
- Prior art keywords
- module
- scanning
- vulnerability
- agent
- agent module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
Description
Length | Source Name | Destination Name | Type | Sub Type | Option |
Source Name | Destination Name | Length | Encrypted Data |
Claims (5)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310064728.6A CN103200230B (zh) | 2013-03-01 | 2013-03-01 | 基于可移动代理的漏洞扫描方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310064728.6A CN103200230B (zh) | 2013-03-01 | 2013-03-01 | 基于可移动代理的漏洞扫描方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103200230A true CN103200230A (zh) | 2013-07-10 |
CN103200230B CN103200230B (zh) | 2016-01-06 |
Family
ID=48722585
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310064728.6A Active CN103200230B (zh) | 2013-03-01 | 2013-03-01 | 基于可移动代理的漏洞扫描方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103200230B (zh) |
Cited By (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107277063A (zh) * | 2017-08-09 | 2017-10-20 | 四川长虹电器股份有限公司 | 基于漏洞扫描精度判断测试方法 |
CN108076021A (zh) * | 2016-11-18 | 2018-05-25 | 腾讯科技(深圳)有限公司 | 业务处理方法和装置 |
US10038711B1 (en) | 2017-01-30 | 2018-07-31 | XM Ltd. | Penetration testing of a networked system |
US10068095B1 (en) | 2017-05-15 | 2018-09-04 | XM Cyber Ltd | Systems and methods for selecting a termination rule for a penetration testing campaign |
US10122750B2 (en) | 2017-01-30 | 2018-11-06 | XM Cyber Ltd | Setting-up penetration testing campaigns |
US10257220B2 (en) | 2017-01-30 | 2019-04-09 | Xm Cyber Ltd. | Verifying success of compromising a network node during penetration testing of a networked system |
US10367846B2 (en) | 2017-11-15 | 2019-07-30 | Xm Cyber Ltd. | Selectively choosing between actual-attack and simulation/evaluation for validating a vulnerability of a network node during execution of a penetration testing campaign |
US10382473B1 (en) | 2018-09-12 | 2019-08-13 | Xm Cyber Ltd. | Systems and methods for determining optimal remediation recommendations in penetration testing |
US10412112B2 (en) | 2017-08-31 | 2019-09-10 | Xm Cyber Ltd. | Time-tagged pre-defined scenarios for penetration testing |
US10440044B1 (en) | 2018-04-08 | 2019-10-08 | Xm Cyber Ltd. | Identifying communicating network nodes in the same local network |
US10447721B2 (en) | 2017-09-13 | 2019-10-15 | Xm Cyber Ltd. | Systems and methods for using multiple lateral movement strategies in penetration testing |
US10462177B1 (en) | 2019-02-06 | 2019-10-29 | Xm Cyber Ltd. | Taking privilege escalation into account in penetration testing campaigns |
US10469521B1 (en) | 2018-11-04 | 2019-11-05 | Xm Cyber Ltd. | Using information about exportable data in penetration testing |
US10534917B2 (en) | 2017-06-20 | 2020-01-14 | Xm Cyber Ltd. | Testing for risk of macro vulnerability |
US10574684B2 (en) | 2017-07-09 | 2020-02-25 | Xm Cyber Ltd. | Locally detecting phishing weakness |
US10574687B1 (en) | 2018-12-13 | 2020-02-25 | Xm Cyber Ltd. | Systems and methods for dynamic removal of agents from nodes of penetration testing systems |
US10581802B2 (en) | 2017-03-16 | 2020-03-03 | Keysight Technologies Singapore (Sales) Pte. Ltd. | Methods, systems, and computer readable media for advertising network security capabilities |
US10637883B1 (en) | 2019-07-04 | 2020-04-28 | Xm Cyber Ltd. | Systems and methods for determining optimal remediation recommendations in penetration testing |
US10686822B2 (en) | 2017-01-30 | 2020-06-16 | Xm Cyber Ltd. | Systems and methods for selecting a lateral movement strategy for a penetration testing campaign |
US10880326B1 (en) | 2019-08-01 | 2020-12-29 | Xm Cyber Ltd. | Systems and methods for determining an opportunity for node poisoning in a penetration testing campaign, based on actual network traffic |
US11005878B1 (en) | 2019-11-07 | 2021-05-11 | Xm Cyber Ltd. | Cooperation between reconnaissance agents in penetration testing campaigns |
CN113162933A (zh) * | 2021-04-23 | 2021-07-23 | 杭州安恒信息技术股份有限公司 | 一种漏洞扫描引擎的拉黑状态识别方法、装置及设备 |
US11206281B2 (en) | 2019-05-08 | 2021-12-21 | Xm Cyber Ltd. | Validating the use of user credentials in a penetration testing campaign |
US11283827B2 (en) | 2019-02-28 | 2022-03-22 | Xm Cyber Ltd. | Lateral movement strategy during penetration testing of a networked system |
US11533329B2 (en) | 2019-09-27 | 2022-12-20 | Keysight Technologies, Inc. | Methods, systems and computer readable media for threat simulation and threat mitigation recommendations |
US11575700B2 (en) | 2020-01-27 | 2023-02-07 | Xm Cyber Ltd. | Systems and methods for displaying an attack vector available to an attacker of a networked system |
US11582256B2 (en) | 2020-04-06 | 2023-02-14 | Xm Cyber Ltd. | Determining multiple ways for compromising a network node in a penetration testing campaign |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101242279A (zh) * | 2008-03-07 | 2008-08-13 | 北京邮电大学 | 用于web系统的自动化渗透性测试系统和方法 |
CN101610264A (zh) * | 2009-07-24 | 2009-12-23 | 深圳市永达电子股份有限公司 | 一种防火墙系统、安全服务平台及防火墙系统的管理方法 |
CN102684875A (zh) * | 2012-01-07 | 2012-09-19 | 河南科技大学 | 组播安全代理组件及组播加密管理方法 |
-
2013
- 2013-03-01 CN CN201310064728.6A patent/CN103200230B/zh active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101242279A (zh) * | 2008-03-07 | 2008-08-13 | 北京邮电大学 | 用于web系统的自动化渗透性测试系统和方法 |
CN101610264A (zh) * | 2009-07-24 | 2009-12-23 | 深圳市永达电子股份有限公司 | 一种防火墙系统、安全服务平台及防火墙系统的管理方法 |
CN102684875A (zh) * | 2012-01-07 | 2012-09-19 | 河南科技大学 | 组播安全代理组件及组播加密管理方法 |
Cited By (35)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108076021B (zh) * | 2016-11-18 | 2020-06-16 | 腾讯科技(深圳)有限公司 | 业务处理方法和装置 |
CN108076021A (zh) * | 2016-11-18 | 2018-05-25 | 腾讯科技(深圳)有限公司 | 业务处理方法和装置 |
US10999308B2 (en) | 2017-01-30 | 2021-05-04 | Xm Cyber Ltd. | Setting-up penetration testing campaigns |
US10122750B2 (en) | 2017-01-30 | 2018-11-06 | XM Cyber Ltd | Setting-up penetration testing campaigns |
US10257220B2 (en) | 2017-01-30 | 2019-04-09 | Xm Cyber Ltd. | Verifying success of compromising a network node during penetration testing of a networked system |
US10038711B1 (en) | 2017-01-30 | 2018-07-31 | XM Ltd. | Penetration testing of a networked system |
US10686822B2 (en) | 2017-01-30 | 2020-06-16 | Xm Cyber Ltd. | Systems and methods for selecting a lateral movement strategy for a penetration testing campaign |
US10637882B2 (en) | 2017-01-30 | 2020-04-28 | Xm Cyber Ltd. | Penetration testing of a networked system |
US10505969B2 (en) | 2017-01-30 | 2019-12-10 | Xm Cyber Ltd. | Setting-up penetration testing campaigns |
US10581802B2 (en) | 2017-03-16 | 2020-03-03 | Keysight Technologies Singapore (Sales) Pte. Ltd. | Methods, systems, and computer readable media for advertising network security capabilities |
US10068095B1 (en) | 2017-05-15 | 2018-09-04 | XM Cyber Ltd | Systems and methods for selecting a termination rule for a penetration testing campaign |
US10534917B2 (en) | 2017-06-20 | 2020-01-14 | Xm Cyber Ltd. | Testing for risk of macro vulnerability |
US10574684B2 (en) | 2017-07-09 | 2020-02-25 | Xm Cyber Ltd. | Locally detecting phishing weakness |
CN107277063B (zh) * | 2017-08-09 | 2020-09-25 | 四川长虹电器股份有限公司 | 基于漏洞扫描精度判断测试方法 |
CN107277063A (zh) * | 2017-08-09 | 2017-10-20 | 四川长虹电器股份有限公司 | 基于漏洞扫描精度判断测试方法 |
US10412112B2 (en) | 2017-08-31 | 2019-09-10 | Xm Cyber Ltd. | Time-tagged pre-defined scenarios for penetration testing |
US10447721B2 (en) | 2017-09-13 | 2019-10-15 | Xm Cyber Ltd. | Systems and methods for using multiple lateral movement strategies in penetration testing |
US11206282B2 (en) | 2017-11-15 | 2021-12-21 | Xm Cyber Ltd. | Selectively choosing between actual-attack and simulation/evaluation for validating a vulnerability of a network node during execution of a penetration testing campaign |
US10454966B2 (en) | 2017-11-15 | 2019-10-22 | Xm Cyber Ltd. | Selectively choosing between actual-attack and simulation/evaluation for validating a vulnerability of a network node during execution of a penetration testing campaign |
US10367846B2 (en) | 2017-11-15 | 2019-07-30 | Xm Cyber Ltd. | Selectively choosing between actual-attack and simulation/evaluation for validating a vulnerability of a network node during execution of a penetration testing campaign |
US10440044B1 (en) | 2018-04-08 | 2019-10-08 | Xm Cyber Ltd. | Identifying communicating network nodes in the same local network |
US10382473B1 (en) | 2018-09-12 | 2019-08-13 | Xm Cyber Ltd. | Systems and methods for determining optimal remediation recommendations in penetration testing |
US10469521B1 (en) | 2018-11-04 | 2019-11-05 | Xm Cyber Ltd. | Using information about exportable data in penetration testing |
US10574687B1 (en) | 2018-12-13 | 2020-02-25 | Xm Cyber Ltd. | Systems and methods for dynamic removal of agents from nodes of penetration testing systems |
US10462177B1 (en) | 2019-02-06 | 2019-10-29 | Xm Cyber Ltd. | Taking privilege escalation into account in penetration testing campaigns |
US11283827B2 (en) | 2019-02-28 | 2022-03-22 | Xm Cyber Ltd. | Lateral movement strategy during penetration testing of a networked system |
US11206281B2 (en) | 2019-05-08 | 2021-12-21 | Xm Cyber Ltd. | Validating the use of user credentials in a penetration testing campaign |
US10637883B1 (en) | 2019-07-04 | 2020-04-28 | Xm Cyber Ltd. | Systems and methods for determining optimal remediation recommendations in penetration testing |
US10880326B1 (en) | 2019-08-01 | 2020-12-29 | Xm Cyber Ltd. | Systems and methods for determining an opportunity for node poisoning in a penetration testing campaign, based on actual network traffic |
US11533329B2 (en) | 2019-09-27 | 2022-12-20 | Keysight Technologies, Inc. | Methods, systems and computer readable media for threat simulation and threat mitigation recommendations |
US11005878B1 (en) | 2019-11-07 | 2021-05-11 | Xm Cyber Ltd. | Cooperation between reconnaissance agents in penetration testing campaigns |
US11575700B2 (en) | 2020-01-27 | 2023-02-07 | Xm Cyber Ltd. | Systems and methods for displaying an attack vector available to an attacker of a networked system |
US11582256B2 (en) | 2020-04-06 | 2023-02-14 | Xm Cyber Ltd. | Determining multiple ways for compromising a network node in a penetration testing campaign |
CN113162933A (zh) * | 2021-04-23 | 2021-07-23 | 杭州安恒信息技术股份有限公司 | 一种漏洞扫描引擎的拉黑状态识别方法、装置及设备 |
CN113162933B (zh) * | 2021-04-23 | 2022-04-26 | 杭州安恒信息技术股份有限公司 | 一种漏洞扫描引擎的拉黑状态识别方法、装置及设备 |
Also Published As
Publication number | Publication date |
---|---|
CN103200230B (zh) | 2016-01-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103200230A (zh) | 基于可移动代理的漏洞扫描方法 | |
CN114097207B (zh) | 智能代理轮换器 | |
US8051163B2 (en) | Synthetic transactions based on system history and load | |
CN103354986B (zh) | 用于网络分析的方法和装置 | |
US7805510B2 (en) | Hierarchy for characterizing interactions with an application | |
US8656006B2 (en) | Integrating traffic monitoring data and application runtime data | |
US7603460B2 (en) | Detecting and diagnosing performance problems in a wireless network through neighbor collaboration | |
CN106603507A (zh) | 一种自动化完成网络安全自检的方法及系统 | |
CN108737417A (zh) | 一种面向工业控制系统的脆弱性检测方法 | |
CN101170455B (zh) | 异常信息自动上报方法和装置 | |
CN107154940A (zh) | 一种物联网漏洞扫描系统及扫描方法 | |
US9740991B2 (en) | Calculating in-flight metrics for non-interruptible business transactions | |
CN102082690A (zh) | 一种网络拓扑的被动发现设备及其发现方法 | |
EP2378426B1 (en) | Rule organization for efficient transaction pattern matching | |
CN103716198B (zh) | 数据网络质量自动拨测方法及系统 | |
CN103686815A (zh) | 基于话单关联分析实现用户体验故障分析的系统及方法 | |
CN106507363A (zh) | 一种发现钓鱼接入点的方法 | |
CN109450743A (zh) | 物联网平台压力测试系统、方法、装置及服务器 | |
Trammell et al. | mPlane: an intelligent measurement plane for the internet | |
CN109314653A (zh) | 用于分析与耦合到wlan的无线电相关联的预定参数集的客户端设备和方法 | |
CN110659481A (zh) | 基于代理的漏洞扫描方法 | |
CN102271331B (zh) | 一种检测业务提供商sp站点可靠性的方法及系统 | |
KR101170141B1 (ko) | 무선랜 이용 단말, 그의 트래픽 특성 수집 시스템 및 방법 | |
Allman et al. | A reactive measurement framework | |
CN102957581A (zh) | 网络接入检测系统和网络接入检测方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
CB02 | Change of applicant information |
Address after: Gaogang city in Jiangsu province Taizhou City Road 225300 No. 67 Applicant after: Nanjing University Of Science And Technology Changshu Institute Co., Ltd. Address before: The Science Park Research Institute of Jiangsu province Suzhou City Road 215513, Changshou City economic and Technological Development Zone No. 5 Applicant before: Nanjing University Of Science And Technology Changshu Institute Co., Ltd. |
|
COR | Change of bibliographic data | ||
GR01 | Patent grant | ||
C56 | Change in the name or address of the patentee | ||
CP02 | Change in the address of a patent holder |
Address after: The Science Park Research Institute of Jiangsu province Suzhou City Road 215513, Changshou City economic and Technological Development Zone No. 5 Patentee after: Nanjing University Of Science And Technology Changshu Institute Co., Ltd. Address before: Gaogang city in Jiangsu province Taizhou City Road 225300 No. 67 Patentee before: Nanjing University Of Science And Technology Changshu Institute Co., Ltd. |
|
C41 | Transfer of patent application or patent right or utility model | ||
TR01 | Transfer of patent right |
Effective date of registration: 20160712 Address after: 100080, Beijing Haidian District Zhongguancun Avenue, China Central Building 22 Patentee after: BANK OF BEIJING CONSUMER FINANCE COMPANY Address before: The Science Park Research Institute of Jiangsu province Suzhou City Road 215513, Changshou City economic and Technological Development Zone No. 5 Patentee before: Nanjing University Of Science And Technology Changshu Institute Co., Ltd. |