CN107046527B - WEB vulnerability scanning method, device and system - Google Patents

WEB vulnerability scanning method, device and system Download PDF

Info

Publication number
CN107046527B
CN107046527B CN201611246376.6A CN201611246376A CN107046527B CN 107046527 B CN107046527 B CN 107046527B CN 201611246376 A CN201611246376 A CN 201611246376A CN 107046527 B CN107046527 B CN 107046527B
Authority
CN
China
Prior art keywords
vulnerability
scanning tool
website
detected
vulnerability scanning
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201611246376.6A
Other languages
Chinese (zh)
Other versions
CN107046527A (en
Inventor
白健
葛珅
陈得福
韩钰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Beijing Qianxin Technology Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Beijing Qianxin Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Beijing Qianxin Technology Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201611246376.6A priority Critical patent/CN107046527B/en
Publication of CN107046527A publication Critical patent/CN107046527A/en
Application granted granted Critical
Publication of CN107046527B publication Critical patent/CN107046527B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Examining Or Testing Airtightness (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a WEB vulnerability scanning method, device and system, which can at least solve the problem that in the prior art, the network information security of an Internet user is threatened because the time interval between vulnerability discovery and vulnerability identification is too long. The WEB vulnerability scanning method comprises the following steps: acquiring and storing a vulnerability scanning tool provided by a vulnerability detection terminal, wherein the vulnerability scanning tool is an extensible scanning tool written aiming at specific website vulnerabilities; determining the vulnerability type applicable to a vulnerability scanning tool provided by a vulnerability detection terminal, and displaying the vulnerability scanning tool provided by the vulnerability detection terminal and the applicable vulnerability type thereof; acquiring a vulnerability scanning tool selection request sent by a website to be detected, and determining a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request; and scanning the website to be detected through the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request.

Description

WEB vulnerability scanning method, device and system
Technical Field
The invention relates to the technical field of communication, in particular to a WEB vulnerability scanning method, device and system.
Background
At present, with the development of the internet, the problem of a leak inevitably occurs in a webpage program or a website, and a hacker often uses the network leak to steal secret information of an enterprise, private information of an internet user and the like, so that the information security of the internet is threatened.
In the process of implementing the embodiment of the present invention, the inventor finds that at least the following problems exist in the prior art: at present, a scanning tool or a hardware scanning device is basically used for discovering the vulnerability, but the scanning tool or the hardware scanning device is based on a process of 'vulnerability analysis-vulnerability identification feature extraction-vulnerability scanning library-upgrading', so that a long time is spent from vulnerability discovery to vulnerability identification, for example, a long time of 1 to 3 months or even a long time is often spent, real attacks based on the vulnerability are more and more, an enterprise database is dragged due to the problem that a time difference between vulnerability discovery and vulnerability identification is too long, user information is leaked, and a great risk is caused to information security of internet users.
Disclosure of Invention
In view of the above, the present invention is proposed to provide a WEB vulnerability scanning method, apparatus and system that overcome or at least partially solve the above problems.
According to an aspect of the present invention, a method for WEB vulnerability scanning is provided, which includes: acquiring and storing a vulnerability scanning tool provided by a vulnerability detection terminal, wherein the vulnerability scanning tool is an extensible scanning tool written aiming at specific website vulnerabilities; determining the vulnerability type applicable to the vulnerability scanning tool provided by the vulnerability detection terminal, and displaying the vulnerability scanning tool provided by the vulnerability detection terminal and the applicable vulnerability type thereof; acquiring a vulnerability scanning tool selection request sent by a website to be detected, and determining a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request; and scanning the website to be detected through the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request.
According to another aspect of the present invention, there is provided a WEB vulnerability scanning apparatus, including: the system comprises a first acquisition module, a second acquisition module and a third acquisition module, wherein the first acquisition module is suitable for acquiring and storing a vulnerability scanning tool provided by a vulnerability detection terminal, and the vulnerability scanning tool is an extensible scanning tool written aiming at specific website vulnerabilities; the first determination module is suitable for determining the vulnerability type applicable to the vulnerability scanning tool provided by the vulnerability detection terminal; the display module is suitable for displaying the vulnerability scanning tool provided by the vulnerability detection terminal and the applicable vulnerability type thereof; the second acquisition module is suitable for acquiring a vulnerability scanning tool selection request sent by a website to be detected; a second determination module adapted to determine a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request; and the scanning module is suitable for scanning the website to be detected through the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request.
According to another aspect of the present invention, a WEB vulnerability scanning system is provided, which includes any one of the vulnerability scanning apparatus, the website to be detected, and the vulnerability detection terminal.
In the WEB vulnerability scanning method, device and system provided by the embodiment of the invention, a vulnerability scanning tool provided by a vulnerability detection terminal is firstly obtained and stored, wherein the vulnerability scanning tool is an extensible scanning tool written aiming at specific website vulnerabilities; then determining the vulnerability type applicable to a vulnerability scanning tool provided by a vulnerability detection terminal, and displaying the vulnerability scanning tool provided by the vulnerability detection terminal and the applicable vulnerability type thereof; meanwhile, acquiring a vulnerability scanning tool selection request sent by a website to be detected, and determining a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request; and finally, scanning the website to be detected by a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request. Therefore, the method and the device solve the problem that the network information security of the internet user is threatened due to the overlong time interval between the discovery and the identification of the vulnerability, provide a WEB vulnerability scanning scheme and maintain the security of the network information of the internet user.
The above description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
FIG. 1 is a flowchart illustrating a method for WEB vulnerability scanning according to an embodiment of the present invention;
fig. 2 is a flowchart illustrating a WEB vulnerability scanning method according to another embodiment of the present invention;
FIG. 3 is a block diagram illustrating a structure of a WEB vulnerability scanning apparatus according to an embodiment of the present invention;
fig. 4 is a block diagram illustrating a structure of a WEB vulnerability scanning apparatus according to another embodiment of the present invention;
fig. 5 shows a block diagram of a WEB vulnerability scanning system according to still another embodiment of the present invention.
Fig. 6 shows a block diagram of a WEB vulnerability scanning system according to still another embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are illustrated in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
Fig. 1 shows a flowchart of a WEB vulnerability scanning method according to an embodiment of the present invention. As shown in fig. 1, the method comprises the steps of:
step S110: and acquiring and storing a vulnerability scanning tool provided by a vulnerability detection terminal, wherein the vulnerability scanning tool is an extensible scanning tool written aiming at the specific website vulnerability.
Specifically, the vulnerability detection terminal can write a corresponding extensible scanning tool, such as a vulnerability scanning script, for a vulnerability type of a specific website vulnerability, so as to scan the vulnerability for the specific vulnerability type. In this embodiment, there may be a plurality of vulnerability detection terminals. When a vulnerability scanning tool provided by a vulnerability detection terminal is obtained, a submission entrance related to the vulnerability scanning tool can be set in a webpage interface, the vulnerability scanning tool uploaded by the vulnerability detection terminal is obtained through the submission entrance, and the obtained vulnerability scanning tool is stored.
Step S120: and determining the vulnerability type applicable to the vulnerability scanning tool provided by the vulnerability detection terminal, and displaying the vulnerability scanning tool provided by the vulnerability detection terminal and the vulnerability type applicable to the vulnerability scanning tool.
Specifically, after a vulnerability scanning tool provided by a vulnerability detection terminal is obtained and stored, the vulnerability type applicable to the vulnerability scanning tool is further determined, and then the vulnerability scanning tool provided by the vulnerability detection terminal and the vulnerability type applicable to the vulnerability scanning tool are displayed in a webpage interface according to the determination result, so that a website to be detected in the subsequent step (corresponding to step S130) can select the vulnerability scanning tool according to the display information.
Step S130: acquiring a vulnerability scanning tool selection request sent by a website to be detected, and determining a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request.
Specifically, the website to be detected is a website of a manufacturer or an enterprise, etc. that needs to detect a vulnerability of the website in the internet, and in this embodiment, the number of the objects to be detected may be multiple. The vulnerability scanning tool selection request is a request sent by the website to be detected according to the characteristics of the vulnerability of the website, wherein the vulnerability selection request comprises information such as vulnerability types of the vulnerability of the website to be detected. When a vulnerability scanning tool selection request sent by a website to be detected is obtained, a request entry related to the vulnerability scanning tool selection request can be set in a webpage interface, the vulnerability scanning tool selection request sent by the website to be detected is obtained through the request entry, and a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request is determined according to information such as vulnerability types contained in the obtained vulnerability scanning tool selection request and the vulnerability types suitable for the vulnerability scanning tool determined in step S120. The vulnerability scanning tool is a vulnerability scanning tool provided by the vulnerability detection terminal stored in step S110.
Step S140: and scanning the website to be detected by a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request.
Specifically, after a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request is determined, vulnerability scanning is conducted on a website to be detected through the determined vulnerability scanning tool, a corresponding scanning result is generated according to the scanning process, and then the scanning result is sent to the corresponding website to be detected, so that the website to be detected can find vulnerability information in the website according to the scanning result.
Therefore, in the WEB vulnerability scanning method provided by the embodiment of the invention, a vulnerability scanning tool provided by a vulnerability detection terminal is firstly obtained and stored, wherein the vulnerability scanning tool is an extensible scanning tool written aiming at specific website vulnerabilities; then determining the vulnerability type applicable to a vulnerability scanning tool provided by a vulnerability detection terminal, and displaying the vulnerability scanning tool provided by the vulnerability detection terminal and the applicable vulnerability type thereof; meanwhile, acquiring a vulnerability scanning tool selection request sent by a website to be detected, and determining a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request; and finally, scanning the website to be detected by a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request. Therefore, the invention solves the problem that the network information security of the internet user is threatened due to the overlong time interval between the discovery and the identification of the vulnerability, effectively shortens the time interval between the discovery and the identification of the vulnerability, provides a WEB vulnerability scanning scheme and improves the capability of resisting the vulnerability.
Fig. 2 is a flowchart illustrating a WEB vulnerability scanning method according to another embodiment of the present invention. As shown in fig. 2, the method comprises the steps of:
step S210: and receiving and storing the communication address of the website to be detected, the detection address corresponding to the website to be detected and the communication address of the vulnerability detection terminal in advance.
Specifically, the websites to be detected are websites of manufacturers, enterprises and the like in the internet, which need to detect the website vulnerability information of the websites, and the number of the objects to be detected is multiple. The vulnerability detection terminals can program the corresponding vulnerability scanning tool terminals according to the types of the specific website vulnerabilities, and the number of the vulnerability detection terminals is multiple. When receiving and storing the communication address of the website to be detected, the detection address corresponding to the website to be detected and the communication address of the bug detection terminal, an information registration process can be set, and the communication address information, the detection address information and the like of the website to be detected and the bug detection terminal are input through the information registration process. The communication addresses of the website to be detected and the vulnerability detection terminal can be mailbox addresses or specific contact account addresses set for each website to be detected and the vulnerability detection terminal, and the detection address corresponding to the website to be detected can be an address of a website first page of the website to be detected, a link address contained in the website, and the like.
Step S220: and acquiring and storing a vulnerability scanning tool provided by the vulnerability detection terminal, wherein the vulnerability scanning tool is an extensible scanning tool written aiming at the vulnerability of a specific website.
Specifically, the vulnerability scanning tool is a corresponding extensible scanning tool written by the vulnerability detection terminal for the vulnerability type of the specific website vulnerability, and the tool can scan the vulnerability for the specific vulnerability type. In this embodiment, the vulnerability scanning tool is specifically a script plug-in for vulnerability scanning. When a vulnerability scanning tool provided by a vulnerability detection terminal is obtained, a submission entry related to the vulnerability scanning tool may be set in a web interface, and the vulnerability scanning tool uploaded by the vulnerability detection terminal is obtained through the submission entry, for example, a submission button may be set in the web interface, and the vulnerability scanning tool uploaded by the vulnerability detection terminal is obtained through a relevant operation (for example, a click operation and the like) performed on the submission button by responding to the vulnerability detection terminal, and the obtained vulnerability scanning tool is stored. Furthermore, after the vulnerability scanning tool provided by the vulnerability detection terminal is obtained and stored, value information corresponding to the vulnerability scanning tool provided by the vulnerability detection terminal can be further received and displayed, so that the value information corresponding to the vulnerability scanning tool provided by the vulnerability detection terminal can be determined in the subsequent step (corresponding to step S270).
Step S230: and determining the vulnerability type applicable to the vulnerability scanning tool provided by the vulnerability detection terminal, and displaying the vulnerability scanning tool provided by the vulnerability detection terminal and the vulnerability type applicable to the vulnerability scanning tool.
Specifically, after a vulnerability scanning tool provided by a vulnerability detection terminal is obtained and stored, the vulnerability type applicable to the vulnerability scanning tool is further determined, and then the vulnerability scanning tool provided by the vulnerability detection terminal and the vulnerability type applicable to the vulnerability scanning tool are displayed in a webpage interface according to the determination result, so that a website to be detected can select the vulnerability scanning tool according to the display information in the subsequent step (corresponding to step S240). When the vulnerability type used by the vulnerability scanning tool is determined, the vulnerability type can be determined through vulnerability applicable type information provided by the vulnerability detection terminal, or the vulnerability type can be determined according to information contained in the vulnerability scanning tool provided by the vulnerability detection terminal, and the determination mode in specific implementation can be flexibly selected by a person skilled in the art, which is not limited by the invention.
When the vulnerability scanning tool and the vulnerability type suitable for the vulnerability scanning tool provided by the vulnerability detection terminal are displayed, the vulnerability scanning tool and the vulnerability type suitable for the vulnerability scanning tool provided by the vulnerability detection terminal can be directly displayed to all users of the vulnerability scanning platform. Or, in order to improve the privacy and pertinence of the information, a display permission selection window can be further arranged, the vulnerability detection terminal achieves the purpose of screening the website to be detected by setting display permission parameters contained in the display permission selection window, and only the vulnerability scanning tool and the vulnerability type applicable to the vulnerability detection terminal are displayed for the screened website to be detected. For example, the presentation right parameters included in the presentation right selection window may include: standard right parameters, security right parameters, open right parameters, and the like. When the display permission selection window contains the security permission parameters, the vulnerability scanning tool provided by the vulnerability detection terminal is shown only facing to a preset number of websites which pass authentication and have high security; when the display permission selection window contains the opening permission parameters, showing that a vulnerability scanning tool provided by the vulnerability detection terminal displays towards all websites; and when the display permission selection window contains the standard permission parameters, the vulnerability scanning tool provided by the vulnerability detection terminal is shown facing most of the public websites. The display mode in the specific implementation can be flexibly selected by the person skilled in the art, and the invention is not limited to this. For example, the display right parameters included in the display right selection window may be divided according to the security level, and may also be divided according to the website type.
Step S240: and setting a corresponding selection entry for a vulnerability scanning tool provided by the vulnerability detection terminal and displaying the selection entry.
Specifically, after determining the vulnerability type applicable to the vulnerability scanning tool provided by the vulnerability detection terminal, a corresponding selection entry is set for the vulnerability scanning tool, for example, a corresponding selection entry button or a selection entry page may be set in a web page, and the set selection entry is displayed in the corresponding web page, so that the vulnerability scanning tool selection request sent by the website to be detected is received through the set selection entry in the subsequent step (corresponding to step S250).
Step S250: acquiring a vulnerability scanning tool selection request sent by a website to be detected, and determining a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request.
Specifically, the vulnerability scanning tool selection request is a request sent by the website to be detected according to the characteristics of the vulnerability of the website, wherein the vulnerability selection request comprises information such as vulnerability types of the vulnerability of the website to be detected. When a vulnerability scanning tool selection request sent by a website to be detected is obtained, the request is obtained through the selection entry set in step S240. When determining the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request, determining the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request according to the vulnerability type and other information contained in the obtained vulnerability scanning tool selection request and the vulnerability type applicable to the vulnerability scanning tool determined in step S230.
Step S260: and scanning the website to be detected by a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request, and sending a scanning result to the website to be detected according to the communication address of the website to be detected.
Specifically, when the website to be detected is scanned by using the vulnerability detection tool, the detection address corresponding to the website to be detected is scanned by the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request, a corresponding scanning result is generated by the scanning, and then the scanning result is sent to the website to be detected through the communication address of the website to be detected, which is stored in step S210. And the scanning result comprises vulnerability information corresponding to the website to be detected. Moreover, when the corresponding scanning result is generated, the severity levels of the vulnerability information contained in the scanning result can be classified, for example, the scanning result of the vulnerability information can be classified into three levels, namely a high-risk level, a medium-risk level and a low-risk level according to the sequence of the severity from high to low, and when the scanning result is determined, the scanning result can be correspondingly determined into the three levels, so that the purpose of reminding and informing the website to be detected of the security of the vulnerability information after the scanning result is sent to the website to be detected is achieved; or, the scanning results may not be classified, and the scanning results are directly sent to the website to be detected, so as to achieve the purpose of displaying the corresponding scanning results to the website to be detected.
Step S270: and receiving result feedback information sent by the website to be detected, and sending the result feedback information to a vulnerability detection terminal providing a vulnerability scanning tool.
And determining the result feedback information according to the value information corresponding to the vulnerability scanning tool. That is, the result feedback information includes information for confirming the value information corresponding to the vulnerability scanning tool, and after receiving the result feedback information, the result feedback information is sent to the vulnerability detection terminal, so that the vulnerability detection terminal can update the information such as the score of the vulnerability detection terminal according to the confirmed value information. Specifically, after receiving the scanning result, the website to be detected confirms the result of the scanning result, and further sends corresponding result feedback information according to the confirmation result. The scanning result is submitted after being scanned by a vulnerability scanning tool submitted by a vulnerability detection terminal, and some error information may exist in the scanning result or the scanning result does not necessarily meet the requirement of the website to be detected, so that the website to be detected needs to verify the correctness and the validity of the vulnerability information so as to further ensure the correctness and the validity of the vulnerability information, and corresponding result feedback information is sent after the confirmation. After receiving result feedback information sent by a website to be detected, sending the result feedback information to a vulnerability detection terminal providing a vulnerability scanning tool so that the vulnerability detection terminal can update information such as self score according to confirmed value information.
By the method in the embodiment of the invention, the following beneficial effects can be realized:
the method can shorten the time difference between vulnerability discovery and vulnerability identification from 1 to 3 months (even longer time) to 1 day or even several hours, can customize according to the requirements of users, meets the requirements of users on high-quality and rapid website vulnerability discovery, and greatly improves the capability of resisting the vulnerability.
The invention provides a scanning engine capable of expanding scanning capability based on script plug-ins, based on the engine, vulnerability scanning capability can be immediately upgraded as long as corresponding script plug-ins are compiled, and no special collection action is required, namely: in the invention, only the corresponding script plug-in is needed to be compiled, thereby realizing the purpose of immediately upgrading the vulnerability scanning capability without carrying out special collection action in the process; on the other hand, the vulnerability detection terminal can be utilized to provide script plug-ins for vulnerabilities, so that a vulnerability scanning tool can keep the capability of identifying vulnerabilities in real time, and the timeliness and the availability of the vulnerability scanning tool are improved.
Therefore, in the WEB vulnerability scanning method provided by the embodiment of the invention, the communication address of the website to be detected, the detection address corresponding to the website to be detected and the communication address of the vulnerability detection terminal are received and stored in advance, and then the vulnerability scanning tool provided by the vulnerability detection terminal is obtained and stored, wherein the vulnerability scanning tool is an extensible scanning tool written aiming at the vulnerability of a specific website; determining the vulnerability type suitable for the vulnerability scanning tool provided by the vulnerability detection terminal, displaying the vulnerability scanning tool provided by the vulnerability detection terminal and the suitable vulnerability type thereof, setting a corresponding selection entry for the vulnerability scanning tool provided by the vulnerability detection terminal and displaying the selection entry; and further acquiring a vulnerability scanning tool selection request sent by the website to be detected, determining a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request, scanning the website to be detected through the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request, sending a scanning result to the website to be detected, finally receiving result feedback information sent by the website to be detected, and sending the result feedback information to a vulnerability detection terminal providing a vulnerability scanning tool. Therefore, the method and the device solve the problem that the network information security of the internet users is threatened due to the overlong time interval between the discovery and the identification of the vulnerability, effectively shorten the time interval between the discovery and the identification of the vulnerability, can process the discovery and the identification of the vulnerability in real time, and improve the capability of resisting the vulnerability.
Fig. 3 shows a block diagram of a structure of a WEB vulnerability scanning apparatus according to an embodiment of the present invention. As shown in fig. 3, the apparatus includes: a first acquisition module 31, a first determination module 32, a presentation module 33, a second acquisition module 34, a second determination module 35, and a scanning module 36.
The first obtaining module 31 is adapted to obtain and store a vulnerability scanning tool provided by a vulnerability detection terminal, wherein the vulnerability scanning tool is an extensible scanning tool written for vulnerabilities of a specific website.
Specifically, the vulnerability detection terminal can write a corresponding extensible scanning tool, such as a vulnerability scanning script, for a vulnerability type of a specific website vulnerability, so as to scan the vulnerability for the specific vulnerability type. In this embodiment, there may be a plurality of vulnerability detection terminals. When acquiring the vulnerability scanning tool provided by the vulnerability detection terminal, the first acquiring module 31 may set a submission entry related to the vulnerability scanning tool in the web interface, acquire the vulnerability scanning tool uploaded by the vulnerability detection terminal through the submission entry, and store the acquired vulnerability scanning tool.
The first determination module 32 is adapted to determine the vulnerability type applicable to the vulnerability scanning tool provided by the vulnerability detection terminal.
Specifically, after the first obtaining module 31 obtains and stores the vulnerability scanning tool provided by the vulnerability detection terminal, the determining module 32 further determines the vulnerability type to which the vulnerability scanning tool is applicable. The determination result is then sent to the presentation module 33.
The display module 33 is suitable for displaying vulnerability scanning tools provided by the vulnerability detection terminal and suitable vulnerability types;
specifically, after receiving the determination result sent by the determination module 32, the display module 33 displays, in a web interface, a vulnerability scanning tool provided by the vulnerability detection terminal and a vulnerability type applicable to the vulnerability scanning tool according to the determination result.
The second obtaining module 34 is adapted to obtain a vulnerability scanning tool selection request sent by a website to be detected. Specifically, the website to be detected is a website of a manufacturer or an enterprise, etc. that needs to detect a vulnerability of its own website in the internet. The vulnerability scanning tool selection request is a request sent by the website to be detected according to the characteristics of the vulnerability of the website, wherein the vulnerability selection request comprises information such as vulnerability types of the vulnerability of the website to be detected. When acquiring the leak scanning tool selection request sent by the website to be detected, the second acquiring module 34 may set a request entry related to the leak scanning tool selection request in the web interface, and acquire the leak scanning tool selection request sent by the website to be detected through the request entry.
The second determination module 35 is adapted to determine the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request.
Specifically, after the second obtaining module 34 obtains a vulnerability scanning tool selection request sent by a website to be detected, the second determining module 35 determines a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request according to information such as a type of a vulnerability included in the obtained vulnerability scanning tool selection request and a vulnerability type applicable to the vulnerability scanning tool determined in the first determining module 32.
The scanning module 36 is adapted to scan the website to be detected through the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request.
Specifically, after the second determining module 35 determines the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request, the scanning module 36 scans vulnerabilities of the website to be detected through the determined vulnerability scanning tool, generates a corresponding scanning result according to the scanning process, and then sends the scanning result to the corresponding website to be detected, so that the website to be detected can find vulnerability information in the website according to the scanning result.
Therefore, in the WEB vulnerability scanning device provided by the embodiment of the invention, firstly, a vulnerability scanning tool provided by a vulnerability detection terminal is obtained and stored through the first obtaining module 31, wherein the vulnerability scanning tool is an extensible scanning tool written for vulnerabilities of a specific website; then, determining the vulnerability type applicable to the vulnerability scanning tool provided by the vulnerability detection terminal through the first determining module 32, and displaying the vulnerability scanning tool provided by the vulnerability detection terminal and the vulnerability type applicable thereto through the display module 33; meanwhile, a vulnerability scanning tool selection request sent by a website to be detected is obtained through a second obtaining module 34, and a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request is determined through a second determining module 35; and finally, scanning the website to be detected by a scanning module 36 through the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request. Therefore, the invention solves the problem that the network information security of the internet user is threatened due to the overlong time interval between the discovery and the identification of the vulnerability, effectively shortens the time interval between the discovery and the identification of the vulnerability, provides a WEB vulnerability scanning scheme and improves the capability of resisting the vulnerability.
Fig. 4 shows a block diagram of a WEB vulnerability scanning apparatus according to another embodiment of the present invention. As shown in fig. 4, the apparatus includes: a first receiving acquisition 41, a first determination module 42, a presentation module 43, a second acquisition module 44, a second receiving determination module 45, and a scanning module 46, a sending module 47, and a result feedback module 48.
The first obtaining module 41 is adapted to obtain and store a vulnerability scanning tool provided by a vulnerability detection terminal, wherein the vulnerability scanning tool is an extensible scanning tool written for vulnerabilities of a specific website.
Specifically, the vulnerability scanning tool is a corresponding extensible scanning tool written by the vulnerability detection terminal for the vulnerability type of the specific website vulnerability, and the tool can scan the vulnerability for the specific vulnerability type. In this embodiment, the vulnerability scanning tool is specifically a script plug-in for vulnerability scanning. When the first obtaining module 41 obtains the vulnerability scanning tool provided by the vulnerability detection terminal, a submission entry related to the vulnerability scanning tool may be set in the web interface, and the vulnerability scanning tool uploaded by the vulnerability detection terminal is obtained through the submission entry, for example, a submission button may be set in the web interface, and the vulnerability scanning tool uploaded by the vulnerability detection terminal is obtained through a relevant operation (for example, a click operation) performed on the submission button by responding to the vulnerability detection terminal, and the obtained vulnerability scanning tool is stored.
The first determination module 42 is adapted to determine the vulnerability type applicable to the vulnerability scanning tool provided by the vulnerability detection terminal.
Specifically, after the first obtaining module 41 obtains and stores the vulnerability scanning tool provided by the vulnerability detection terminal, the first determining module 42 further determines the vulnerability type to which the vulnerability scanning tool is applicable, and then sends the determination result to the displaying module 43. The vulnerability type can be determined through vulnerability applicable type information provided by a vulnerability detection terminal when the vulnerability type used by the vulnerability scanning tool is determined, and the vulnerability type can also be determined according to information contained in the vulnerability scanning tool provided by the vulnerability detection terminal.
The display module 43 is adapted to display the vulnerability scanning tool provided by the vulnerability detection terminal and the applicable vulnerability type thereof.
When displaying the vulnerability scanning tool and the vulnerability type thereof provided by the vulnerability detection terminal, the display module 43 can directly display the vulnerability scanning tool and the vulnerability type thereof provided by the vulnerability detection terminal to all users of the vulnerability scanning platform. Or, in order to improve the privacy and pertinence of the information, a display permission selection window can be further arranged, the vulnerability detection terminal achieves the purpose of screening the website to be detected by setting display permission parameters contained in the display permission selection window, and only the vulnerability scanning tool and the vulnerability types suitable for the vulnerability detection terminal are displayed for the screened website to be detected. For example, the presentation right parameters included in the presentation right selection window may include: standard right parameters, security right parameters, open right parameters, and the like. When the display permission selection window contains the security permission parameters, the vulnerability scanning tool provided by the vulnerability detection terminal is shown only facing to a preset number of websites which pass authentication and have high security; when the display permission selection window contains the open permission parameters, showing that the vulnerability scanning tool provided by the vulnerability detection terminal is displayed facing all websites; and when the display permission selection window contains the standard permission parameters, the vulnerability scanning tool provided by the vulnerability detection terminal is shown facing most of the public websites. The specific embodiment of the present invention may be flexibly selected by those skilled in the art, and the present invention is not limited thereto. For example, the display right parameters included in the display right selection window may be divided according to the security level, and may also be divided according to the website type.
The second obtaining module 44 is adapted to obtain a vulnerability scanning tool selection request sent by a website to be detected.
Specifically, the vulnerability scanning tool selection request is a request sent by the website to be detected according to the characteristics of the vulnerability of the website, wherein the vulnerability selection request comprises information such as vulnerability types of the vulnerability of the website to be detected. When acquiring a vulnerability scanning tool selection request sent by a website to be detected, the second acquisition module 44 acquires the request through a selection entry set in a webpage.
The second determination module 45 determines the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request.
When determining the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request, the second determining module 45 determines the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request according to the vulnerability type and other information included in the vulnerability scanning tool selection request acquired in the second acquiring module 44 and the vulnerability type applicable to the vulnerability scanning tool determined in the first determining module 42.
The scanning module 46 is adapted to scan the website to be detected through the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request.
Specifically, when the vulnerability detection tool is used to scan the website to be detected, the scanning module 46 scans the detection address corresponding to the website to be detected through the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request, generates a corresponding scanning result through the scanning, and sends the scanning result to the sending module 47. And the scanning result comprises vulnerability information corresponding to the website to be detected. Moreover, when the corresponding scanning result is generated, the severity level of the vulnerability information contained in the scanning result can be classified, for example, the scanning result of the vulnerability information can be divided into three levels, namely a high-risk level, a medium-risk level and a low-risk level, according to the sequence from high severity to low severity, and when the scanning result is determined, the scanning result can be correspondingly determined into the three levels, so that the purpose of reminding and informing the website to be detected of the security of the vulnerability information after the scanning result is sent to the website to be detected is achieved; or, the scanning result may not be graded, and the scanning result is directly sent to the website to be detected, so as to achieve the purpose of displaying the corresponding scanning result to the website to be detected.
The sending module 47 is adapted to receive and store the communication address of the website to be detected in advance, and send the scanning result to the website to be detected according to the communication address of the website to be detected.
Specifically, when receiving the scanning result sent by the scanning module 46, the sending module 47 sends the scanning result to the website to be detected according to the communication address of the website to be detected, which is received and stored in advance.
The result feedback module 48 is adapted to receive and store the communication address of the vulnerability detection terminal in advance, receive the result feedback information sent by the website to be detected, and send the result feedback information to the vulnerability detection terminal providing the vulnerability scanning tool.
And determining the result feedback information according to the value information corresponding to the vulnerability scanning tool. That is, the result feedback information includes information for confirming the value information corresponding to the vulnerability scanning tool, and after the result feedback module 48 receives the result feedback information, the result feedback information is sent to the vulnerability detection terminal, so that the vulnerability detection terminal updates the information such as the score of the vulnerability detection terminal according to the confirmed value information.
Therefore, in the WEB vulnerability scanning device provided by the embodiment of the present invention, the communication address of the website to be detected, the detection address corresponding to the website to be detected, and the communication address of the vulnerability detection terminal are received and stored in advance, and then the vulnerability scanning tool provided by the vulnerability detection terminal is obtained and stored through the first obtaining module 41, wherein the vulnerability scanning tool is an extensible scanning tool written for a specific website vulnerability; determining the type of the vulnerability applicable to the vulnerability scanning tool provided by the vulnerability detection terminal through the first determining module 42, displaying the vulnerability scanning tool provided by the vulnerability detection terminal and the type of the vulnerability applicable to the vulnerability scanning tool through the displaying module 43, setting a corresponding selection entry for the vulnerability scanning tool provided by the vulnerability detection terminal, and displaying the selection entry; and further acquiring a vulnerability scanning tool selection request sent by the website to be detected through a second acquisition module 44, then determining a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request through a second determination module 45, scanning the website to be detected through a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request through a scanning module 46, sending a scanning result to the website to be detected through a sending module 47, finally receiving result feedback information sent by the website to be detected through a result feedback module 48, and sending the result feedback information to a vulnerability detection terminal providing the vulnerability scanning tool. Therefore, the method and the device solve the problem that the network information security of the internet user is threatened due to the fact that the time interval between the discovery and the identification of the vulnerability is too long, effectively shorten the time interval between the discovery and the identification of the vulnerability, can process the discovery and the identification of the vulnerability in real time, and improve the capability of resisting the vulnerability.
Fig. 5 shows a block diagram of a WEB vulnerability scanning system 500 according to still another embodiment of the present invention. As shown in fig. 5, the WEB vulnerability scanning system includes the WEB vulnerability scanning apparatus 50, the website 57 to be detected, and the vulnerability detection terminal 58 shown in fig. 3, where the WEB vulnerability scanning apparatus 50 specifically includes: a first acquisition module 51, a first determination module 52, a presentation module 53, a second acquisition module 54, a second determination module 55, and a scanning module 56. The specific structure and the working principle of the website 57 to be detected and the vulnerability detection terminal 58 can refer to the description of the corresponding steps in the method embodiment, and are not described herein again.
Fig. 6 shows a block diagram of a WEB vulnerability scanning system according to still another embodiment of the present invention. As shown in fig. 6, the WEB vulnerability scanning system includes the WEB vulnerability scanning apparatus 60, the website 69 to be detected, and the vulnerability detection terminal 60 shown in fig. 4, where the WEB vulnerability scanning apparatus 60 specifically includes: a first receiving acquisition 61, a first determining module 62, a presenting module 63, a second acquiring module 64, a second receiving determining module 65, a scanning module 66, a sending module 67 and a result feedback module 68. The specific structure and the operation principle of the website 69 to be detected and the vulnerability detection terminal 60 can refer to the description of the corresponding steps in the method embodiment, and are not described herein again.
The algorithms and displays presented herein are not inherently related to any particular computer, virtual system, or other apparatus. Various general purpose systems may also be used with the teachings herein. The required structure for constructing such a system will be apparent from the description above. Moreover, the present invention is not directed to any particular programming language. It is appreciated that a variety of programming languages may be used to implement the teachings of the present invention as described herein, and any descriptions of specific languages are provided above to disclose the best mode of the invention.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and placed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and furthermore they may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments described herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.
The various component embodiments of the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. It will be appreciated by those skilled in the art that a microprocessor or Digital Signal Processor (DSP) may be used in practice to implement some or all of the functions of some or all of the components in a WEB vulnerability scanning apparatus according to embodiments of the present invention. The present invention may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. Such programs implementing the invention may be stored on computer-readable media or may be in the form of one or more signals. Such a signal may be downloaded from an internet website or provided on a carrier signal or in any other form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names.

Claims (17)

1. A WEB vulnerability scanning method comprises the following steps:
acquiring and storing a vulnerability scanning tool provided by a vulnerability detection terminal, wherein the vulnerability scanning tool is an extensible scanning tool written aiming at specific website vulnerabilities;
determining the vulnerability type applicable to the vulnerability scanning tool provided by the vulnerability detection terminal, and displaying the vulnerability scanning tool provided by the vulnerability detection terminal and the applicable vulnerability type thereof; the vulnerability detection terminal screens websites to be detected by setting display permission parameters contained in the display permission selection window, and displays vulnerability scanning tools provided by the vulnerability detection terminal and suitable vulnerability types thereof aiming at the screened websites to be detected; the display permission parameters are divided according to the security level and/or the website type;
acquiring a vulnerability scanning tool selection request sent by a website to be detected, and determining a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request;
and scanning the website to be detected through the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request.
2. The method according to claim 1, wherein after the step of determining the vulnerability type applicable to the vulnerability scanning tool provided by the vulnerability detection terminal, further comprising the steps of: setting a corresponding selection entry for a vulnerability scanning tool provided by the vulnerability detection terminal, and further displaying the selection entry when the vulnerability scanning tool provided by the vulnerability detection terminal and the applicable vulnerability type thereof are displayed;
the step of obtaining a vulnerability scanning tool selection request sent by a website to be detected and determining a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request specifically includes: acquiring a vulnerability scanning tool selection request sent by a website to be detected through the selection entry, and determining a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request according to the corresponding relation between the selection entry and the vulnerability scanning tool.
3. The method according to claim 1, wherein the method further comprises the step of: receiving and storing the communication address of the website to be detected in advance, and after the step of scanning the website to be detected by the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request, further comprising: and sending the scanning result to the website to be detected according to the communication address of the website to be detected.
4. A method according to any of claims 1-3, wherein the method further comprises the step of: receiving and storing a detection address corresponding to the website to be detected in advance, wherein the step of scanning the website to be detected through the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request specifically comprises the following steps: and scanning the detection address corresponding to the website to be detected by the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request.
5. A method according to any of claims 1-3, wherein the method further comprises the step of: and after the step of receiving and storing the communication address of the vulnerability detection terminal in advance and sending the scanning result to the website to be detected according to the communication address of the website to be detected, the method further comprises the following steps:
and receiving result feedback information sent by the website to be detected, and sending the result feedback information to a vulnerability detection terminal providing the vulnerability scanning tool.
6. The method of claim 5, wherein the method further comprises:
and receiving and displaying the value information corresponding to the vulnerability scanning tool provided by the vulnerability detection terminal in advance, and determining the result feedback information according to the value information corresponding to the vulnerability scanning tool.
7. The method according to any one of claims 1 to 3, wherein the number of the websites to be detected is plural, and the number of the vulnerability detection terminals is plural.
8. The method of any of claims 1-3, wherein the vulnerability scanning tool is a script plug-in.
9. A WEB vulnerability scanning device, comprising:
the system comprises a first acquisition module, a second acquisition module and a third acquisition module, wherein the first acquisition module is suitable for acquiring and storing a vulnerability scanning tool provided by a vulnerability detection terminal, and the vulnerability scanning tool is an extensible scanning tool written aiming at specific website vulnerabilities;
the first determination module is suitable for determining the vulnerability type applicable to the vulnerability scanning tool provided by the vulnerability detection terminal;
the display module is suitable for displaying the vulnerability scanning tool provided by the vulnerability detection terminal and the applicable vulnerability type thereof; the vulnerability detection terminal screens websites to be detected by setting display permission parameters contained in the display permission selection window, and displays vulnerability scanning tools provided by the vulnerability detection terminal and suitable vulnerability types thereof aiming at the screened websites to be detected; the display permission parameters are divided according to the security level and/or the website type;
the second acquisition module is suitable for acquiring a vulnerability scanning tool selection request sent by a website to be detected;
a second determination module adapted to determine a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request;
and the scanning module is suitable for scanning the website to be detected through the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request.
10. The apparatus of claim 9, wherein the presentation module is further configured to: setting a corresponding selection entry for a vulnerability scanning tool provided by the vulnerability detection terminal, and further displaying the selection entry when displaying the vulnerability scanning tool provided by the vulnerability detection terminal and the applicable vulnerability type thereof;
the second obtaining module is specifically configured to: acquiring a vulnerability scanning tool selection request sent by a website to be detected through the selection entry, and determining a vulnerability scanning tool corresponding to the vulnerability scanning tool selection request according to the corresponding relation between the selection entry and the vulnerability scanning tool.
11. The apparatus of claim 9, wherein the apparatus further comprises:
and the sending module is suitable for receiving and storing the communication address of the website to be detected in advance and sending the scanning result to the website to be detected according to the communication address of the website to be detected.
12. The apparatus according to any one of claims 9-11, wherein the scanning module is specifically configured to: and receiving and storing the detection address corresponding to the website to be detected in advance, and scanning the detection address corresponding to the website to be detected through the vulnerability scanning tool corresponding to the vulnerability scanning tool selection request.
13. The apparatus of any of claims 9-11, wherein the apparatus further comprises: and the result feedback module is suitable for receiving and storing the communication address of the vulnerability detection terminal in advance, receiving result feedback information sent by the website to be detected and sending the result feedback information to the vulnerability detection terminal provided with the vulnerability scanning tool.
14. The apparatus of claim 13, wherein the presentation module is further configured to: and displaying the value information corresponding to the vulnerability scanning tool provided by the vulnerability detection terminal, and determining the result feedback information according to the value information corresponding to the vulnerability scanning tool.
15. The device according to any one of claims 9 to 11, wherein the number of the websites to be detected is plural, and the number of the vulnerability detection terminals is plural.
16. The apparatus of any of claims 9-11, wherein the vulnerability scanning tool is a script plug-in.
17. A WEB vulnerability scanning system, comprising: the vulnerability scanning apparatus, the website to be detected and the vulnerability detection terminal of any of the above claims 9-16.
CN201611246376.6A 2016-12-29 2016-12-29 WEB vulnerability scanning method, device and system Active CN107046527B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611246376.6A CN107046527B (en) 2016-12-29 2016-12-29 WEB vulnerability scanning method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611246376.6A CN107046527B (en) 2016-12-29 2016-12-29 WEB vulnerability scanning method, device and system

Publications (2)

Publication Number Publication Date
CN107046527A CN107046527A (en) 2017-08-15
CN107046527B true CN107046527B (en) 2020-12-08

Family

ID=59542974

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611246376.6A Active CN107046527B (en) 2016-12-29 2016-12-29 WEB vulnerability scanning method, device and system

Country Status (1)

Country Link
CN (1) CN107046527B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109165505A (en) * 2018-06-29 2019-01-08 重庆小雨点小额贷款有限公司 A kind of the security sweep method, apparatus and security sweep server of data
CN111124841B (en) * 2019-12-09 2023-08-18 广州品唯软件有限公司 Alarm method and device for abnormal page and computer system
CN112580053B (en) * 2020-10-28 2023-06-09 西安四叶草信息技术有限公司 Vulnerability scanning method and device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102789502A (en) * 2012-07-17 2012-11-21 北京奇虎科技有限公司 Method and device for scanning website
CN103685290A (en) * 2013-12-19 2014-03-26 南京理工大学连云港研究院 Vulnerability scanning system based on GHDB
CN105991554A (en) * 2015-02-04 2016-10-05 阿里巴巴集团控股有限公司 Vulnerability detection method and equipment

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101402057B1 (en) * 2012-09-19 2014-06-03 주식회사 이스트시큐리티 Analyzing system of repackage application through calculation of risk and method thereof

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102789502A (en) * 2012-07-17 2012-11-21 北京奇虎科技有限公司 Method and device for scanning website
CN103685290A (en) * 2013-12-19 2014-03-26 南京理工大学连云港研究院 Vulnerability scanning system based on GHDB
CN105991554A (en) * 2015-02-04 2016-10-05 阿里巴巴集团控股有限公司 Vulnerability detection method and equipment

Also Published As

Publication number Publication date
CN107046527A (en) 2017-08-15

Similar Documents

Publication Publication Date Title
US10929266B1 (en) Real-time visual playback with synchronous textual analysis log display and event/time indexing
US11068587B1 (en) Dynamic guest image creation and rollback
US11055406B2 (en) Application security protection method, terminal, and storage medium
US10091220B2 (en) Platform for protecting small and medium enterprises from cyber security threats
US9306968B2 (en) Systems and methods for risk rating and pro-actively detecting malicious online ads
US11165793B2 (en) Method and system for detecting credential stealing attacks
US9178899B2 (en) Detecting automated site scans
CN105787364B (en) Automatic testing method, device and system for tasks
US9348614B2 (en) Verification of shared display integrity in a desktop sharing system
CN104994060B (en) It is a kind of to provide the method and apparatus of verifying for logging in for user
CN107046527B (en) WEB vulnerability scanning method, device and system
CN107204956B (en) Website identification method and device
CN105101122A (en) Verification code input method and device
CN108156121B (en) Traffic hijacking monitoring method and device and traffic hijacking alarm method and device
CN106657096B (en) WEB vulnerability detection method, device and system
CN104579830A (en) Service monitoring method and device
CN110399723B (en) Vulnerability detection method and device, storage medium and electronic device
CN114491555A (en) Equipment safety detection method and device, computer equipment and storage medium
CN113765850A (en) Internet of things anomaly detection method and device, computing equipment and computer storage medium
CN109951549B (en) Network page access method and device and computer readable storage medium
CN111538994A (en) System security detection and repair method, device, storage medium and terminal
EP3424005A1 (en) Counterfeit electronic device detection
CN105516053B (en) Website security detection method and device
US10715539B1 (en) Request header anomaly detection
CN106685966B (en) Method, device and system for detecting leakage information

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant