CN107392031A - The scan method and device of leak - Google Patents
The scan method and device of leak Download PDFInfo
- Publication number
- CN107392031A CN107392031A CN201710664116.9A CN201710664116A CN107392031A CN 107392031 A CN107392031 A CN 107392031A CN 201710664116 A CN201710664116 A CN 201710664116A CN 107392031 A CN107392031 A CN 107392031A
- Authority
- CN
- China
- Prior art keywords
- assets
- address information
- information
- access request
- leak
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention provides a kind of scan method of leak and device, it is related to the technical field of vulnerability scanning, this method is applied to detector, and detector is arranged between terminal device and server, and this method includes:Detector obtains the vulnerability scanning being scanned to the leak of the assets request that user sends, wherein, vulnerability scanning asks the name information for including assets;Detector reads the address information of assets according to name information, wherein, address information is to be in advance based on the address information that the history access information of user is established, and history access information includes the name information and address information for the assets that history accesses;Detector pushes address information to the vulnerability scanners of assets, so that vulnerability scanners carry out vulnerability scanning to assets.Existing human cost higher technical problem when the present invention alleviates traditional vulnerability scanners scanning leak.
Description
Technical field
The present invention relates to Vulnerability-scanning technology field, more particularly, to the scan method and device of a kind of leak.
Background technology
Security of network and information technology has gone through development for many years, nowadays, for the vulnerability scanning of networked asset
Technology becomes the primary study object of information security field.
The general scanning process of the vulnerability scanners of existing networked asset is:
Step 1:The storage address of assets title to be scanned and assets to be scanned is manually set in vulnerability scanners,
Then scanning sign on is issued to vulnerability scanners.
Step 2:Vulnerability scanners pass through default procotol and storage address according to the storage address of scanning assets
Corresponding equipment is established the link, and vulnerability scanning is carried out to assets.
Step 3:Scanner feedback carries out the scanning result of vulnerability scanning to assets.
Above-mentioned vulnerability scanners need the artificial storage address for actively setting assets title to be scanned and assets to be scanned,
To initiate vulnerability scanning operation, there is the higher technical problem of human cost.
The content of the invention
In view of this, it is an object of the invention to provide a kind of method and device of vulnerability scanning, to alleviate traditional leakage
Existing human cost higher technical problem during the scanner scanning leak of hole.
In a first aspect, the embodiments of the invention provide a kind of scan method of leak, applied to detector, the detector
Between terminal device and server, methods described includes:
The detector obtains the vulnerability scanning being scanned to the leak of the assets request that user sends, wherein, it is described
Vulnerability scanning asks the name information for including the assets;
The detector reads the address information of the assets according to the name information, wherein, the address information is
The address information that the history access information of the user is established is in advance based on, the history access information includes the money that history accesses
The name information and address information of production;
The detector pushes the address information to the vulnerability scanners of the assets, so as to the vulnerability scanners pair
The assets carry out vulnerability scanning.
With reference in a first aspect, the embodiments of the invention provide the possible embodiment of the first of first aspect, wherein,
Before obtaining the vulnerability scanning being scanned to the leak of the assets request that user sends, methods described includes:
When the user accesses any one assets by the terminal device, the ground of any one assets is obtained
Location information;
The name information of the address information of any one assets and any one assets is accordingly stored in
In the memory of the detector.
With reference to first aspect, the first may obtain embodiment, and the embodiments of the invention provide second of first aspect
Possible embodiment, wherein, when the user accesses any one assets by terminal device, obtain it is described any one
The address information of assets, including:
When the user accesses any one assets by the terminal device, the detector obtains the terminal and set
The access request that preparation is sent;
According to the access request, it is determined that the communication protocol of the access request is transmitted, wherein, the communication protocol is institute
State the agreement that the access request is transmitted between terminal device and the server;
The communication protocol is parsed, obtains the data format of the access request;
Based on the data format, address information is inquired about in the access request.
With reference to second of possible embodiment of first aspect, the embodiments of the invention provide the third of first aspect
Possible embodiment, wherein, by the address information of any one assets and the name information of any one assets
Accordingly it is stored in the memory of the detector, including:
After inquiry obtains the address information of any one assets in the access request, to the memory
The middle caching address information.
With reference in a first aspect, the embodiments of the invention provide the possible embodiment of the 4th of first aspect kind, wherein, institute
Stating address information includes:
Store the server address of the assets or the URL of the assets.
Second aspect, the embodiment of the present invention also provide a kind of scanning means of leak, and described device is arranged on terminal device
Between server, described device includes:
First acquisition module, for obtaining the vulnerability scanning being scanned to the leak of the assets request of user's transmission, its
In, the vulnerability scanning request includes the name information of the assets;
Read module, for according to the name information, reading the address information of the assets, wherein, the address letter
Cease to be in advance based on the address information of the history access information of user foundation, the history access information accesses including history
Assets name information and address information;
Pushing module, for pushing the address information to the vulnerability scanners of the assets, so as to the vulnerability scanning
Device carries out vulnerability scanning to the assets.
With reference to second aspect, the embodiments of the invention provide the possible embodiment of the first of second aspect, wherein, institute
Stating device includes:
Second acquisition module, for asking it in the vulnerability scanning being scanned to the leak of assets for obtaining user's transmission
Before, when the user accesses any one assets by the terminal device, obtain the address letter of any one assets
Breath;
Memory module, for by the name information of the address information of any one assets and any one assets
Accordingly it is stored in the memory of described device.
With reference to the first possible embodiment of second aspect, the embodiments of the invention provide second of second aspect
Possible embodiment, wherein, second acquisition module includes:
Acquiring unit, for when the user accesses any one assets by the terminal device, obtaining the end
The access request that end equipment is sent;
Determining unit, for according to the access request, it is determined that the communication protocol of the access request is transmitted, wherein, institute
State the agreement that communication protocol transmits the access request between the terminal device and the server;
Resolution unit, for being parsed to the communication protocol, obtain the data format of the access request;
Query unit, for based on the data format, address information to be inquired about in the access request.
With reference to second of possible embodiment of second aspect, the embodiments of the invention provide the third of second aspect
Possible embodiment, wherein, the memory module is used for:
After inquiry obtains the address information of any one assets in the access request, to the memory
The middle caching address information.
With reference to second aspect, the embodiments of the invention provide the possible embodiment of the 4th of second aspect kind, wherein, institute
Stating address information includes:
Store the server address of the assets or the URL of the assets.
The embodiment of the present invention brings following beneficial effect:The scan method of this kind of leak includes obtaining what user sent
The vulnerability scanning request being scanned to the leak of assets, the name information of the assets in being asked according to vulnerability scanning read assets
Address information, then to assets vulnerability scanners push address information, so as to vulnerability scanners to assets carry out leak sweep
Retouch, wherein, address information is to be in advance based on the address information that the history access information of user is established, and inputs ground without user
Location information, existing human cost higher technical problem when alleviating traditional vulnerability scanners scanning leak.
Other features and advantages of the present invention will illustrate in the following description, also, partly become from specification
Obtain it is clear that or being understood by implementing the present invention.The purpose of the present invention and other advantages are in specification, claims
And specifically noted structure is realized and obtained in accompanying drawing.
To enable the above objects, features and advantages of the present invention to become apparent, preferred embodiment cited below particularly, and coordinate
Appended accompanying drawing, is described in detail below.
Brief description of the drawings
, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical scheme of the prior art
The required accompanying drawing used is briefly described in embodiment or description of the prior art, it should be apparent that, in describing below
Accompanying drawing is some embodiments of the present invention, for those of ordinary skill in the art, before creative work is not paid
Put, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is a kind of flow chart of the scan method for leak that the embodiment of the present invention one provides;
Fig. 2 is the flow chart of the scan method for another leak that the embodiment of the present invention one provides;
Fig. 3 is a kind of structured flowchart of the scan method for leak that the embodiment of the present invention two provides;
Fig. 4 is the structured flowchart of the scan method for another leak that the embodiment of the present invention two provides;
Fig. 5 is the structured flowchart for the second acquisition module that the embodiment of the present invention two provides.
Icon:The acquisition modules of 100- second;101- acquiring units;102- determining units;103- resolution units;104- is inquired about
Unit;200- memory modules;The acquisition modules of 300- first;400- read modules;500- pushing modules.
Embodiment
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with accompanying drawing to the present invention
Technical scheme be clearly and completely described, it is clear that described embodiment is part of the embodiment of the present invention, rather than
Whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not making creative work premise
Lower obtained every other embodiment, belongs to the scope of protection of the invention.
Vulnerability scanners need the artificial storage address for actively setting assets title to be scanned and assets to be scanned at present
To initiate vulnerability scanning operation, there is the higher technical problem of human cost.Based on this, a kind of leakage provided in an embodiment of the present invention
The scan method and device in hole, existing human cost higher technology when can alleviate traditional vulnerability scanners scanning leak
Problem.
Embodiment one
A kind of scan method of leak provided in an embodiment of the present invention, as shown in figure 1, it is applied to detector, detector peace
Between terminal device and server, the scan method of this kind of leak includes:
Step S103, detector obtain the vulnerability scanning being scanned to the leak of the assets request that user sends, wherein,
Vulnerability scanning asks the name information for including assets.
Step S104, detector read the address information of assets according to name information, wherein, address information is advance base
In user history access information establish address information, history access information include history access assets name information and
Address information.
Step S105, detector pushes address information to the vulnerability scanners of assets, so that vulnerability scanners are entered to assets
Row vulnerability scanning.
It should be noted that detector is arranged between terminal device and server, refer to that terminal device is able to access that spy
Device is surveyed, and detector can access server.Wherein, terminal device includes the subscriber's main station that user uses, and server includes depositing
Store up the assets main frame of assets.Further, detector can be deployed on any main frame that subscriber's main station is able to access that, can also portion
Affix one's name on subscriber's main station or assets main frame on.
In embodiments of the present invention, the scan method of this kind of leak include obtain user send the leak to assets enter
The vulnerability scanning request of row scanning, the name information of the assets in being asked according to vulnerability scanning read the address information of assets, so
The vulnerability scanners push address information of backward assets, so that vulnerability scanners carry out vulnerability scanning to assets, wherein, address letter
Cease to be in advance based on the address information of the history access information of user foundation, without user's input address information, alleviate
Existing human cost higher technical problem when traditional vulnerability scanners scan leak.
In one optional embodiment of the embodiment of the present invention, as shown in Fig. 2 obtaining the leakage to assets of user's transmission
Before the vulnerability scanning request that hole is scanned, the scan method of leak, including:
Step S101, when user accesses any one assets by terminal device, obtain the address of any one assets
Information.
Step S102, the name information of the address information of any one assets and any one assets is accordingly stored in
In the memory of detector.
In the embodiment of the present invention, when user accesses any one assets by terminal device, any one assets is obtained
Address information so that the address information and name information for all assets that user is accessed by terminal device all accordingly store
In the memory of detector, i.e. to user by terminal device access any one assets process carried out analysis and
Filtering, can not find during vulnerability scanning or indiscoverable assets so as to be advantageous to obtain traditional scanner.
In another optional embodiment of the embodiment of the present invention, any one assets is accessed by terminal device in user
When, the address information of any one assets is obtained, including:
When user accesses any one assets by terminal device, detector obtains the access that terminal device is sent please
Ask.
Specifically, when user accesses any one assets by terminal device, user sends one section by terminal device
Data message, to represent that user operates to assets, the data message in the embodiment of the present invention is to pass through a kind of communication protocols
The data message that view is transmitted during being communicated, thus, contained in data message corresponding to corresponding communication protocol
Formatted data.
In addition, user is not limited to real operating personnel, any equipment in the side of user role one should also contain.
According to access request, it is determined that the communication protocol of access request is transmitted, wherein, communication protocol is terminal device and service
The agreement of access request is transmitted between device.
Specifically, the data message in access request is parsed, determines to transmit the communication protocol of access request.
Communication protocol is parsed, obtains the data format of access request;
Based on data format, address information is inquired about in access request.
Exemplified by carrying out vulnerability scanning to WEB assets, terminal device have sent the access request for accessing WEB assets, detection
After device can carry out SSL (Secure Sockets Layer, abbreviation SSL) decryption to access request, to access request
In data message parsed, it is then determined that going out WEB http protocols, further, the access request of WEB http protocols is entered
Row decoding, filters to the data message of access request, extracts the address information of assets of concern.
Specifically, such as user initiates to access https in terminal device by browser://www.dbapp.com/
During WEB assets corresponding to admin/login.php, after detector receives such linking request, SSL decryption is carried out, then
Decrypt http protocol and deposit the address information of the assets main frame of WEB assets.Next, detector and assets main frame are led to
Letter, assets main frame make corresponding response and push https to detector://www.dbapp.com/admin/login.php
Corresponding assets, detector is after the work such as the encryption in communication, coding by https://www.dbapp.com/
Assets corresponding to admin/login.php are pushed to terminal device.Above-mentioned WEB assets are scanned in follow-up vulnerability scanners
When, the communication channel information between terminal device and the assets main frame of storage WEB assets is pushed to vulnerability scanners by detector,
Be advantageous to the convenience that vulnerability scanners carry out vulnerability scanning to WEB assets.
In another optional embodiment of the embodiment of the present invention, by the address information of any one assets and any one
The name information of assets is accordingly stored in the memory of detector, including:
After inquiry obtains the address information of any one assets in access request, into memory, buffer address is believed
Breath.
Specifically, into memory after buffer address information, memory is persistently stored to address information, and memory can
It is each in order to access to set general SDK (Software Development Kit, abbreviation SDK) interface
The vulnerability scanners of kind of isomery, the assets for making vulnerability scanners corresponding to the address information that has in memory carry out leak and swept
Retouch.
In another optional embodiment of the embodiment of the present invention, address information includes:
Store the server address of assets or the URL of assets.
Specifically, address information can be the server address of such as 192.168.54.200 forms, or such as
https:URL (the Uniform of the resource of //www.dbapp.com/admin/login.php forms
Resource Locator, abbreviation URL).
Embodiment two
The scanning means of a kind of leak provided in an embodiment of the present invention, as shown in figure 3, the scanning means of leak is arranged on eventually
Between end equipment and server, the scanning means of leak includes:
First acquisition module 300, for obtaining the vulnerability scanning being scanned to the leak of the assets request of user's transmission,
Wherein, vulnerability scanning request includes the name information of assets;
Read module 400, for according to name information, reading the address information of assets, wherein, address information is advance base
In user history access information establish address information, history access information include history access assets name information and
Address information;
Pushing module 500, for pushing address information to the vulnerability scanners of assets, so that vulnerability scanners are entered to assets
Row vulnerability scanning.
In embodiments of the present invention, the first acquisition module 300 obtains what the leak to assets that user sends was scanned
Vulnerability scanning ask, read module 400 asked according to vulnerability scanning in assets name information read assets address information,
Then pushing module 500 pushes address information to the vulnerability scanners of assets, is swept so that vulnerability scanners carry out leak to assets
Retouch, wherein, address information is to be in advance based on the address information that the history access information of user is established, so as to which the scanning of the leak fills
Put existing human cost higher skill when without user's input address information, alleviating traditional vulnerability scanners scanning leak
Art problem.
In another optional embodiment of the embodiment of the present invention, as shown in figure 4, the scanning means of leak also includes:
Second acquisition module 100, for being asked in the vulnerability scanning being scanned to the leak of assets for obtaining user's transmission
Before asking, when user accesses any one assets by terminal device, the address information of any one assets is obtained;
Memory module 200, for the address information of any one assets is corresponding with the name information of any one assets
Ground is stored in the memory of device.
Another optional embodiment of the embodiment of the present invention, as shown in figure 5, the second acquisition module 100 includes:
Acquiring unit 101, sent for when user accesses any one assets by terminal device, obtaining terminal device
Access request;
Determining unit 102, for according to access request, it is determined that the communication protocol of transmission access request, wherein, communication protocol
The agreement of access request is transmitted between terminal device and server;
Resolution unit 103, for being parsed to communication protocol, obtain the data format of access request;
Query unit 104, for based on data format, address information to be inquired about in access request.
In another optional embodiment of the embodiment of the present invention, memory module 200 is used for:
After inquiry obtains the address information of any one assets in access request, into memory, buffer address is believed
Breath.
In another optional embodiment of the embodiment of the present invention, address information includes:
Store the server address of assets or the URL of assets.
The scan method for the leak that the embodiment of the present invention is provided and the computer program product of device, including store journey
The computer-readable recording medium of sequence code, the instruction that described program code includes can be used for performing institute in previous methods embodiment
The method stated, specific implementation can be found in embodiment of the method, will not be repeated here.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description
With the specific work process of device, the corresponding process in preceding method embodiment is may be referred to, will not be repeated here.
In addition, in the description of the embodiment of the present invention, unless otherwise clearly defined and limited, term " installation ", " phase
Even ", " connection " should be interpreted broadly, for example, it may be being fixedly connected or being detachably connected, or be integrally connected;Can
To be mechanical connection or electrical connection;Can be joined directly together, can also be indirectly connected by intermediary, Ke Yishi
The connection of two element internals.For the ordinary skill in the art, with concrete condition above-mentioned term can be understood at this
Concrete meaning in invention.
If the function is realized in the form of SFU software functional unit and is used as independent production marketing or in use, can be with
It is stored in a computer read/write memory medium.Based on such understanding, technical scheme is substantially in other words
The part to be contributed to prior art or the part of the technical scheme can be embodied in the form of software product, the meter
Calculation machine software product is stored in a storage medium, including some instructions are causing a computer equipment (can be
People's computer, server, or network equipment etc.) perform all or part of step of each embodiment methods described of the present invention.
And foregoing storage medium includes:USB flash disk, mobile hard disk, read-only storage (ROM, Read-Only Memory), arbitrary access are deposited
Reservoir (RAM, Random Access Memory), magnetic disc or CD etc. are various can be with the medium of store program codes.
In the description of the invention, it is necessary to explanation, term " " center ", " on ", " under ", "left", "right", " vertical ",
The orientation or position relationship of the instruction such as " level ", " interior ", " outer " be based on orientation shown in the drawings or position relationship, merely to
Be easy to the description present invention and simplify description, rather than instruction or imply signified device or element must have specific orientation,
With specific azimuth configuration and operation, therefore it is not considered as limiting the invention.
In addition, term " first ", " second ", " the 3rd " are only used for describing purpose, and it is not intended that instruction or implying phase
To importance.
Finally it should be noted that:Embodiment described above, it is only the embodiment of the present invention, to illustrate the present invention
Technical scheme, rather than its limitations, protection scope of the present invention is not limited thereto, although with reference to the foregoing embodiments to this hair
It is bright to be described in detail, it will be understood by those within the art that:Any one skilled in the art
The invention discloses technical scope in, it can still modify to the technical scheme described in previous embodiment or can be light
Change is readily conceivable that, or equivalent substitution is carried out to which part technical characteristic;And these modifications, change or replacement, do not make
The essence of appropriate technical solution departs from the spirit and scope of technical scheme of the embodiment of the present invention, should all cover the protection in the present invention
Within the scope of.Therefore, protection scope of the present invention described should be defined by scope of the claims.
Claims (10)
1. a kind of scan method of leak, it is characterised in that applied to detector, the detector is arranged on terminal device kimonos
It is engaged between device, methods described includes:
The detector obtains the vulnerability scanning being scanned to the leak of the assets request that user sends, wherein, the leak
Scan request includes the name information of the assets;
The detector reads the address information of the assets according to the name information, wherein, the address information is advance
The address information that history access information based on the user is established, the history access information include the assets that history accesses
Name information and address information;
The detector pushes the address information to the vulnerability scanners of the assets, so that the vulnerability scanners are to described
Assets carry out vulnerability scanning.
2. according to the method for claim 1, it is characterised in that be scanned in the leak to assets for obtaining user's transmission
Vulnerability scanning request before, methods described includes:
When the user accesses any one assets by the terminal device, the address letter of any one assets is obtained
Breath;
The name information of the address information of any one assets and any one assets is accordingly stored in described
In the memory of detector.
3. according to the method for claim 2, it is characterised in that any one money is accessed by terminal device in the user
During production, the address information of any one assets is obtained, including:
When the user accesses any one assets by the terminal device, the detector obtains the terminal device hair
The access request sent;
According to the access request, it is determined that the communication protocol of the access request is transmitted, wherein, the communication protocol is the end
The agreement of the access request is transmitted between end equipment and the server;
The communication protocol is parsed, obtains the data format of the access request;
Based on the data format, address information is inquired about in the access request.
4. according to the method for claim 3, it is characterised in that by the address information of any one assets and described
The name information of one assets of meaning is accordingly stored in the memory of the detector, including:
After inquiry obtains the address information of any one assets in the access request, delay into the memory
Deposit the address information.
5. according to the method for claim 1, it is characterised in that the address information includes:
Store the server address of the assets or the URL of the assets.
6. a kind of scanning means of leak, it is characterised in that described device is arranged between terminal device and server, the dress
Put including:
First acquisition module, for obtaining the vulnerability scanning being scanned to the leak of the assets request of user's transmission, wherein, institute
Stating vulnerability scanning request includes the name information of the assets;
Read module, for according to the name information, reading the address information of the assets, wherein, the address information is
The address information that the history access information of the user is established is in advance based on, the history access information includes the money that history accesses
The name information and address information of production;
Pushing module, for pushing the address information to the vulnerability scanners of the assets, so as to the vulnerability scanners pair
The assets carry out vulnerability scanning.
7. device according to claim 6, it is characterised in that described device includes:
Second acquisition module, before the vulnerability scanning being scanned to the leak of assets for being sent in acquisition user is asked,
When the user accesses any one assets by the terminal device, the address information of any one assets is obtained;
Memory module, for the name information of the address information of any one assets and any one assets is corresponding
Ground is stored in the memory of described device.
8. device according to claim 7, it is characterised in that second acquisition module includes:
Acquiring unit, for when the user accesses any one assets by the terminal device, obtaining the terminal and setting
The access request that preparation is sent;
Determining unit, for according to the access request, it is determined that the communication protocol of the access request is transmitted, wherein, it is described logical
Letter agreement transmits the agreement of the access request between the terminal device and the server;
Resolution unit, for being parsed to the communication protocol, obtain the data format of the access request;
Query unit, for based on the data format, address information to be inquired about in the access request.
9. device according to claim 8, it is characterised in that the memory module is used for:
After inquiry obtains the address information of any one assets in the access request, delay into the memory
Deposit the address information.
10. device according to claim 6, it is characterised in that the address information includes:
Store the server address of the assets or the URL of the assets.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710664116.9A CN107392031A (en) | 2017-08-04 | 2017-08-04 | The scan method and device of leak |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710664116.9A CN107392031A (en) | 2017-08-04 | 2017-08-04 | The scan method and device of leak |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107392031A true CN107392031A (en) | 2017-11-24 |
Family
ID=60344049
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710664116.9A Pending CN107392031A (en) | 2017-08-04 | 2017-08-04 | The scan method and device of leak |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107392031A (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108520179A (en) * | 2018-04-09 | 2018-09-11 | 福建中金在线信息科技有限公司 | A kind for the treatment of method and apparatus of webview loopholes |
CN110730180A (en) * | 2019-10-17 | 2020-01-24 | 杭州安恒信息技术股份有限公司 | Portable communication equipment detection instrument and communication equipment detection method |
CN110971599A (en) * | 2019-11-29 | 2020-04-07 | 杭州迪普科技股份有限公司 | Vulnerability scanning method and device |
CN111447224A (en) * | 2020-03-26 | 2020-07-24 | 江苏亨通工控安全研究院有限公司 | Web vulnerability scanning method and vulnerability scanner |
CN112560048A (en) * | 2020-12-22 | 2021-03-26 | 南方电网深圳数字电网研究院有限公司 | Code security scanning method, code security scanning system and storage medium |
CN112580053A (en) * | 2020-10-28 | 2021-03-30 | 西安四叶草信息技术有限公司 | Vulnerability scanning method and device |
CN112637159A (en) * | 2020-12-14 | 2021-04-09 | 杭州安恒信息技术股份有限公司 | Network asset scanning method, device and equipment based on active detection technology |
CN113422759A (en) * | 2021-06-10 | 2021-09-21 | 杭州安恒信息技术股份有限公司 | Vulnerability scanning method, electronic device and storage medium |
CN113596056A (en) * | 2021-08-11 | 2021-11-02 | 北京知道创宇信息技术股份有限公司 | Vulnerability scanning method and device, electronic equipment and computer readable storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103999089A (en) * | 2011-12-23 | 2014-08-20 | 迈克菲公司 | System and method for scanning for computer vulnerabilities in a network environment |
CN104200166A (en) * | 2014-08-05 | 2014-12-10 | 杭州安恒信息技术有限公司 | Script-based website vulnerability scanning method and system |
CN106130980A (en) * | 2016-06-23 | 2016-11-16 | 杭州迪普科技有限公司 | A kind of vulnerability scanning method and device |
CN106790190A (en) * | 2016-12-30 | 2017-05-31 | 北京神州绿盟信息安全科技股份有限公司 | A kind of Vulnerability Management system and method |
-
2017
- 2017-08-04 CN CN201710664116.9A patent/CN107392031A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103999089A (en) * | 2011-12-23 | 2014-08-20 | 迈克菲公司 | System and method for scanning for computer vulnerabilities in a network environment |
CN104200166A (en) * | 2014-08-05 | 2014-12-10 | 杭州安恒信息技术有限公司 | Script-based website vulnerability scanning method and system |
CN106130980A (en) * | 2016-06-23 | 2016-11-16 | 杭州迪普科技有限公司 | A kind of vulnerability scanning method and device |
CN106790190A (en) * | 2016-12-30 | 2017-05-31 | 北京神州绿盟信息安全科技股份有限公司 | A kind of Vulnerability Management system and method |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108520179A (en) * | 2018-04-09 | 2018-09-11 | 福建中金在线信息科技有限公司 | A kind for the treatment of method and apparatus of webview loopholes |
CN108520179B (en) * | 2018-04-09 | 2021-01-15 | 福建中金在线信息科技有限公司 | Method and device for processing webview vulnerability |
CN110730180A (en) * | 2019-10-17 | 2020-01-24 | 杭州安恒信息技术股份有限公司 | Portable communication equipment detection instrument and communication equipment detection method |
CN110971599A (en) * | 2019-11-29 | 2020-04-07 | 杭州迪普科技股份有限公司 | Vulnerability scanning method and device |
CN111447224A (en) * | 2020-03-26 | 2020-07-24 | 江苏亨通工控安全研究院有限公司 | Web vulnerability scanning method and vulnerability scanner |
CN112580053A (en) * | 2020-10-28 | 2021-03-30 | 西安四叶草信息技术有限公司 | Vulnerability scanning method and device |
CN112637159A (en) * | 2020-12-14 | 2021-04-09 | 杭州安恒信息技术股份有限公司 | Network asset scanning method, device and equipment based on active detection technology |
CN112560048A (en) * | 2020-12-22 | 2021-03-26 | 南方电网深圳数字电网研究院有限公司 | Code security scanning method, code security scanning system and storage medium |
CN112560048B (en) * | 2020-12-22 | 2024-01-30 | 南方电网深圳数字电网研究院有限公司 | Code security scanning method, code security scanning system and storage medium |
CN113422759A (en) * | 2021-06-10 | 2021-09-21 | 杭州安恒信息技术股份有限公司 | Vulnerability scanning method, electronic device and storage medium |
CN113596056A (en) * | 2021-08-11 | 2021-11-02 | 北京知道创宇信息技术股份有限公司 | Vulnerability scanning method and device, electronic equipment and computer readable storage medium |
CN113596056B (en) * | 2021-08-11 | 2022-12-27 | 北京知道创宇信息技术股份有限公司 | Vulnerability scanning method and device, electronic equipment and computer readable storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107392031A (en) | The scan method and device of leak | |
CN102868696B (en) | The communication of many equipment rooms and information synchronization method and system | |
CN110502887B (en) | Electronic payment method and device | |
CN105933888B (en) | A kind of eSIM card method for burn-recording and device based on NFC | |
CN103065178B (en) | A kind of Quick Response Code sharing apparatus, access means and sharing method | |
CN108668277B (en) | Method and equipment for sharing and acquiring information | |
CN104008325A (en) | Mobile phone Wi-Fi network-connecting real name identity authentication platform and method based on two-dimension codes | |
CN102710777A (en) | Advertisement push-delivery method and system, as well as advertisement pusher | |
CN110290015A (en) | Remote deployment method, apparatus and storage medium | |
FR2923337A1 (en) | METHOD AND SYSTEM FOR EXCHANGING DATA BETWEEN REMOTE SERVERS. | |
CN101635714A (en) | Method and system for improving network application safety | |
US20130031260A1 (en) | Method and apparatus for establishing an ad-hoc bi-directional network with an optical identifier | |
CN111262746B (en) | Equipment opening deployment system and method | |
CN111066014B (en) | Apparatus, method, and program for remotely managing devices | |
CN103581881B (en) | Comprehensive number-obtaining device as well as system and method for obtaining cell phone number of user on network side | |
CN110505188A (en) | A kind of terminal authentication method, relevant device and Verification System | |
CN105554136B (en) | Backup Data restoring method, apparatus and system | |
CN109560895A (en) | Data transmission method and device | |
US9392454B2 (en) | System and method for computer authentication using image analysis of a shared secret | |
CN103634396A (en) | Method, gateway equipment and system for accessing intranet webpage service data | |
CN106789905A (en) | A kind of network access equipment and method | |
CN110034979A (en) | A kind of proxy resources monitoring method, device, electronic equipment and storage medium | |
CN102299945A (en) | Gateway configuration page registration method, system thereof and portal certificate server | |
CN103491120A (en) | System and method for user information transferring based on cloud storage | |
CN112101924A (en) | Information display method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171124 |
|
RJ01 | Rejection of invention patent application after publication |