CN111431878A - Network security penetration testing system - Google Patents
Network security penetration testing system Download PDFInfo
- Publication number
- CN111431878A CN111431878A CN202010183789.4A CN202010183789A CN111431878A CN 111431878 A CN111431878 A CN 111431878A CN 202010183789 A CN202010183789 A CN 202010183789A CN 111431878 A CN111431878 A CN 111431878A
- Authority
- CN
- China
- Prior art keywords
- module
- signal connection
- virus
- testing unit
- testing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
the invention relates to the technical field of network security, in particular to a network security penetration testing system which comprises a control center, wherein the control center is in signal connection with a virus testing unit, a script testing unit, an SQ attack testing unit and a DNS reflection testing unit, the virus testing unit, the script testing unit, a SQ L attack testing unit and the DNS reflection testing unit are in signal connection with a network system, the network system is in signal connection with a monitoring module, the monitoring module is in signal connection with a bug recording module, the bug recording module is in signal connection with a display module, the virus testing unit comprises a virus recording module, the virus recording module is in signal connection with a virus storage module, the virus storage module is in signal connection with a recording module, the recording module is in signal connection with an execution module, and the virus recording module, the virus storage module, the recording module and the execution module are in signal connection with the control center.
Description
Technical Field
The invention relates to the technical field of network security, in particular to a network security penetration testing system.
Background
The network security refers to that the hardware, software and data in the system of the network system are protected and are not damaged, changed and leaked due to accidental or malicious reasons, the system continuously, reliably and normally operates, and the network service is not interrupted. The security of the network is subjected to penetration testing to simulate the attack of a hacker, so that the vulnerability of the network is displayed to maintain the vulnerability.
Disclosure of Invention
The invention aims to solve the defects that various conditions cannot be simulated and more bugs cannot be found in the prior art, and provides a network security penetration testing system.
In order to achieve the purpose, the invention adopts the following technical scheme:
designing a network security penetration test system, which comprises a control center, wherein the control center is in signal connection with a virus test unit, a script test unit, an SQ L attack test unit and a DNS reflection test unit, the virus test unit, the script test unit, the SQ L attack test unit and the DNS reflection test unit are in signal connection with a network system, the network system is in signal connection with a monitoring module, the monitoring module is in signal connection with a vulnerability recording module, and the vulnerability recording module is in signal connection with a display module;
The script test unit comprises an updating module, a script storage module and an implanting module, wherein the updating module is in signal connection with the script storage module, the script storage module is in signal connection with the implanting module, and the updating module, the script storage module and the implanting module are in signal connection with the control center;
The virus testing unit comprises a virus input module, the virus input module is in signal connection with a virus storage module, the virus storage module is in signal connection with a recording module, the recording module is in signal connection with an execution module, and the virus input module, the virus storage module, the recording module and the execution module are in signal connection with the control center.
Preferably, the DNS reflection module includes a simulation module, the simulation module is in telecommunication connection with a transmission module, the transmission module is electrically connected with an amplification module, the request sent by the transmission module is amplified by the amplification module, the amplification module is in signal connection with the network system, and the simulation module, the transmission module and the amplification module are in signal connection with the control center.
Preferably, the monitoring module is electrically connected with a conversion unit, and the conversion unit is in signal connection with the display module.
Preferably, the conversion unit includes a tracking module, the tracking module is in signal connection with a conversion module, the conversion module is in signal connection with a graphic module, and the graphic module is in signal connection with the display module so as to perform graphic display.
preferably, the SQ L attack testing unit includes an output module, the input module is in signal connection with an insertion module, the insertion module is in signal connection with a submission module, the submission module is in signal connection with the network system, and the input module, the insertion module and the submission module are electrically connected with the control center.
Preferably, the vulnerability recording module is in signal connection with an inquiry module, the inquiry module is in signal connection with a database, the database is in signal connection with a download module, and the download module is in signal connection with the display module.
the network security penetration testing system has the advantages that various types of invasion are carried out on the network system through the virus testing unit, the script testing unit, the SQ L attack testing unit and the DNS reflection testing unit, the vulnerability of the network system is ensured to be found out, the vulnerability is convenient to repair, and therefore the network security is improved.
Drawings
FIG. 1 is a block diagram of a network security penetration testing system according to the present invention;
FIG. 2 is a system block diagram of a conversion unit of the network security penetration testing system according to the present invention;
Fig. 3 is a system block diagram of a DNS reflection testing unit of a network security penetration testing system according to the present invention;
fig. 4 is a system block diagram of a SQ L attack test unit of the network security penetration test system according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments.
Example 1
referring to fig. 1, the network security penetration testing system includes a control center, the control center is in signal connection with a virus testing unit, a script testing unit, an SQ L attack testing unit, and a DNS reflection testing unit, the virus testing unit, the script testing unit, the SQ L attack testing unit, and the DNS reflection testing unit are in signal connection with a network system, the network system is in signal connection with a monitoring module, the monitoring module is in signal connection with a bug recording module, the bug recording module is in signal connection with a display module, virus intrusion is simulated through the virus testing unit, a scenario condition is simulated through the script testing unit, a cheat server is simulated through the SQ L attack testing unit to execute a malicious SQ L command, a DNS attack is simulated through the DNS reflection testing unit, various intrusions are simulated, bugs in the network system are found out, and are recorded by the bug recording module, so that bugs in the network system are repaired, thereby enhancing network security;
The script testing unit comprises an updating module, a script storage module and an implanting module, wherein the updating module is in signal connection with the script storage module, the script storage module is in signal connection with the implanting module, the updating module, the script storage module and the implanting module are in signal connection with the control center, malicious script information is stored in the script storage module, the information is implanted into a network system through the implanting module, and when a browser browses the information, malicious scripts are executed to steal the information, so that malicious script attacks are simulated;
The virus testing unit comprises a virus input module, the virus input module is in signal connection with a virus storage module, the virus storage module is in signal connection with a recording module, the recording module is in signal connection with an execution module, the virus input module, the virus storage module, the recording module and the execution module are in signal connection with the control center, the recording module records information of the virus by storing the virus in the virus storage module, and the execution module puts the virus into a network system to simulate virus attack of a hacker.
Example 2
Referring to fig. 3, as another preferred embodiment of the present invention, the difference from embodiment 1 is that the DNS reflection module includes a simulation module, the simulation module is in telecommunication connection with a transmission module, the transmission module is electrically connected with an amplification module, the amplification module amplifies a request sent by the transmission module, the amplification module is in signal connection with the network system, the simulation module, the transmission module, and the amplification module are in signal connection with the control center, the simulation module simulates DNS attack, the DNS attack is performed by the simulation module, the DNS attack is transmitted by the transmission module, and then the DNS request is amplified by the amplification module, so that a large amount of DNS requests are transmitted to attack a host in the network system.
Example 3
Referring to fig. 2, as another preferred embodiment of the present invention, the difference from embodiment 1 is that the monitoring module is electrically connected to a conversion unit, the conversion unit is in signal connection with the display module, the conversion unit includes a tracking module, the tracking module is in signal connection with a conversion module, the conversion module is in signal connection with a graphical module, the graphical module is in signal connection with the display module so as to perform graphical display, each attack is monitored by the monitoring module so as to update the attack situation in real time, and the monitored data information is converted into a picture by the conversion unit so as to know more clearly how the firewall and antivirus software of the network system enter external intrusion, and simultaneously, the vulnerability is displayed.
Example 4
referring to fig. 4, as another preferred embodiment of the present invention, the difference from embodiment 1 is that the SQ L attack test unit includes an output module, the input module is in signal connection with an insertion module, the insertion module is in signal connection with a submission module, the submission module is in signal connection with the network system, the input module, the insertion module, and the submission module are electrically connected to the control center, the SQ L instruction is input through the input module, the insertion module is added to a network page request query string, and then the submission module submits the SQ L instruction, so as to simulate a malicious SQ L instruction.
Example 5
Referring to fig. 1, as another preferred embodiment of the present invention, the difference from embodiment 1 is that the vulnerability recording module is in signal connection with an inquiry module, the inquiry module is in signal connection with a database, the database is in signal connection with a download module, the download module is in signal connection with the display module, the vulnerability displayed during testing is recorded and stored by the vulnerability recording module, the inquiry module is used for inquiring in the database, and then the download module is used for downloading the information of the relevant repaired vulnerability in the database, so as to repair the vulnerability, thereby enhancing the security of the network system.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art should be considered to be within the technical scope of the present invention, and the technical solutions and the inventive concepts thereof according to the present invention should be equivalent or changed within the scope of the present invention.
Claims (6)
1. the network security penetration testing system comprises a control center and is characterized in that the control center is in signal connection with a virus testing unit, a script testing unit, an SQ L attack testing unit and a DNS reflection testing unit, the virus testing unit, the script testing unit, the SQ L attack testing unit and the DNS reflection testing unit are in signal connection with a network system, the network system is in signal connection with a monitoring module, the monitoring module is in signal connection with a vulnerability recording module, and the vulnerability recording module is in signal connection with a display module;
The script test unit comprises an updating module, a script storage module and an implanting module, wherein the updating module is in signal connection with the script storage module, the script storage module is in signal connection with the implanting module, and the updating module, the script storage module and the implanting module are in signal connection with the control center;
The virus testing unit comprises a virus input module, the virus input module is in signal connection with a virus storage module, the virus storage module is in signal connection with a recording module, the recording module is in signal connection with an execution module, and the virus input module, the virus storage module, the recording module and the execution module are in signal connection with the control center.
2. The system according to claim 1, wherein the DNS reflection module includes a simulation module, the simulation module is connected with a transmission module in a telecommunication manner, the transmission module is electrically connected with an amplification module, the request transmitted by the transmission module is amplified by the amplification module, the amplification module is in signal connection with the network system, and the simulation module, the transmission module and the amplification module are in signal connection with the control center.
3. The cybersecurity permeability testing system according to claim 1, wherein the monitoring module is electrically connected with a conversion unit, and the conversion unit is in signal connection with the display module.
4. The cybersecurity permeation testing system of claim 3, wherein the conversion unit comprises a trace module in signal connection with a conversion module in signal connection with a graphic module in signal connection with the display module for graphic display.
5. the network security penetration test system of claim 1, wherein the SQ attack test unit comprises an output module, an insertion module in signal connection with the input module, a submission module in signal connection with the insertion module, the submission module in signal connection with the network system, and the input module, the insertion module, and the submission module in electrical connection with the control center.
6. The cybersecurity permeability testing system according to claim 1, wherein the vulnerability logging module is in signal connection with an inquiry module, the inquiry module is in signal connection with a database, the database is in signal connection with a download module, and the download module is in signal connection with the display module.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010183789.4A CN111431878A (en) | 2020-03-16 | 2020-03-16 | Network security penetration testing system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010183789.4A CN111431878A (en) | 2020-03-16 | 2020-03-16 | Network security penetration testing system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN111431878A true CN111431878A (en) | 2020-07-17 |
Family
ID=71548209
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010183789.4A Pending CN111431878A (en) | 2020-03-16 | 2020-03-16 | Network security penetration testing system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111431878A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113221111A (en) * | 2021-05-12 | 2021-08-06 | 上海安锵信息科技有限公司 | Penetration testing system for network security |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105554022A (en) * | 2016-01-12 | 2016-05-04 | 烟台南山学院 | Automatic testing method of software |
CN107426227A (en) * | 2017-08-02 | 2017-12-01 | 江苏省邮电规划设计院有限责任公司 | One kind automation safe penetration method of testing |
CN108540491A (en) * | 2018-04-27 | 2018-09-14 | 四川长虹电器股份有限公司 | Semi-automatic Permeation Test System based on drive sweep and method |
CN109309680A (en) * | 2018-10-09 | 2019-02-05 | 山西警察学院 | Network security detection method and guard system based on neural network algorithm |
CN110209583A (en) * | 2019-06-03 | 2019-09-06 | 中国银联股份有限公司 | Safety detecting method, device, system, equipment and storage medium |
CN110768951A (en) * | 2019-08-14 | 2020-02-07 | 奇安信科技集团股份有限公司 | Method and device for verifying system vulnerability, storage medium and electronic device |
CN110851838A (en) * | 2019-11-11 | 2020-02-28 | 广东电网有限责任公司 | Cloud testing system and security testing method based on Internet |
-
2020
- 2020-03-16 CN CN202010183789.4A patent/CN111431878A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105554022A (en) * | 2016-01-12 | 2016-05-04 | 烟台南山学院 | Automatic testing method of software |
CN107426227A (en) * | 2017-08-02 | 2017-12-01 | 江苏省邮电规划设计院有限责任公司 | One kind automation safe penetration method of testing |
CN108540491A (en) * | 2018-04-27 | 2018-09-14 | 四川长虹电器股份有限公司 | Semi-automatic Permeation Test System based on drive sweep and method |
CN109309680A (en) * | 2018-10-09 | 2019-02-05 | 山西警察学院 | Network security detection method and guard system based on neural network algorithm |
CN110209583A (en) * | 2019-06-03 | 2019-09-06 | 中国银联股份有限公司 | Safety detecting method, device, system, equipment and storage medium |
CN110768951A (en) * | 2019-08-14 | 2020-02-07 | 奇安信科技集团股份有限公司 | Method and device for verifying system vulnerability, storage medium and electronic device |
CN110851838A (en) * | 2019-11-11 | 2020-02-28 | 广东电网有限责任公司 | Cloud testing system and security testing method based on Internet |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113221111A (en) * | 2021-05-12 | 2021-08-06 | 上海安锵信息科技有限公司 | Penetration testing system for network security |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10243679B2 (en) | Vulnerability detection | |
US20220232033A1 (en) | Method and system for generating stateful attacks | |
CN102546576B (en) | A kind of web page horse hanging detects and means of defence, system and respective code extracting method | |
CN104995630B (en) | Computing system and method for security test | |
CN108830084B (en) | Handheld terminal for realizing vulnerability scanning and protection reinforcement and protection method | |
CN103996007A (en) | Testing method and system for Android application permission leakage vulnerabilities | |
CN107273748A (en) | A kind of method that Android system Hole Detection is realized based on leak poc | |
CN111353151B (en) | Vulnerability detection method and device for network application | |
CN103971059B (en) | Cookie local storage and usage method | |
CN114065204A (en) | File-free Trojan horse searching and killing method and device | |
CN116340943A (en) | Application program protection method, device, equipment, storage medium and program product | |
CN111431878A (en) | Network security penetration testing system | |
US12039037B2 (en) | Online command injection attacks identification | |
CN112118241A (en) | Audit penetration testing method, testing node server, management server and system | |
CN111723374A (en) | Vulnerability scanning method and device | |
CN113221111A (en) | Penetration testing system for network security | |
Morais et al. | Generating attack scenarios for the system security validation | |
CN114640484A (en) | Network security countermeasure method and device and electronic equipment | |
CN113434217A (en) | Vulnerability scanning method and device, computer equipment and medium | |
CN112738068A (en) | Network vulnerability scanning method and device | |
Chen et al. | Design considerations for a honeypot for SQL injection Attacks | |
CN115632882B (en) | Illegal network attack detection method, computer equipment and medium | |
CN118101164B (en) | Defense method, device, terminal and storage medium for data interaction first-aid running attack | |
CN111598268B (en) | Power plant equipment detection method, system, equipment and computer storage medium | |
US20230179624A1 (en) | Attack reproduction support apparatus, attack reproduction support method, and computer readable recording medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200717 |
|
RJ01 | Rejection of invention patent application after publication |