CN111541693A - Automatic penetration test and data evidence obtaining system for multiple types of systems - Google Patents
Automatic penetration test and data evidence obtaining system for multiple types of systems Download PDFInfo
- Publication number
- CN111541693A CN111541693A CN202010328638.3A CN202010328638A CN111541693A CN 111541693 A CN111541693 A CN 111541693A CN 202010328638 A CN202010328638 A CN 202010328638A CN 111541693 A CN111541693 A CN 111541693A
- Authority
- CN
- China
- Prior art keywords
- penetration
- utilization module
- layer
- module
- vulnerabilities
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention provides an automatic penetration test and data evidence obtaining system facing to a plurality of systems, which comprises: the system comprises a control layer, a scheduling layer, a resource layer and a base layer, wherein the control layer manages resource scheduling of the scheduling layer; the scheduling layer calls each subsystem of the resource layer through an interface so as to perform penetration detection on each target object; the management and control layer is used for executing task management and control, process management and resource management; the scheduling layer is used for executing tool scheduling, tool driving, data acquisition and data analysis; the resource layer includes: the system comprises a computer network penetration utilization module, a WiFi network penetration utilization module, a cloud platform and big data component penetration utilization module, a video monitoring device penetration utilization module, an office automation device penetration utilization module, industrial control equipment, an Internet of things penetration utilization module and a statistical report management module; the foundation layer provides hardware support for the entire platform.
Description
Technical Field
The invention relates to the technical field of network security, in particular to an automatic penetration test and data evidence obtaining system for multiple types of systems.
Background
Since 2013, the annual average increase rate of the number of the security vulnerabilities recorded by a national information security vulnerability sharing platform (CNVD) is 21.6%, but the number of the security vulnerabilities recorded in 2017 is increased by 47.4% compared with 2016 (15955), and the recorded number of the security vulnerabilities reaches the new high history. Wherein, the high-risk loophole recording quantity is up to 5615 (accounting for 35.2%), and the comparably increases by 35.4%. The number of holes in the zero day is 3854 (accounting for 24.2 percent), and the hole is increased by 75.0 percent in proportion.
The development of the internet also brings a new information sharing mode, so that some attack tools and attack methods are rapidly spread on the internet, and a large number of network security events are caused. The event treatment is mainly carried out through the penetration test in the past, and due to the fact that no professional penetration test and data evidence obtaining tool exists, the treatment wastes time and labor, the statistical analysis, comparison and summarization are not easy to carry out on the network security event, and the event treatment result cannot be managed. The concrete points are as follows:
1. the method is seriously dependent on the capability and experience of a penetration test engineer, and is time-consuming and labor-consuming;
2. the manual analysis has too coarse granularity and no effective and comprehensive penetration utilization tool;
3. a comprehensive and detailed security vulnerability reinforcing mechanism is not available, and the disposal experience and knowledge cannot be accumulated and transferred;
4. the attack event is not easy to be subjected to evidence collection and source tracing, and standard guidance and operation guidance are lacked;
5. penetration testing is an expensive service.
Disclosure of Invention
The object of the present invention is to solve at least one of the technical drawbacks mentioned.
Therefore, the invention aims to provide an automatic penetration test and data forensics system facing to a multi-class system.
In order to achieve the above object, an embodiment of the present invention provides an automated penetration testing and data forensics system for a multi-class system, including: the system comprises a control layer, a scheduling layer, a resource layer and a base layer, wherein the control layer manages resource scheduling of the scheduling layer; the scheduling layer calls subsystems of the resource layer through interfaces so as to perform penetration detection on target objects;
the management and control layer is used for executing task management and control, process management and resource management;
the scheduling layer is used for executing tool scheduling, tool driving, data acquisition and data analysis;
the resource layer includes: a computer network infiltration utilization module, a WiFi network infiltration utilization module, a cloud platform and big data component infiltration utilization module, a video monitoring equipment infiltration utilization module, an office automation equipment infiltration utilization module, industrial control equipment, an Internet of things infiltration utilization module and a statistical report management module, wherein,
the computer network infiltration utilization module is used for carrying out asset equipment and infiltration utilization on computer network equipment;
the WiFi network penetration utilization module is used for carrying out asset identification and penetration utilization on the Wi-Fi network access equipment;
the cloud platform and big data component penetration utilization module is used for identifying and penetrating and utilizing the assets of the cloud platform and the big data component;
the video monitoring equipment penetration utilization module is used for identifying and penetrating and utilizing the assets of the video monitoring equipment;
the office automation equipment penetration utilization module is used for executing asset identification and penetration utilization of the networking type office automation equipment;
the industrial control equipment and the Internet of things penetration utilization module are used for identifying and penetrating and utilizing assets of industrial control equipment and the Internet of things;
the statistical report management module is used for presenting execution results of the computer network penetration utilization module, the WiFi network penetration utilization module, the cloud platform and big data component penetration utilization module, the video monitoring equipment penetration utilization module, the office automation equipment penetration utilization module, the industrial control equipment and the Internet of things penetration utilization module to a user in a report form;
the foundation layer provides hardware support for the entire platform.
Further, the computer network penetration utilization module utilizes remote command execution, buffer overflow, denial of service attack, SQL injection vulnerability, cross-site script vulnerability and authentication bypass vulnerability to obtain the authority of the target system, and asset equipment and penetration utilization of computer network equipment are realized.
Further, the WiFi network penetration utilization module executes by using a remote command, accesses the control loophole, inputs the verification loophole, leaks information and traverses the loophole to obtain evidence of electronic evidence of the target system, and asset identification and penetration utilization of the Wi-Fi network access equipment are achieved.
Further, the video monitoring equipment penetration utilization module is used for utilizing remote command execution, buffer overflow vulnerability, cross-site script vulnerability, command injection vulnerability and weak password to carry out electronic evidence collection on the target system.
Further, the penetration utilization module of the office automation equipment utilizes unauthorized bugs, cross-site script bugs and information leakage bugs to obtain evidence of electronic evidence of a target system.
Further, the industrial control equipment and the Internet of things penetration utilization module utilize access control loopholes, SQL injection loopholes, authentication bypass loopholes, information leakage loopholes and path traversal loopholes to perform electronic evidence collection on a target system.
Further, the electronic evidence obtaining comprises: executing a command, acquiring sensitive information, uploading a shell, improving system authority and acquiring a specific file.
Furthermore, the statistical report management module is also used for providing a penetration utilization result, a corresponding reinforcement suggestion scheme and self-defined report contents.
Further, the resource layer further comprises: the system comprises an operating system vulnerability penetration utilization module and a WEB application vulnerability penetration utilization module.
According to the automatic penetration test and data forensics system for the multi-class system, the penetration test and data forensics for the following six classes of targets can be realized, and the method comprises the following steps: the system comprises a computer network, a Wi-Fi network, a cloud platform, a big data platform, video monitoring equipment, office automation equipment, industrial control equipment, an Internet of things and the like. The invention can improve the penetration test and data evidence obtaining efficiency of information safety practitioners, provide timely, professional and efficient service, provide quick and complete technical support for users, and provide powerful guarantee for safe and reliable sustainable operation of an information system.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
FIG. 1 is a block diagram of an automated penetration testing and data forensics system for a multi-class system according to an embodiment of the invention;
FIG. 2 is an architecture diagram of an automated penetration testing and data forensics system for a multi-class system according to an embodiment of the invention;
fig. 3 is a deployment diagram of an automated penetration testing and data forensics system for a multi-class system according to an embodiment of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative and intended to be illustrative of the invention and are not to be construed as limiting the invention.
As shown in fig. 2, the system for automatic penetration testing and data forensics for multiple classes of systems according to the embodiment of the present invention includes: the system comprises a control layer, a scheduling layer, a resource layer and a base layer, wherein the control layer manages resource scheduling of the scheduling layer; and the scheduling layer calls subsystems of the resource layer through the interfaces so as to perform penetration detection on each target object. Specifically, the management and control layer is used for performing task management and control, process management and resource management. The scheduling layer is used for executing tool scheduling, tool driving, data acquisition and data analysis. The foundation layer provides hardware support for the entire platform.
Referring to fig. 1, a resource layer includes: the system comprises a computer network penetration utilization module, a WiFi network penetration utilization module, a cloud platform and big data component penetration utilization module, a video monitoring device penetration utilization module, an office automation device penetration utilization module, industrial control equipment, an Internet of things penetration utilization module and a statistical report management module.
The computer network infiltration utilization module is used for carrying out asset equipment and infiltration utilization on computer network equipment.
Specifically, the computer network penetration utilization module executes a remote command, overflows a buffer area, refuses service attack, SQL injection loophole, cross-site script loophole and authentication bypass loophole to obtain the authority of a target system, so that asset equipment and penetration utilization of computer network equipment are realized. The automatic penetration test and data evidence obtaining system oriented to the multi-class system supports asset identification, penetration utilization and the like of computer network equipment, the target system comprises an operating system, a database, Web application, network equipment, network safety equipment and the like, and the number of penetration utilization modules is more than or equal to 500. The system covers manufacturers such as intel chips, OpenSSL, MySQL, PostgreSQL, Domino, Utility friend, Tomcat, Weblogic, My, Sharp, deep faith, astronomical, Fortinet and the like. By utilizing the vulnerabilities such as remote command execution, buffer overflow, denial of service attack, SQL injection vulnerability, cross-site script vulnerability, authentication bypass vulnerability and the like, the authority of the target system is obtained, and deeper control and data forensics are carried out.
The WiFi network penetration utilization module is used for carrying out asset identification and penetration utilization on the Wi-Fi network access equipment.
Specifically, the WiFi network penetration utilization module executes, accesses and controls the vulnerability, inputs and verifies the vulnerability, leaks information leakage and traverses the vulnerability by using a remote command so as to obtain evidence of electronic evidence of a target system and realize asset identification and penetration utilization of the Wi-Fi network access equipment. The automatic penetration test and data evidence obtaining system for the multi-class system supports asset identification, penetration utilization and the like of Wi-Fi network access equipment, and the number of penetration utilization modules is more than or equal to 20. Vendor equipment such as Cisco, D-Link, TP-Link, ZTE, NEC and the like are covered. Electronic evidence collection is carried out on a target system by utilizing remote command execution, access control bugs, input verification bugs, information leakage bugs, path traversal bugs and other bugs.
The cloud platform and big data component penetration utilization module is used for identifying and penetrating and utilizing the assets of the cloud platform and the big data component.
Specifically, the automatic penetration testing and data forensics system for the multi-class system supports asset identification, penetration utilization and the like of a cloud platform and big data components, and the number of penetration utilization modules is more than or equal to 20. Vendors such as Spark, Solr, elastic search, CouchDB, MongoDB, etc. are contemplated. Electronic evidence collection is carried out on a target system by utilizing vulnerabilities such as remote command execution, unauthorized access vulnerabilities, cross-site script vulnerabilities and the like.
The video monitoring equipment penetration utilization module is used for asset identification and penetration utilization of the video monitoring equipment.
Specifically, the video monitoring equipment penetration utilization module is used for utilizing remote command execution, buffer overflow vulnerability, cross-site script vulnerability, command injection vulnerability and weak password to carry out electronic evidence collection on a target system. The automatic penetration test and data forensics system for the multi-class system supports asset identification, penetration utilization and the like of video monitoring equipment, and the number of penetration utilization modules is more than or equal to 50. The manufacturer equipment such as Haekwondo, Yu-Shi, Cisco, AVTECH, TP-Link, Axis, trends, Samsung, Sony and the like is covered. Electronic evidence collection is carried out on a target system by utilizing vulnerabilities such as remote command execution, buffer overflow vulnerability, cross-site script vulnerability, command injection vulnerability and weak password.
The office automation equipment penetration utilization module is used for executing asset identification and penetration utilization of the networking type office automation equipment.
Specifically, the penetration utilization module of the office automation equipment utilizes unauthorized bugs, cross-site script bugs and information leakage bugs to obtain evidence of electronic evidence of a target system. The automatic penetration test and data evidence obtaining system oriented to the multi-class system supports asset identification, penetration utilization and the like of networking type office automation equipment, and the number of penetration utilization modules is more than or equal to 10. Covers the equipment of manufacturers such as Canon, Toshiba, Fuji, Hewlett packard, Del and the like. Electronic evidence collection is carried out on the target system by utilizing vulnerabilities such as unauthorized vulnerabilities, cross-site script vulnerabilities and information leakage vulnerabilities.
And the industrial control equipment and the Internet of things penetration utilization module are used for identifying and penetrating and utilizing assets of industrial control equipment and the Internet of things.
Specifically, the industrial control equipment and the internet of things penetration utilization module utilize access control bugs, SQL injection bugs, authentication bypass bugs, information leakage bugs and path traversal bugs to perform electronic evidence collection on a target system. The automatic penetration test and data evidence obtaining system for the multi-class system supports asset identification, penetration utilization and the like of industrial control equipment and the Internet of things, and the number of penetration utilization modules is more than or equal to 20. The manufacturer equipment of Siemens, Schneider, Tuwa, BWS, Contec, eQ-3, etc. is covered. Electronic evidence collection is carried out on the target system by utilizing the vulnerabilities such as access control vulnerabilities, SQL injection vulnerabilities, authentication bypass vulnerabilities, information leakage vulnerabilities and path traversal vulnerabilities.
In an embodiment of the present invention, in the above embodiment, the WiFi network penetration utilization module, the cloud platform and big data component penetration utilization module, the video monitoring device penetration utilization module, the office automation device penetration utilization module, the industrial control device, and the internet of things penetration utilization module, and through an efficient penetration utilization tool, can perform electronic evidence forensics on a target system, including: executing a command, acquiring sensitive information, uploading a shell, improving system authority, acquiring a specific file and the like.
The statistical report management module is used for presenting execution results of the computer network penetration utilization module, the WiFi network penetration utilization module, the cloud platform and big data component penetration utilization module, the video monitoring equipment penetration utilization module, the office automation equipment penetration utilization module, the industrial control equipment and the Internet of things penetration utilization module to a user in a report form.
Specifically, the statistical report management module is further configured to provide the penetration utilization result, the corresponding reinforcement suggestion scheme, and the user-defined report content. The automatic penetration test and data evidence obtaining system oriented to the multi-class system presents the information to the user through a flexible report form and supports various format outputs. And the penetration utilization result, the corresponding reinforcement suggestion scheme and the self-defined report content are provided, and the safety condition of the current network is more intuitively known.
In an embodiment of the present invention, the resource layer further includes: the system comprises an operating system vulnerability penetration utilization module and a WEB application vulnerability penetration utilization module. The operating system vulnerability penetration utilization module is used for identifying and penetrating and utilizing assets of the operating system. And the WEB application vulnerability penetration utilization module is used for identifying and penetrating and utilizing the assets of the WEB application.
The automatic penetration test and data evidence obtaining system oriented to the multi-class system is used as a vulnerability evidence obtaining tool to realize a comprehensive penetration test object. The invention relates to an automatic penetration test and data evidence obtaining system for a multi-class system, which mainly aims at carrying out penetration test on six major classes of targets and comprises the following steps: operating systems, databases, Web applications, network devices, network security devices, and the like; a Wi-Fi network access device; a cloud platform and a big data component; a video monitoring device; networking type office automation equipment; industrial control equipment, the internet of things and the like.
The automatic penetration test and data evidence obtaining system oriented to the multi-class system integrates comprehensive and efficient penetration test tools, and related vulnerability utilization tools are connected in series according to the flow of the penetration test, so that various vulnerability hazards existing in a target system are effectively presented. Comprises the following steps: the number of tools of the computer network infiltration utilization module is more than or equal to 500; the number of tools of the Wi-Fi network penetration utilization module is more than or equal to 20; the number of tools of the cloud platform and the big data component penetration utilization module is more than or equal to 20; the number of tools of the video monitoring equipment penetration utilization module is more than or equal to 50; the number of tools of the penetration utilization module of the office automation equipment is more than or equal to 10; the number of tools of the industrial control equipment and the Internet of things penetration utilization module is more than or equal to 20.
Fig. 3 is a deployment diagram of an automated penetration testing and data forensics system for a multi-class system according to an embodiment of the present invention.
The automatic penetration test and data evidence obtaining system oriented to the multi-class system is configured according to the distribution condition of the network IP addresses, can be deployed at any place of a network, and can work normally as long as a target system to be subjected to vulnerability evidence obtaining can be accessed.
In consideration of safety, generally, a set of automatic penetration testing and data forensics system facing multiple systems is arranged at a core switch in a bypass mode, so that potential danger points which are possibly penetrated in a target system can be accurately detected, potential safety hazards in a detected target can be found out, relevant function modules in a penetration tool are automatically selected and called, penetration utilization of the target system is completed, and vulnerability hazards are directly displayed. Therefore, the safety level of the information system is comprehensively improved, and the increasing safety requirements of various service systems are met.
According to the automatic penetration test and data forensics system for the multi-class system, the penetration test and data forensics for the following six classes of targets can be realized, and the method comprises the following steps: the system comprises a computer network, a Wi-Fi network, a cloud platform, a big data platform, video monitoring equipment, office automation equipment, industrial control equipment, an Internet of things and the like. The invention can improve the penetration test and data evidence obtaining efficiency of information safety practitioners, provide timely, professional and efficient service, provide quick and complete technical support for users, and provide powerful guarantee for safe and reliable sustainable operation of an information system.
The automatic penetration test and data evidence obtaining system for the multi-class system mainly aims at six major classes of targets to carry out penetration test, and comprises a computer network, a Wi-Fi network, a cloud platform, a big data assembly, video monitoring equipment, office automation equipment, industrial control equipment, an Internet of things and the like. The automatic penetration test and data evidence obtaining system oriented to the multi-class system integrates a series of efficient penetration test tools, and related vulnerability utilization tools are connected in series according to the flow of the penetration test to form an automatic penetration test chain. Carrying out electronic evidence simultaneously and obtaining evidence, including: executing a command, acquiring sensitive information, uploading a shell, improving system authority, taking a specific file and the like. Therefore, the safety of the target system is detected by a penetration test method, and the penetration utilization result is visually displayed, counted and output. The product of the invention is suitable for the industries of public security, army, government, electric power, medical treatment, finance, operators and the like, and helps users to timely handle various common and latest network security events faced at present.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Although embodiments of the present invention have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications, substitutions and alterations can be made in the above embodiments by those of ordinary skill in the art without departing from the principle and spirit of the present invention. The scope of the invention is defined by the appended claims and equivalents thereof.
Claims (9)
1. An automatic penetration test and data forensics system for multiple types of systems, comprising: the system comprises a control layer, a scheduling layer, a resource layer and a base layer, wherein the control layer manages resource scheduling of the scheduling layer; the scheduling layer calls subsystems of the resource layer through interfaces so as to perform penetration detection on target objects;
the management and control layer is used for executing task management and control, process management and resource management;
the scheduling layer is used for executing tool scheduling, tool driving, data acquisition and data analysis;
the resource layer includes: a computer network infiltration utilization module, a WiFi network infiltration utilization module, a cloud platform and big data component infiltration utilization module, a video monitoring equipment infiltration utilization module, an office automation equipment infiltration utilization module, industrial control equipment, an Internet of things infiltration utilization module and a statistical report management module, wherein,
the computer network infiltration utilization module is used for carrying out asset equipment and infiltration utilization on computer network equipment;
the WiFi network penetration utilization module is used for carrying out asset identification and penetration utilization on the Wi-Fi network access equipment;
the cloud platform and big data component penetration utilization module is used for identifying and penetrating and utilizing the assets of the cloud platform and the big data component;
the video monitoring equipment penetration utilization module is used for identifying and penetrating and utilizing the assets of the video monitoring equipment;
the office automation equipment penetration utilization module is used for executing asset identification and penetration utilization of the networking type office automation equipment;
the industrial control equipment and the Internet of things penetration utilization module are used for identifying and penetrating and utilizing assets of industrial control equipment and the Internet of things;
the statistical report management module is used for presenting execution results of the computer network penetration utilization module, the WiFi network penetration utilization module, the cloud platform and big data component penetration utilization module, the video monitoring equipment penetration utilization module, the office automation equipment penetration utilization module, the industrial control equipment and the Internet of things penetration utilization module to a user in a report form; the foundation layer provides hardware support for the entire platform.
2. The multi-class system-oriented automated penetration testing and data forensics system of claim 1, wherein the computer network penetration utilization module utilizes remote command execution, buffer overflow, denial of service attacks, SQL injection vulnerabilities, cross-site scripting vulnerabilities, authentication bypass vulnerabilities to obtain permissions of a target system to implement asset devices and penetration utilization of computer network devices.
3. The multi-class system-oriented automated penetration testing and data forensics system of claim 1, wherein the WiFi network penetration utilization module utilizes remote command execution, access control vulnerabilities, input verification vulnerabilities, information leakage vulnerabilities, path traversal vulnerabilities to perform electronic evidence forensics for a target system to enable asset identification and penetration utilization for Wi-Fi network access devices.
4. The multi-class system-oriented automated penetration testing and data forensics system of claim 1, wherein the video monitoring device penetration utilization module is configured to utilize remote command execution, buffer overflow vulnerability, cross-site scripting vulnerability, command injection vulnerability, weak password to perform electronic evidence forensics for a target system.
5. The multi-class system-oriented automated penetration testing and data forensics system of claim 1, wherein the office automation equipment penetration utilization module exploits unauthorized vulnerabilities, cross-site scripting vulnerabilities, information leakage vulnerabilities to perform electronic evidence forensics on a target system.
6. The multi-class system-oriented automated penetration testing and data forensics system of claim 1, wherein the industrial control device and the internet of things penetration utilization module exploit access control vulnerabilities, SQL injection vulnerabilities, authentication bypass vulnerabilities, information leakage vulnerabilities, path traversal vulnerabilities to perform electronic evidence forensics for a target system.
7. The multi-class system-oriented automated penetration testing and data forensics system of any of claims 3-6, wherein the electronic evidence forensics comprises: executing a command, acquiring sensitive information, uploading a shell, improving system authority and acquiring a specific file.
8. The multi-class system-oriented automated penetration testing and data forensics system of claim 1, wherein the statistical report management module is further configured to provide penetration utilization results, corresponding reinforcement suggestion schemes, and custom report content.
9. The multi-class system-oriented automated penetration testing and data forensics system of claim 1, wherein the resource layer further comprises: the system comprises an operating system vulnerability penetration utilization module and a WEB application vulnerability penetration utilization module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010328638.3A CN111541693B (en) | 2020-04-23 | 2020-04-23 | Automatic penetration test and data evidence obtaining system for multiple types of systems |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010328638.3A CN111541693B (en) | 2020-04-23 | 2020-04-23 | Automatic penetration test and data evidence obtaining system for multiple types of systems |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111541693A true CN111541693A (en) | 2020-08-14 |
| CN111541693B CN111541693B (en) | 2022-04-15 |
Family
ID=71975497
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010328638.3A Active CN111541693B (en) | 2020-04-23 | 2020-04-23 | Automatic penetration test and data evidence obtaining system for multiple types of systems |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111541693B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112511512A (en) * | 2020-11-19 | 2021-03-16 | 北京凌云信安科技有限公司 | Vulnerability scanning engine and risk management system of threat detection engine |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103942497A (en) * | 2013-09-11 | 2014-07-23 | 杭州安恒信息技术有限公司 | Forensics type website vulnerability scanning method and system |
| US20180270268A1 (en) * | 2017-01-30 | 2018-09-20 | XM Ltd. | Verifying success of compromising a network node during penetration testing of a networked system |
| CN108600236A (en) * | 2018-04-28 | 2018-09-28 | 张红彬 | Video surveillance network intelligent information safety integrated management system |
| CN108737213A (en) * | 2018-05-22 | 2018-11-02 | 中国电子科技集团公司第四十研究所 | A kind of parallel big handling capacity Permeation Test System of height based on FPGA and method |
| CN108737425A (en) * | 2018-05-24 | 2018-11-02 | 北京凌云信安科技有限公司 | Fragility based on multi engine vulnerability scanning association analysis manages system |
| CN110221977A (en) * | 2019-06-03 | 2019-09-10 | 江苏亨通工控安全研究院有限公司 | Website penetration test method based on ai |
| CN110717184A (en) * | 2019-09-27 | 2020-01-21 | 北京计算机技术及应用研究所 | Distributed safety test system |
| CN110768949A (en) * | 2019-08-14 | 2020-02-07 | 奇安信科技集团股份有限公司 | Vulnerability detection method and device, storage medium and electronic device |
-
2020
- 2020-04-23 CN CN202010328638.3A patent/CN111541693B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103942497A (en) * | 2013-09-11 | 2014-07-23 | 杭州安恒信息技术有限公司 | Forensics type website vulnerability scanning method and system |
| US20180270268A1 (en) * | 2017-01-30 | 2018-09-20 | XM Ltd. | Verifying success of compromising a network node during penetration testing of a networked system |
| CN108600236A (en) * | 2018-04-28 | 2018-09-28 | 张红彬 | Video surveillance network intelligent information safety integrated management system |
| CN108737213A (en) * | 2018-05-22 | 2018-11-02 | 中国电子科技集团公司第四十研究所 | A kind of parallel big handling capacity Permeation Test System of height based on FPGA and method |
| CN108737425A (en) * | 2018-05-24 | 2018-11-02 | 北京凌云信安科技有限公司 | Fragility based on multi engine vulnerability scanning association analysis manages system |
| CN110221977A (en) * | 2019-06-03 | 2019-09-10 | 江苏亨通工控安全研究院有限公司 | Website penetration test method based on ai |
| CN110768949A (en) * | 2019-08-14 | 2020-02-07 | 奇安信科技集团股份有限公司 | Vulnerability detection method and device, storage medium and electronic device |
| CN110717184A (en) * | 2019-09-27 | 2020-01-21 | 北京计算机技术及应用研究所 | Distributed safety test system |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112511512A (en) * | 2020-11-19 | 2021-03-16 | 北京凌云信安科技有限公司 | Vulnerability scanning engine and risk management system of threat detection engine |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111541693B (en) | 2022-04-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10382469B2 (en) | Domain age registration alert | |
| US20160261624A1 (en) | Computer Implemented Techniques for Detecting, Investigating and Remediating Security Violations to IT Infrastructure | |
| US11750618B1 (en) | System and method for retrieval and analysis of operational data from customer, cloud-hosted virtual resources | |
| Song et al. | An analysis of technical security control requirements for digital I&C systems in nuclear power plants | |
| CN114070629B (en) | Security arrangement and automatic response method, device and system for APT attack | |
| Chalvatzis et al. | Evaluation of security vulnerability scanners for small and medium enterprises business networks resilience towards risk assessment | |
| EP3623983A1 (en) | Method and device for identifying security threats, storage medium, processor and terminal | |
| CN113407949A (en) | Information security monitoring system, method, equipment and storage medium | |
| CN112163198B (en) | Host login security detection method, system, device and storage medium | |
| CN111541693B (en) | Automatic penetration test and data evidence obtaining system for multiple types of systems | |
| WO2022033699A1 (en) | Generation of a security configuration profile for a network entity | |
| CN110099041A (en) | A kind of Internet of Things means of defence and equipment, system | |
| Muharrom et al. | Analysis of Vulnerability Assessment Technique Implementation on Network Using OpenVas | |
| Kersten et al. | 'Give Me Structure': Synthesis and Evaluation of a (Network) Threat Analysis Process Supporting Tier 1 Investigations in a Security Operation Center | |
| Covaci et al. | A new paradigm to address threats for virtualized services | |
| Sommestad | Experimentation on operational cyber security in CRATE | |
| CN116668107A (en) | Automatic patrol and network attack tracing method | |
| Aarya et al. | Web scanning: existing techniques and future | |
| WO2023087554A1 (en) | Asset risk control method, apparatus, and device, and storage medium | |
| CN115913756A (en) | Network equipment vulnerability verification method based on known vulnerability entries | |
| Azuwa et al. | A propose technical security metrics model for SCADA systems | |
| Bolzoni et al. | Situational Awareness Network for the electric power system: The architecture and testing metrics | |
| Kai et al. | Development of qualification of security status suitable for cloud computing system | |
| Brignoli et al. | Combining exposure indicators and predictive analytics for threats detection in real industrial IoT sensor networks | |
| Wang et al. | Research on threat modeling for 5G network data analytics function |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |