CN111931099A - Webpage vulnerability scanning system - Google Patents
Webpage vulnerability scanning system Download PDFInfo
- Publication number
- CN111931099A CN111931099A CN202010554164.4A CN202010554164A CN111931099A CN 111931099 A CN111931099 A CN 111931099A CN 202010554164 A CN202010554164 A CN 202010554164A CN 111931099 A CN111931099 A CN 111931099A
- Authority
- CN
- China
- Prior art keywords
- scanning
- module
- webpage
- subsystem
- host
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000002452 interceptive effect Effects 0.000 claims abstract description 8
- 238000012544 monitoring process Methods 0.000 claims abstract description 6
- 238000013500 data storage Methods 0.000 claims abstract description 4
- 230000003993 interaction Effects 0.000 claims abstract description 4
- 238000007781 pre-processing Methods 0.000 claims description 17
- 238000001514 detection method Methods 0.000 claims description 13
- 238000005516 engineering process Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 230000007123 defense Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000000034 method Methods 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/958—Organisation or management of web site content, e.g. publishing, maintaining pages or automatic linking
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Data Mining & Analysis (AREA)
- Computing Systems (AREA)
- Debugging And Monitoring (AREA)
Abstract
The invention discloses a webpage vulnerability scanning system, which belongs to the technical field of network security, and comprises a scanning subsystem, a vulnerability scanning subsystem and a vulnerability scanning subsystem, wherein the scanning subsystem is used for scanning webpage vulnerabilities and comprises two scanning modes: a normal scan mode and an advanced scan mode; the scanning switching subsystem is used for switching different webpage scanning modes by monitoring the state of the host; the data storage server is used for storing the log file generated by scanning; and the interactive interface provides a human-computer interaction port for a user. The scanning switching subsystem is added in the scanning subsystem, the webpage bugs are scanned in a common scanning mode and a high-grade scanning mode, and the scanning switching subsystem selects a reasonable scanning mode according to the running state of the monitoring host, so that the webpage bugs are scanned thoroughly, excessive resources of the host cannot be occupied, and the normal running of the host is guaranteed.
Description
Technical Field
The invention belongs to the technical field of network security, and particularly relates to a webpage vulnerability scanning system.
Background
The rapid development of computer networks has greatly changed the life style of people, and people have entered the information age. People can conveniently store, exchange and search information through a computer network, and great convenience is brought to work, life and entertainment.
With the rapid development of computers and Internet technologies, Web and related technologies are becoming widely popularized and applied, and therefore security is also receiving much attention. Web vulnerability detection is an important and commonly used active defense technique for Web security and protection, which has been widely used in existing network environments. At present, research on a Web vulnerability detection technology has been developed for a long time, but there are still many defects and points to be improved, such as the problems that the scanning function of the conventional Web vulnerability detection technology is not complete enough, the user configuration is complex, and the like, and in order to completely scan out a webpage vulnerability, a host needs to allocate a large amount of resources to a scanning system for vulnerability scanning, which may affect the use of other programs of the host, and cause the host to be blocked in operation.
Disclosure of Invention
The invention aims to provide a webpage vulnerability scanning system for solving the problems that webpage vulnerability scanning is not thorough, user configuration is complex and excessive resources of a host are occupied, and the webpage vulnerability scanning system has the advantages that scanning configuration is convenient, vulnerability scanning is more thorough through automatic switching of two scanning modes, and the resources of the host are not occupied.
The invention achieves the above purpose through the following technical scheme, a webpage vulnerability scanning system, comprising:
the scanning subsystem is used for scanning the webpage bugs and comprises two scanning modes: a normal scan mode and an advanced scan mode;
the scanning switching subsystem is used for switching different webpage scanning modes by monitoring the state of the host;
the data storage server is used for storing the log file generated by scanning;
and the interactive interface provides a human-computer interaction port for a user.
Preferably, the scanning subsystem comprises a webpage preprocessing module, a vulnerability scanning module and a log generating module, and generates a report log after scanning each time by preprocessing the webpage and scanning vulnerabilities in the webpage through the vulnerability scanning module.
Preferably, the web page preprocessing module includes:
the webpage analysis module is used for preprocessing the webpage in a common scanning mode;
and the web crawler module is used for preprocessing the web page in the advanced scanning mode.
Preferably, the vulnerability scanning module is further connected with a scanning control module for configuring vulnerability control, including configuring scanning range, scanning type and scanning thread.
Preferably, the scanning subsystem further comprises a user interface module, the user interface module is used for being connected with the interactive interface, the log generation module can upload log report information through the user interface module, and a user can set the scanning control module through the user interface module.
Preferably, the scan switching subsystem includes:
the acquisition card is used for acquiring the running state information of the host;
the state detection module is used for carrying out host idle detection through the collected host state information;
and the mode switching switch is used for automatically switching the scanning mode.
Compared with the prior art, the invention has the beneficial effects that:
the scanning switching subsystem is added in the scanning subsystem, the webpage bugs are scanned in a common scanning mode and a high-grade scanning mode, and the scanning switching subsystem selects a reasonable scanning mode according to the running state of the monitoring host, so that the webpage bugs are scanned thoroughly, excessive resources of the host cannot be occupied, and the normal running of the host is guaranteed.
Drawings
Fig. 1 is a schematic diagram of the overall system structure of the present invention.
FIG. 2 is a schematic diagram of the connection of internal modules of the scanning subsystem according to the present invention.
Fig. 3 is a schematic diagram illustrating the connection of internal modules of the scan switching subsystem according to the present invention.
Fig. 4 is a flowchart of scan mode switching according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1, a web page vulnerability scanning system includes a scanning subsystem for scanning web page vulnerabilities, and includes two scanning modes: a normal scan mode and an advanced scan mode; the scanning switching subsystem is used for switching different webpage scanning modes by monitoring the state of the host; the data storage server is used for storing the log file generated by scanning; and the interactive interface provides a human-computer interaction port for a user. The web page can be scanned by common vulnerability and advanced vulnerability by two scanning modes in the scanning subsystem, the occupied host resource is different because of the different vulnerability scanned by the two scanning modes, the host running state is monitored by the scanning switching subsystem, thereby the scanning mode is automatically switched according to the state, the web page vulnerability is thoroughly scanned under the normal running of the host, the security defense effect is improved, the switching mode is as shown in figure 4, the working state of the host, such as the CPU, the memory and the network occupation state of the host, can be judged whether the host is in the idle or busy state, if the host is in the idle state, the scanning mode is switched to the advanced scanning, the scanned web page vulnerability is more comprehensive and thorough, if the host is in the busy state, the scanning mode is switched to the common scanning, at the moment, the scanned webpage loopholes are not comprehensive enough, but do not occupy the resources of the host, so that other programs running on the host can run normally.
As shown in fig. 2, the scanning subsystem includes a web page preprocessing module, a vulnerability scanning module and a log generating module, and generates a report log after scanning each time by preprocessing the web page and then scanning vulnerabilities in the web page by the vulnerability scanning module. The webpage preprocessing module comprises: the webpage analysis module is used for preprocessing the webpage in a common scanning mode; and the web crawler module is used for preprocessing the web page in the advanced scanning mode. The webpage preprocessing module is used for preprocessing the webpage according to the vulnerability scanning mode, the webpage analysis module generally analyzes three types of webpage contents, network topology and user access behavior through a webpage analysis algorithm, and the analysis algorithm is simple in function and less in host resource occupation, so that the webpage analysis module is suitable for common mode scanning; the Web crawler module automatically acquires the Web documents from each Web site on the Internet and acquires information from the Web documents to describe the Web documents, so that original data are provided for adding and updating data of a database server of a search engine site, the data comprise titles, file lengths, file creation time, the number of various links in an HTML file and the like, the module is complex to operate and occupies more host resources, but can comprehensively and thoroughly preprocess the webpage, and therefore the Web crawler module is suitable for vulnerability scanning in a high-level mode.
The vulnerability scanning module receives data submitted by a user from the user interface part, such as a detection server, timeout time, thread number, vulnerability scanning mode, vulnerability scanning type and the like; obtaining a user scanning mode and a vulnerability type to be detected from a user interface part; acquiring fuzzy data corresponding to the vulnerability type from a fuzzy database, generating a fuzzy request by using the fuzzy data, and sending the request to a target server for scanning; while scanning the target server, the detailed information and status value of each page are returned, the part returns the returned information to the user interface part for display to the user, and the part is also submitted to the log generation module for log report generation.
The vulnerability scanning module is also connected with a scanning control module for configuring vulnerability control, including configuring scanning range, scanning type and scanning thread, the scanning subsystem further comprises a user interface module, the user interface module is used for being connected with an interactive interface, the log report information can be uploaded by the log generation module through the user interface module, a user can set the scanning control module through the user interface module, and the user can log in the scanning control module through the interactive interface to self-define the configuration scanning range, the scanning type and the scanning thread. The vulnerability scanning module can be controlled according to different vulnerability scanning requirements.
As shown in fig. 3, the scan switching subsystem includes: the acquisition card is used for acquiring the running state information of the host; the state detection module is used for carrying out host idle detection through the collected host state information; and the mode switching switch is used for automatically switching the scanning mode. The method comprises the steps that the occupation states of a host CPU, a memory and a network collected by a collection card are transmitted to a state detection module, the state detection module judges whether the host is free or busy according to the states, the state detection module can configure free or busy critical values in a user-defined mode according to the resource conditions occupied by other programs of the host in operation, the state of the host is judged according to the critical values, a mode switch is finally driven, different scanning modes are selected, and therefore the effect that scanning bugs are comprehensive and thorough and the resources of the host are not occupied is achieved.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.
Furthermore, it should be understood that although the present description refers to embodiments, not every embodiment may contain only a single embodiment, and such description is for clarity only, and those skilled in the art should integrate the description, and the embodiments may be combined as appropriate to form other embodiments understood by those skilled in the art.
Claims (6)
1. A web page vulnerability scanning system, comprising:
the scanning subsystem is used for scanning the webpage bugs and comprises two scanning modes: a normal scan mode and an advanced scan mode;
the scanning switching subsystem is used for switching different webpage scanning modes by monitoring the state of the host;
the data storage server is used for storing the log file generated by scanning;
and the interactive interface provides a human-computer interaction port for a user.
2. The system of claim 1, wherein the scanning subsystem comprises a web page preprocessing module, a vulnerability scanning module, and a log generation module, and generates a report log after each scanning by preprocessing the web page and then scanning vulnerabilities in the web page by the vulnerability scanning module.
3. The system of claim 2, wherein the web page preprocessing module comprises:
the webpage analysis module is used for preprocessing the webpage in a common scanning mode;
and the web crawler module is used for preprocessing the web page in the advanced scanning mode.
4. The system for scanning the webpage vulnerabilities according to claim 2, wherein the vulnerability scanning module is further connected with a scanning control module for configuring vulnerability control, including configuring scanning range, scanning category and scanning thread.
5. The system of claim 4, wherein the scanning subsystem further comprises a user interface module, the user interface module is configured to connect to the interactive interface, the log generation module is configured to upload log report information via the user interface module, and a user can set the scanning control module via the user interface module.
6. The system of claim 1, wherein the scan switching subsystem comprises:
the acquisition card is used for acquiring the running state information of the host;
the state detection module is used for carrying out host idle detection through the collected host state information;
and the mode switching switch is used for automatically switching the scanning mode.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010554164.4A CN111931099A (en) | 2020-06-17 | 2020-06-17 | Webpage vulnerability scanning system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010554164.4A CN111931099A (en) | 2020-06-17 | 2020-06-17 | Webpage vulnerability scanning system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111931099A true CN111931099A (en) | 2020-11-13 |
Family
ID=73317765
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010554164.4A Pending CN111931099A (en) | 2020-06-17 | 2020-06-17 | Webpage vulnerability scanning system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111931099A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102662781A (en) * | 2012-04-11 | 2012-09-12 | 腾讯科技(深圳)有限公司 | Method and device for ensuring normal operation of terminal |
| CN104426850A (en) * | 2013-08-23 | 2015-03-18 | 南京理工大学常熟研究院有限公司 | Vulnerability detection method based on plug-in |
| CN105681314A (en) * | 2016-01-29 | 2016-06-15 | 博雅网信(北京)科技有限公司 | Cloud environment security scanner and method |
| WO2016101686A1 (en) * | 2014-12-24 | 2016-06-30 | 深圳Tcl数字技术有限公司 | File scanning method and terminal |
| CN110572403A (en) * | 2019-09-12 | 2019-12-13 | 海南电网有限责任公司信息通信分公司 | web safety monitoring system and method thereof |
-
2020
- 2020-06-17 CN CN202010554164.4A patent/CN111931099A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102662781A (en) * | 2012-04-11 | 2012-09-12 | 腾讯科技(深圳)有限公司 | Method and device for ensuring normal operation of terminal |
| CN104426850A (en) * | 2013-08-23 | 2015-03-18 | 南京理工大学常熟研究院有限公司 | Vulnerability detection method based on plug-in |
| WO2016101686A1 (en) * | 2014-12-24 | 2016-06-30 | 深圳Tcl数字技术有限公司 | File scanning method and terminal |
| CN105681314A (en) * | 2016-01-29 | 2016-06-15 | 博雅网信(北京)科技有限公司 | Cloud environment security scanner and method |
| CN110572403A (en) * | 2019-09-12 | 2019-12-13 | 海南电网有限责任公司信息通信分公司 | web safety monitoring system and method thereof |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10235376B2 (en) | Merging metadata for database storage regions based on overlapping range values | |
| CN102413186B (en) | Resource scheduling method and device based on private cloud computing, and cloud management server | |
| Wang et al. | Context-aware role mining for mobile service recommendation | |
| CN103810173B (en) | Paged data processing method and system | |
| CN111669295B (en) | Service management method and device | |
| CN112671893A (en) | Data acquisition and edge calculation industrial system | |
| US20230359647A1 (en) | Read-Write Separation and Automatic Scaling-Based Cloud Arrangement System and Method | |
| CN108021431B (en) | Web data interaction based Hive management method and system | |
| Weng et al. | Kmon: An in-kernel transparent monitoring system for microservice systems with ebpf | |
| CN113965497B (en) | Server abnormity identification method and device, computer equipment and readable storage medium | |
| CN111931099A (en) | Webpage vulnerability scanning system | |
| Niu et al. | User-aware partitioning algorithm for mobile cloud computing based on maximum graph cuts | |
| Park et al. | An efficient algorithm for leader-election in synchronous distributed systems | |
| CN111949396A (en) | Network equipment monitoring method and system and computer readable storage medium | |
| CN111104683A (en) | Key information content matching and identifying method based on big data | |
| CN103685359B (en) | Data processing method and device | |
| CN114756301A (en) | Log processing method, device and system | |
| US7260615B2 (en) | Apparatus and method for analyzing remote data | |
| Gyllstrom et al. | Activity put in context: identifying implicit task context within the user's document interaction | |
| Xiao et al. | A new wireless web access mode based on cloud computing | |
| CN109921963A (en) | A kind of network state method for inspecting and system | |
| Wang et al. | Power grid data monitoring and analysis system based on edge computing | |
| CN110941788A (en) | Cloud environment distributed Web page extraction and analysis system and method for edge computing | |
| Yeh et al. | A monitoring system based on Nagios for data grid environments | |
| Xu | Classification and storage method of marine multi-source transmission data under cloud computing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201113 |