CN112738127A - Web-based website and host vulnerability detection system and method thereof - Google Patents
Web-based website and host vulnerability detection system and method thereof Download PDFInfo
- Publication number
- CN112738127A CN112738127A CN202110021227.4A CN202110021227A CN112738127A CN 112738127 A CN112738127 A CN 112738127A CN 202110021227 A CN202110021227 A CN 202110021227A CN 112738127 A CN112738127 A CN 112738127A
- Authority
- CN
- China
- Prior art keywords
- vulnerability
- detection
- page
- target
- detecting
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer And Data Communications (AREA)
Abstract
The Web-based website and host vulnerability detection system comprises a target receiving module, a vulnerability detection module and a structure output module; the Web-based website and host vulnerability detection method comprises the following steps: step 1, selecting a vulnerability type to be detected; step 2, detecting the Sql injection vulnerability; step 3, detecting XSS cross-site scripting attack; step 4, detecting the Tomcat sample; step 5, Shodan searching; step 6, detecting the unauthorized vulnerability of Redis; step 7, detecting the Ftp unauthorized vulnerability; step 8, detecting the Ftp catalog; step 9, detecting the unauthorized access vulnerability of Docker; and step 10, the Weblogic weak password is scanned, and the threats existing in the system can be quickly found through detecting the bugs, so that the threats can be prevented and repaired in time, and the safety of the whole network is improved.
Description
Technical Field
The invention belongs to the technical field of computers, and particularly relates to a Web-based website and host vulnerability detection system and a method thereof.
Background
Increasingly developed computer science and technology bring great changes to people's life, however, while developing, the safety problem is concise and continuous. The security vulnerability problem is serious, and vulnerability detection is the current focus. In the process of computer development, the security breach problem is a large road barrage, which may cause irreparable loss once the security breach occurs. In recent years, various social hazards are caused by the utilization of the vulnerability by an attacker, and a great adverse effect is generated. The security problem is particularly prominent, and therefore, the solution of vulnerability detection is the current focus. In recent years, various large internet vulnerabilities are frequent, which brings great loss to society and companies. In the last half of 2018, the total amount of intercepted virus samples of the cloud security system of the Swiss is 2,587 ten thousand, the virus infection times are 7.82 hundred million, the cloud security system of the Swiss intercepts phishing website attacks for more than 182 ten thousand, and the cloud security system of the Swiss intercepts horse hanging website attacks for more than 38 ten thousand. Various bugs and malicious code attacks beset the vast users.
The main threats faced by websites and hosts include the following: malicious attack by hackers; the defects of self configuration of the website and the host; spoofing of malicious websites; bad behavior of the network staff of the user.
At present, the mainstream protection measures are mainly focused on hardware security protection equipment, and attack is prevented by setting a security policy in the equipment and configuring a security rule. However, due to the limitation of the policy, the security policy is easy to bypass, and the like, vulnerability detection becomes indispensable, and the current mainstream vulnerability detection tool has the defects of difficult expansion, high resource consumption and the like.
Disclosure of Invention
In order to overcome the defects of the prior art, the invention aims to provide a Web-based website and host vulnerability detection system and a method thereof, which can quickly find the threats existing in the system through vulnerability detection, and can prevent and repair the threats in time, thereby improving the security of the whole network.
In order to achieve the purpose, the invention adopts the technical scheme that: the Web-based website and host vulnerability detection system comprises a target receiving module, a vulnerability detection module and a structure output module;
the target receiving module inputs a target to be detected through a front-end page, selects a vulnerability type to be detected, enters a vulnerability detection page, clicks vulnerability detection, and transmits the detection target to a corresponding function code to enter a vulnerability detection module;
the vulnerability detection module starts vulnerability detection after receiving a vulnerability detection target transmitted from the front end, firstly judges whether the detection target is a legal target, then detects the vulnerability, and transmits corresponding data to the result output module according to a detection result;
and the result output module outputs the vulnerability condition on the page and modifies the suggestion according to the received vulnerability detection result after the vulnerability detection is finished.
The Web-based website and host vulnerability detection method comprises the following steps:
step 1, selecting a vulnerability type to be detected, and entering vulnerability detection page detection;
step 2, injecting vulnerability detection into Sql, inputting a URL link to be detected, starting detection, and giving out a detected payload according to a detection result;
step 3, XSS cross-site scripting attack detection is carried out, a detection page is entered, a detection target URL is input, and after detection is finished, a result is output;
step 4, detecting the Tomcat Example, inputting a detection target URL, and outputting a result after the detection is finished;
step 5, Shodan searching, inputting information such as service name and equipment name to be searched, and starting to search corresponding information through Shodan;
step 6, detecting the unauthorized vulnerability of Redis, inputting the IP address of the Redis equipment according to the Shodan searching result, and starting to detect the unauthorized vulnerability of Redis access;
step 7, detecting the unauthorized http loophole, namely searching the IP address of the network host with the http service through Shodan, detecting whether the network host has the unauthorized access loophole or not according to the searched Ftp service host, and outputting a detection result;
step 8, detecting the Ftp directory, scanning the Ftp directory according to the detection result of unauthorized access of the Ftp, and acquiring a sensitive file;
step 9, detecting the Docker unauthorized access vulnerability, inputting a detection target, clicking Docker unauthorized access, and starting to detect the chuck degree;
and step 10, Weblogic weak password scanning, inputting a detection target, and detecting whether weak password threat exists or not through scanning.
The Sql injection vulnerability detection is carried out, and when the sentence is spliced to be a true sentence after the target is tested, the page returns to be normal and is equal to the original page; when the test target is spliced into the false statement, the page returns an error, and therefore, assuming that the original page is the page test, the true statement page test1 and the false statement test2 are spliced into the test target, if the true statement page test1 is equal to the original page test and is not equal to the true statement page test2, it can be determined that the URL has the SQL injection vulnerability.
The Sql injection vulnerability detection method comprises the following steps:
first, inputting a detection target
Secondly, detecting whether the target URL can be accessed, if not, ending, and if so, performing a third step;
thirdly, splicing Payload on the detected target URL;
fourthly, whether the original webpage is equal to True, the webpage is not equal to Fail and whether the webpage test2 exists or not is judged, if not, no SQL vulnerability exists, and if yes, the SQL vulnerability exists.
The XSS cross-site scripting attack detection comprises the following steps:
step one, inputting a detection target;
step two, detecting whether the target URL can be accessed, if not, ending; if yes, carrying out the next step;
step three, searching parameters to replace Payload;
and step four, crawling the source code of the test page, searching Payload, if not found, not finding the XSS vulnerability, and if found, finding the XSS vulnerability.
The Weblogic weak password scanning is characterized in that when the Weblogic weak password is detected, account password information is submitted in a POST mode by trying to access a Weblogic background address, and the default port number is as follows: 7001, the default backstage supporter login address is: http:// target IP address 7001/console/j _ security _ check/, account information is a parameter: j _ username, the password information is a parameter: j _ password, traversing the user name and password by constructing the request, accessing page code information by crawling, if the code is found in the code:
'Oracle WebLogic Server Administration Container' and 'Home Page-base _ domain-WLS Container'
The login page is proved to be found, if the login is successful, the weak password exists, otherwise, the weak password information is not found.
And the Ftp unauthorized vulnerability detection is implemented by utilizing an Ftp object FTP created by an Ftp module of Python, and utilizing a login method of the FTP to use an account number: anonymous, the password is null, anonymous login is detected, if login is successful, unauthorized access vulnerability exists; otherwise, proving that the host has no FTP unauthorized access vulnerability.
The detection of the Docker unauthorized access vulnerability utilizes a Docker module of Python to test, and if the attempted access is successful, the Docker unauthorized access vulnerability is indicated, otherwise, the vulnerability does not exist in the test target.
The invention has the beneficial effects that:
the invention establishes a safety test method from multiple angles for testing, thereby quickly positioning the loophole. Since vulnerabilities are the biggest threat in internet development, vulnerability detection becomes quite important. Vulnerability detection is mainly divided into vulnerability detection on websites and vulnerability detection on hosts. The system of the invention is designed by adopting a B/S (browser/server) framework, an attacker is simulated to test according to a vulnerability testing method, and if the vulnerability characteristic code is met, the vulnerability is identified to exist. The method for testing the black box is adopted to quickly find the security loophole problem existing in the website and the host. By detecting the loopholes, the threats existing in the system can be quickly found, and the threats can be prevented and repaired in time, so that the safety of the whole network is improved.
The system of the invention selects the MVC model design and develops the realization on the basis of the B/S (browser/server) architecture. The vulnerability detection module is adopted, so that the vulnerability detection module has the characteristic of easy expansion, the script unit can be tested firstly, and the system call can be added after the vulnerability detection function is successful. The system is developed by using Python language, can rapidly develop the vulnerability detection script, and is easy to expand the vulnerability detection function of the system; through actual test, the detection function has been realized, and the performance is good, from the whole angle, has satisfied the demand of design completely. Due to the separation of the front end and the back end, the expandability is very high.
The method detects the bugs of the website and the host, and excavates the common bugs existing in the website and the host. And relevant safety repair opinions are provided according to the detection result, so that the safety of the website and the host is improved, and the website and the host are prevented from being attacked. By detecting the bugs of the website and the host, the security awareness of related workers is improved, so that the defects are avoided in the website construction and host configuration processes, and the possibility that the website and the host face the attack and sink is caused. Detecting common website vulnerabilities includes: SQL injection attacks, XSS cross site scripting attacks, CMS scanning, Weblogic weak password scanning, Tomcat Example scanning, etc. Detecting common host vulnerabilities includes: FTP unauthorized access, Docker unauthorized access, SSH weak password blasting, etc. By detecting the vulnerabilities of the website and the host, the system is protected from suffering in the bud, and the security level of the system is improved on the whole.
The system mainly detects common website and host computer bugs, and ensures the diversity of the bugs and the safety of the website and the host computer in an all-round way; the system adopts a B/S framework, is based on a graphical interface of a Web interface, has simple operation, directly displays the result on a page, is visual and clear and is convenient to use; the method of the invention has the characteristics of high efficiency and simplicity. The security problem of the website and the host can be effectively repaired by vulnerability detection.
The invention solves the problem of vulnerability detection of the website and the host, finds the vulnerability of the website and the host in advance, and repairs the vulnerability by making a relevant repair scheme, thereby ensuring the safe operation of the website and the host.
Drawings
FIG. 1 is a schematic block diagram of the system of the present invention.
FIG. 2 is a flow chart of the method of the present invention.
FIG. 3 is a flow chart of SQL injection vulnerability detection according to the present invention.
FIG. 4 is a flow chart of XSS vulnerability detection according to the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples.
Referring to fig. 1, the Web-based website and host vulnerability detection system includes a target receiving module, a vulnerability detection module, and a structure output module;
the target receiving module inputs a target to be detected through a front-end page, selects a vulnerability type to be detected, enters a vulnerability detection page, clicks vulnerability detection, and transmits the detection target to a corresponding function code to enter a vulnerability detection module;
the vulnerability detection module starts vulnerability detection after receiving a vulnerability detection target transmitted from the front end, firstly judges whether the detection target is a legal target, then detects the vulnerability, and transmits corresponding data to the result output module according to a detection result;
and the result output module outputs the vulnerability condition on the page and modifies the suggestion according to the received vulnerability detection result after the vulnerability detection is finished.
Referring to fig. 2, the Web-based website and host vulnerability detection method includes the following steps:
step 1, selecting a vulnerability type to be detected, and entering vulnerability detection page detection;
step 2, injecting vulnerability detection into Sql, inputting a URL link to be detected, starting detection, and giving out a detected payload according to a detection result;
step 3, XSS cross-site scripting attack detection is carried out, a detection page is entered, a detection target URL is input, and after detection is finished, a result is output;
step 4, detecting the Tomcat Example, inputting a detection target URL, and outputting a result after the detection is finished;
step 5, Shodan searching, inputting information such as service name and equipment name to be searched, and starting to search corresponding information through Shodan;
step 6, detecting the unauthorized vulnerability of Redis, inputting the IP address of the Redis equipment according to the Shodan searching result, and starting to detect the unauthorized vulnerability of Redis access;
step 7, detecting the Ftp unauthorized vulnerability,similar to redis unauthorized detectionFirstly, searching an IP address of a network host with the Ftp service through Shodan, detecting whether an unauthorized access vulnerability exists in the searched Ftp service host according to the searched Ftp service host, and outputting a detection result;
step 8, detecting the Ftp directory, scanning the Ftp directory according to the detection result of unauthorized access of the Ftp, and acquiring a sensitive file;
step 9, detecting the Docker unauthorized access vulnerability, inputting a detection target, clicking Docker unauthorized access, and starting to detect the chuck degree;
and step 10, Weblogic weak password scanning, inputting a detection target, and detecting whether weak password threat exists or not through scanning.
The Sql injection vulnerability detection is carried out, and when the sentence is spliced to be a true sentence after the target is tested, the page returns to be normal and is equal to the original page; when the test target is spliced into the false statement, the page returns an error, and therefore, assuming that the original page is the page test, the true statement page test1 and the false statement test2 are spliced into the test target, and if the true statement page test1 is equal to the original page test and is not equal to the true statement page test2, it can be determined that the URL has the SQL injection vulnerability.
Referring to fig. 3, the Sql injection vulnerability detection method includes the following steps:
first, inputting a detection target
Secondly, detecting whether the target URL can be accessed, if not, ending, and if so, performing a third step;
thirdly, splicing Payload on the detected target URL;
fourthly, whether the original webpage is equal to True, the webpage is not equal to Fail and whether the webpage test2 exists or not is judged, if not, no SQL vulnerability exists, and if yes, the SQL vulnerability exists.
Referring to fig. 4, the XSS cross site scripting attack detection includes the following steps:
step one, inputting a detection target;
step two, detecting whether the target URL can be accessed, if not, ending; if yes, carrying out the next step;
step three, searching parameters to replace Payload;
and step four, crawling the source code of the test page, searching Payload, if not found, not finding the XSS vulnerability, and if found, finding the XSS vulnerability.
The Weblogic weak password scanning is characterized in that when the Weblogic weak password is detected, account password information is submitted in a POST mode by trying to access a Weblogic background address, and the default port number is as follows: 7001, the default backstage supporter login address is: the http:// target IP address is 7001/console/j _ security _ check/, and the account information is a parameter: j _ username, the password information is a parameter: j _ password, traversing the user name and password by constructing the request, accessing page code information by crawling, if the code is found in the code: the 'Oracle WebLogic Server Administration System' and the 'Home Page-base _ domain-WLS System' prove that the login Page is found, if the login is successful, the weak password exists, and otherwise, the weak password information is not found.
And the Ftp unauthorized vulnerability detection is implemented by utilizing an Ftp object FTP created by an Ftp module of Python, and utilizing a login method of the FTP to use an account number: anonymous, the password is null, anonymous login is detected, if login is successful, unauthorized access vulnerability exists; otherwise, proving that the host has no FTP unauthorized access vulnerability.
The detection of the Docker unauthorized access vulnerability utilizes a Docker module of Python to test, and if the attempted access is successful, the Docker unauthorized access vulnerability is indicated, otherwise, the vulnerability does not exist in the test target.
Claims (8)
1. The Web-based website and host vulnerability detection system is characterized by comprising a target receiving module, a vulnerability detection module and a structure output module;
the target receiving module inputs a target to be detected through a front-end page, selects a vulnerability type to be detected, enters a vulnerability detection page, clicks vulnerability detection, and transmits the detection target to a corresponding function code to enter a vulnerability detection module;
the vulnerability detection module starts vulnerability detection after receiving a vulnerability detection target transmitted from the front end, firstly judges whether the detection target is a legal target, then detects the vulnerability, and transmits corresponding data to the result output module according to a detection result;
and the result output module outputs the vulnerability condition on the page and modifies the suggestion according to the received vulnerability detection result after the vulnerability detection is finished.
2. The method for detecting the vulnerability of the website and the host based on the Web is characterized by comprising the following steps:
step 1, selecting a vulnerability type to be detected, and entering vulnerability detection page detection;
step 2, injecting vulnerability detection into Sql, inputting a URL link to be detected, starting detection, and giving out a detected payload according to a detection result;
step 3, XSS cross-site scripting attack detection is carried out, a detection page is entered, a detection target URL is input, and after detection is finished, a result is output;
step 4, detecting the Tomcat Example, inputting a detection target URL, and outputting a result after the detection is finished;
step 5, Shodan searching, inputting information such as service name and equipment name to be searched, and starting to search corresponding information through Shodan;
step 6, detecting the unauthorized vulnerability of Redis, inputting the IP address of the Redis equipment according to the Shodan searching result, and starting to detect the unauthorized vulnerability of Redis access;
step 7, detecting the unauthorized http loophole, namely searching the IP address of the network host with the http service through Shodan, detecting whether the network host has the unauthorized access loophole or not according to the searched Ftp service host, and outputting a detection result;
step 8, detecting the Ftp directory, scanning the Ftp directory according to the detection result of unauthorized access of the Ftp, and acquiring a sensitive file;
9, detecting the Docker unauthorized access vulnerability, inputting a detection target, clicking Docker unauthorized access, and starting to detect the chuck degree
And step 10, Weblogic weak password scanning, inputting a detection target, and detecting whether weak password threat exists or not through scanning.
3. The Web-based website and host vulnerability detection method of claim 1, wherein Sql injection vulnerability detection, when splicing is true statement after testing target, page returns to normal, equal to original page; when the sentence is spliced into a false sentence after the test target, the page returns an error;
therefore, assuming that the original page is a page test, by splicing the original page into a true statement page test1 and a false statement test2 after the test target, if the true statement page test1 is equal to the original page test and is not equal to the true statement page test2, it can be determined that the URL has an SQL injection vulnerability.
4. The Web-based website and host vulnerability detection method of claim 2, wherein the Sql injection vulnerability detection comprises the following steps:
first, inputting a detection target
Secondly, detecting whether the target URL can be accessed, if not, ending, and if so, performing a third step;
thirdly, splicing Payload on the detected target URL;
fourthly, whether the original webpage is equal to True, the webpage is not equal to Fail and whether the webpage test2 exists or not is judged, if not, no SQL vulnerability exists, and if yes, the SQL vulnerability exists.
5. The Web-based website and host vulnerability detection method of claim 2, wherein the XSS cross site scripting attack detection comprises the steps of:
step one, inputting a detection target;
step two, detecting whether the target URL can be accessed, if not, ending; if yes, carrying out the next step;
step three, searching parameters to replace Payload;
and step four, crawling the source code of the test page, searching Payload, if not found, not finding the XSS vulnerability, and if found, finding the XSS vulnerability.
6. The Web-based website and host vulnerability detection method according to claim 2, wherein the Weblogic weak password scanning, that is, when detecting the Weblogic weak password, by trying to access a Weblogic background address, the account password information is submitted in a POST form, and the default port number is: 7001, the default backstage supporter login address is: the http:// target IP address is 7001/console/j _ security _ check/, and the account information is a parameter: j _ username, the password information is a parameter: j _ password, traversing the user name and password by constructing the request, accessing page code information by crawling, if the code is found in the code: the 'Oracle WebLogic Server Administration System' and the 'Home Page-base _ domain-WLS System' prove that the login Page is found, if the login is successful, the weak password exists, and otherwise, the weak password information is not found.
7. The Web-based website and host vulnerability detection method according to claim 2, wherein for the Ftp unauthorized vulnerability detection, an Ftp object FTP is created using an Ftp module of Python, and a login method of FTP is used, using an account: anonymous, the password is null, anonymous login is detected, if successful login, unauthorized access vulnerability exists; otherwise, proving that the host has no FTP unauthorized access vulnerability.
8. The method for detecting the vulnerability of the Web-based website and host computer according to claim 2, wherein the detection of the vulnerability of Docker unauthorized access is performed by using a Docker module of Python, and by creating an object client as a Docker.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110021227.4A CN112738127B (en) | 2021-01-08 | 2021-01-08 | Web-based website and host vulnerability detection system and method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110021227.4A CN112738127B (en) | 2021-01-08 | 2021-01-08 | Web-based website and host vulnerability detection system and method thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112738127A true CN112738127A (en) | 2021-04-30 |
| CN112738127B CN112738127B (en) | 2023-04-07 |
Family
ID=75589708
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110021227.4A Active CN112738127B (en) | 2021-01-08 | 2021-01-08 | Web-based website and host vulnerability detection system and method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112738127B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114679321A (en) * | 2022-03-29 | 2022-06-28 | 杭州安恒信息技术股份有限公司 | SSTI vulnerability detection method, device and medium |
| CN115242462A (en) * | 2022-06-30 | 2022-10-25 | 北京华顺信安科技有限公司 | Data leakage detection method |
Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101312393A (en) * | 2007-05-24 | 2008-11-26 | 北京启明星辰信息技术有限公司 | Detection method and system for SQL injection loophole |
| CN101808093A (en) * | 2010-03-15 | 2010-08-18 | 北京安天电子设备有限公司 | System and method for automatically detecting WEB security |
| US20100293616A1 (en) * | 2009-05-15 | 2010-11-18 | Frederick Young | Web Application Vulnerability Scanner |
| CN104200166A (en) * | 2014-08-05 | 2014-12-10 | 杭州安恒信息技术有限公司 | Script-based website vulnerability scanning method and system |
| US8949990B1 (en) * | 2007-12-21 | 2015-02-03 | Trend Micro Inc. | Script-based XSS vulnerability detection |
| CN104363236A (en) * | 2014-11-21 | 2015-02-18 | 西安邮电大学 | Automatic vulnerability validation method |
| CN104657659A (en) * | 2013-11-20 | 2015-05-27 | 腾讯科技(深圳)有限公司 | Storage cross-site attack script vulnerability detection method, device and system |
| CN104881608A (en) * | 2015-05-21 | 2015-09-02 | 北京工业大学 | XSS vulnerability detection method based on simulating browser behavior |
| CN106845248A (en) * | 2017-01-18 | 2017-06-13 | 北京工业大学 | A kind of XSS leak detection methods based on state transition graph |
| CN108769063A (en) * | 2018-06-26 | 2018-11-06 | 郑州云海信息技术有限公司 | A kind of method and device of automatic detection WebLogic known bugs |
| CN109325351A (en) * | 2018-08-23 | 2019-02-12 | 中通服咨询设计研究院有限公司 | A kind of security breaches automatic Verification systems based on many survey platforms |
| CN109981653A (en) * | 2019-03-28 | 2019-07-05 | 上海中通吉网络技术有限公司 | A kind of web vulnerability scanning method |
| CN110113311A (en) * | 2019-03-05 | 2019-08-09 | 北京丁牛科技有限公司 | Cross-site scripting attack XSS leak detection method and device |
| CN111523123A (en) * | 2020-04-26 | 2020-08-11 | 北京信息科技大学 | Intelligent website vulnerability detection method |
| CN111770104A (en) * | 2020-07-02 | 2020-10-13 | 浪潮云信息技术股份公司 | Web vulnerability detection method, system, terminal and computer readable storage medium |
-
2021
- 2021-01-08 CN CN202110021227.4A patent/CN112738127B/en active Active
Patent Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101312393A (en) * | 2007-05-24 | 2008-11-26 | 北京启明星辰信息技术有限公司 | Detection method and system for SQL injection loophole |
| US8949990B1 (en) * | 2007-12-21 | 2015-02-03 | Trend Micro Inc. | Script-based XSS vulnerability detection |
| US20100293616A1 (en) * | 2009-05-15 | 2010-11-18 | Frederick Young | Web Application Vulnerability Scanner |
| CN101808093A (en) * | 2010-03-15 | 2010-08-18 | 北京安天电子设备有限公司 | System and method for automatically detecting WEB security |
| CN104657659A (en) * | 2013-11-20 | 2015-05-27 | 腾讯科技(深圳)有限公司 | Storage cross-site attack script vulnerability detection method, device and system |
| CN104200166A (en) * | 2014-08-05 | 2014-12-10 | 杭州安恒信息技术有限公司 | Script-based website vulnerability scanning method and system |
| CN104363236A (en) * | 2014-11-21 | 2015-02-18 | 西安邮电大学 | Automatic vulnerability validation method |
| CN104881608A (en) * | 2015-05-21 | 2015-09-02 | 北京工业大学 | XSS vulnerability detection method based on simulating browser behavior |
| CN106845248A (en) * | 2017-01-18 | 2017-06-13 | 北京工业大学 | A kind of XSS leak detection methods based on state transition graph |
| CN108769063A (en) * | 2018-06-26 | 2018-11-06 | 郑州云海信息技术有限公司 | A kind of method and device of automatic detection WebLogic known bugs |
| CN109325351A (en) * | 2018-08-23 | 2019-02-12 | 中通服咨询设计研究院有限公司 | A kind of security breaches automatic Verification systems based on many survey platforms |
| CN110113311A (en) * | 2019-03-05 | 2019-08-09 | 北京丁牛科技有限公司 | Cross-site scripting attack XSS leak detection method and device |
| CN109981653A (en) * | 2019-03-28 | 2019-07-05 | 上海中通吉网络技术有限公司 | A kind of web vulnerability scanning method |
| CN111523123A (en) * | 2020-04-26 | 2020-08-11 | 北京信息科技大学 | Intelligent website vulnerability detection method |
| CN111770104A (en) * | 2020-07-02 | 2020-10-13 | 浪潮云信息技术股份公司 | Web vulnerability detection method, system, terminal and computer readable storage medium |
Non-Patent Citations (2)
| Title |
|---|
| 左丹丹;王丹;付利华;: "一种XSS漏洞检测方法的设计与实现" * |
| 张昊,贺江敏,屈晔: "网络安全漏洞检测技术研究及应用", 《网络与系统安全》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114679321A (en) * | 2022-03-29 | 2022-06-28 | 杭州安恒信息技术股份有限公司 | SSTI vulnerability detection method, device and medium |
| CN114679321B (en) * | 2022-03-29 | 2024-04-12 | 杭州安恒信息技术股份有限公司 | SSTI vulnerability detection method, device and medium |
| CN115242462A (en) * | 2022-06-30 | 2022-10-25 | 北京华顺信安科技有限公司 | Data leakage detection method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112738127B (en) | 2023-04-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106357696B (en) | SQL injection attack detection method and system | |
| US20110307956A1 (en) | System and method for analyzing malicious code using a static analyzer | |
| KR100732689B1 (en) | Web Security Method and apparatus therefor | |
| RU2726032C2 (en) | Systems and methods for detecting malicious programs with a domain generation algorithm (dga) | |
| CN112738127B (en) | Web-based website and host vulnerability detection system and method thereof | |
| CN106506462B (en) | A kind of web portal security guard method and device based on list scramble | |
| CN111783096A (en) | Method and device for detecting security vulnerability | |
| US11593502B2 (en) | Detecting behavioral anomalies in user-data access logs | |
| US20170331855A1 (en) | Detection and warning of imposter web sites | |
| Li et al. | The application of fuzzing in web software security vulnerabilities test | |
| CN111625821A (en) | Application attack detection system based on cloud platform | |
| CN110851838A (en) | Cloud testing system and security testing method based on Internet | |
| Wang et al. | Research on web application security vulnerability scanning technology | |
| Wang et al. | A cost-effective ocr implementation to prevent phishing on mobile platforms | |
| Eassa et al. | Nosql racket: A testing tool for detecting nosql injection attacks in web applications | |
| Selvamani et al. | Protection of web applications from cross-site scripting attacks in browser side | |
| Durai et al. | A survey on security properties and web application scanner | |
| Mehta et al. | Model to prevent websites from xss vulnerabilities | |
| Rongzhou et al. | Web protection scheme based on a cloud computing platform | |
| Gaolong et al. | Design and implementation of a web application vulnerability detection system | |
| Hadpawat et al. | Analysis of prevention of XSS attacks at client side | |
| US10819730B2 (en) | Automatic user session profiling system for detecting malicious intent | |
| Jithin et al. | SECURE-D: Framework For Detecting and Preventing Attacks in SQL and NoSQL Databases | |
| Evwiekpaefe et al. | Implementing SQL Injection Vulnerability Assessment of an E-commerce Web Application using Vega and Nikto Tools. | |
| Almi | Web Server Security and Survey on Web Application Security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |