CN114138661B - Dynamic security detection method and system for test target - Google Patents
Dynamic security detection method and system for test target Download PDFInfo
- Publication number
- CN114138661B CN114138661B CN202111492821.8A CN202111492821A CN114138661B CN 114138661 B CN114138661 B CN 114138661B CN 202111492821 A CN202111492821 A CN 202111492821A CN 114138661 B CN114138661 B CN 114138661B
- Authority
- CN
- China
- Prior art keywords
- class
- capturing
- tool
- code
- returned
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/955—Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/24—Classification techniques
- G06F18/241—Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Abstract
The invention relates to a dynamic security detection method and a system for a test target. The method comprises capturing data packets or traffic of all functions under each authority; the rights include: general user authority and administrator user authority; the functions include: performing login, query, input, upload and download; extracting a Uniform Resource Locator (URL) according to the data packet or the flow; classifying the extracted URL; the classification result comprises: a directory class, a link class, an upload class, and a component class; and carrying out corresponding tests according to the classification results to realize safety detection. The invention can improve the coverage and efficiency of detection.
Description
Technical Field
The invention relates to the field of security detection, in particular to a dynamic security detection method and system for a test target.
Background
In the prior art, safety detection is mostly realized through passive scanning, if a link of a website or a target system is obtained by using a crawler technology, the website link cannot be effectively crawled due to the enhancement of the existing safety protection or the use of the crawler prevention technology by the website, and then safety detection cannot be performed.
Disclosure of Invention
The invention aims to provide a dynamic safety detection method and a dynamic safety detection system for a test target, which can improve the coverage and efficiency of detection.
In order to achieve the purpose, the invention provides the following scheme:
a method for dynamic security detection of a test target, comprising:
capturing data packets or flow of all functions under each authority; the rights include: general user authority and administrator user authority; the functions include: performing login, query, input, upload and download;
extracting a Uniform Resource Locator (URL) according to the data packet or the traffic;
classifying the extracted URL; the classification result comprises: a directory class, a link class, an upload class, and a component class;
and carrying out corresponding tests according to the classification results to realize safety detection.
Optionally, the capturing data packets or traffic of all functions under each authority further includes:
configuring a traffic capture tool or a data packet capture tool;
detecting the flow capturing tool or the data packet capturing tool to determine a detection result; the detection result comprises: traffic or data packets can be captured or not.
Optionally, the extracting a uniform resource locator URL according to the data packet or the traffic specifically includes:
starting a flow capturing tool or a data packet capturing tool;
capturing data packets or flows which respectively execute login, query, input, upload and download under the authority of a common user;
data packets or traffic that respectively perform login, query, input, upload, and download under the authority of an administrator user are captured.
Optionally, the performing a corresponding test according to the classification result to implement safety detection specifically includes:
replaying the directory class with a traffic capture tool or a packet capture tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal;
the cookie information in the link class is replaced or deleted, and then the replaced or deleted link class is replayed by using a flow capturing tool or a data packet capturing tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal;
performing injection vulnerability test on the link class to verify whether injection vulnerabilities exist; if the result output exists, the existence of the vulnerability is proved; if no result is output, no leak is proved;
modifying parameters of the link classes, and replaying the modified link classes by utilizing a flow capturing tool or a data packet capturing tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal;
uploading the code file to the uploading class, if a 200 state code is returned, the uploading is proved to be successful, and if a 403 or 404 state code is returned, the uploading is proved to be failed; the code file includes: malicious code or code files containing backdoors;
extracting version information of the components from the component class, and marking the version information of the components according to the established sensitive information library; the sensitive information base comprises: a password, an account number, an identification number, a mobile phone number, a username, or a URL link.
Optionally, the performing a corresponding test according to the classification result to implement safety detection further includes:
creating txt texts corresponding to the classification results;
and uploading the test result to a corresponding txt text.
A dynamic security detection system for a test object, comprising:
the data capturing module is used for capturing data packets or flow of all functions under each authority; the rights include: general user authority and administrator user authority; the functions include: performing login, query, input, upload and download;
the URL extraction module is used for extracting a Uniform Resource Locator (URL) according to the data packet or the flow;
the URL classification module is used for classifying the extracted URLs; the classification result comprises: a directory class, a link class, an upload class, and a component class;
and the test module is used for carrying out corresponding tests according to the classification results to realize safety detection.
Optionally, the method further comprises:
a capture tool configuration module for configuring a traffic capture tool or a data packet capture tool;
the capture tool detection module is used for detecting the flow capture tool or the data packet capture tool and determining a detection result; the detection result comprises: traffic or data packets can be captured or not.
Optionally, the URL extracting module specifically includes:
the capturing tool starting unit is used for starting the flow capturing tool or the data packet capturing tool;
the first data capturing unit is used for capturing data packets or flow which respectively execute login, query, input, upload and download under the authority of a common user;
and the second data capturing unit is used for capturing data packets or flow which respectively execute login, query, input, upload and download under the authority of the administrator user.
Optionally, the test module specifically includes:
a first test unit for replaying a directory class with a traffic capture tool or a packet capture tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal;
the second testing unit is used for replacing or deleting the cookie information in the link class and then replaying the replaced or deleted link class by using a flow capturing tool or a data packet capturing tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal; performing injection vulnerability test on the link class to verify whether injection vulnerabilities exist; if the result output exists, the existence of the vulnerability is proved; if no result is output, no leak is proved; modifying parameters of the link classes, and replaying the modified link classes by using a flow capturing tool or a data packet capturing tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal;
the third testing unit is used for uploading the code file to the uploading class, if the 200 state code is returned, the uploading is proved to be successful, and if the 403 or 404 state code is returned, the uploading is proved to be failed; the code file includes: malicious code or code files containing backdoors;
the fourth testing unit is used for extracting the version information of the component from the component class and marking the version information of the component according to the established sensitive information base; the sensitive information base comprises: password, account number, identification number, mobile phone number, user name, or URL link.
Optionally, the method further comprises:
a txt text creating module used for creating txt texts corresponding to the classification results;
and the test result uploading module is used for uploading the test result to the corresponding txt text.
According to the specific embodiment provided by the invention, the invention discloses the following technical effects:
according to the dynamic security detection method and system for the test target, provided by the invention, the network link acquisition method, the network link classification and the corresponding test according to the classification result are carried out, so that the security detection is carried out in a targeted manner, and the detection efficiency and the detection effect are improved; all the functional pages of the target system are detected, so that the coverage of detection is improved; the active detection anti-crawling technology is avoided, and website links are effectively crawled.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without inventive exercise.
FIG. 1 is a schematic flow chart of a dynamic security detection method for a test target according to the present invention;
FIG. 2 is a schematic overall flow chart of a dynamic security detection method for a test target according to the present invention;
fig. 3 is a schematic structural diagram of a dynamic security detection system for a test target according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention aims to provide a dynamic safety detection method and a dynamic safety detection system for a test target, which can improve the coverage and efficiency of detection.
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in further detail below.
FIG. 1 is a schematic flow chart of a dynamic security detection method for a test target according to the present invention;
FIG. 2 is a schematic overall flow chart of a dynamic security detection method for a test target according to the present invention; as shown in fig. 1 and fig. 2, a dynamic security detection method for a test target provided by the present invention includes:
s101, capturing data packets or flow of all functions under each authority; the rights include: general user authority and administrator user authority; the functions include: performing login, query, input, upload and download;
before S101, the method further includes:
configuring a traffic capture tool or a data packet capture tool; packet capture tools include, but are not limited to, wireshark; traffic capture tools include, but are not limited to, bursusite packet grabbing;
detecting the flow capturing tool or the data packet capturing tool to determine a detection result; the detection result comprises: traffic or data packets can be captured or not.
Detecting whether the captured data packet is consistent with the content requested to be accessed, namely accessing a certain function of a target system, and checking whether the content in the data packet is information of the certain function;
s102, extracting a URL according to the data packet or the flow;
s102 specifically comprises the following steps:
starting a flow capturing tool or a data packet capturing tool;
capturing data packets or flows which respectively execute login, query, input, upload and download under the authority of a common user;
data packets or traffic that respectively perform login, query, input, upload, and download under the authority of an administrator user are captured.
Extracted traffic or data includes, but is not limited to, a file directory, a link URL, a JS file, a POST packet link, a GET packet link, and the like.
S103, classifying the extracted URLs; the classification result comprises: a directory class, a link class, an upload class, and a component class;
and S104, carrying out corresponding test according to the classification result to realize safety detection.
S104 specifically comprises the following steps:
replaying the directory class with a traffic capture tool or a packet capture tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal;
the cookie information in the link class is replaced or deleted, and then the replaced or deleted link class is replayed by using a flow capturing tool or a data packet capturing tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal;
after cookie information contained in the replaced URL link is cookie information of another authority user, a flow capturing tool or a data packet capturing tool is used for replaying the replaced URL link and checking a return state; after the cookie information included in the URL link is deleted, the URL link from which the cookie is deleted is replayed by using a traffic capturing tool or a data packet capturing tool, and the return state is checked.
Performing injection vulnerability test on the link class to verify whether injection vulnerabilities exist; if the result output exists, the existence of the vulnerability is proved; if no result is output, no leak is proved; namely, an SQL injection test tool is used for carrying out injection vulnerability test on the URL of the link class;
modifying parameters of the link classes, and replaying the modified link classes by using a flow capturing tool or a data packet capturing tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal; modifying the parameter value contained in the URL link (if the parameter id is 3 or 4), replaying the modified URL link by using a flow capture tool or a data packet capture tool, and checking the return state;
uploading the code file to the uploading class, if a 200 state code is returned, the uploading is proved to be successful, and if a 403 or 404 state code is returned, the uploading is proved to be failed; the code file includes: malicious code or code files containing backdoors;
extracting version information of the components from the component class, and marking the version information of the components according to the established sensitive information library; the sensitive information base includes but is not limited to: password, account number, identification number, mobile phone number, user name, or URL link.
After S104, further comprising:
creating txt texts corresponding to the classification results; creating a directory type txt text, a link type txt text, an upload type txt text and a component type txt text;
and uploading the test result to a corresponding txt text.
(1) Recording the URL with the directory class return state code of 200 to the directory class txt text;
(2) recording the link URL with the returned state code of 200 to the text of the link type txt; recording a link URL with SQL injection vulnerability to a link type txt text;
(3) recording the link with the uploading class return state code of 200 to an uploading class txt text;
(4) recording the component version information extracted by the component class into a txt text of the component class; the tagged link URL is recorded to the component class txt text.
Fig. 3 is a schematic structural diagram of a dynamic security detection system for a test target provided by the present invention, and as shown in fig. 3, the dynamic security detection system for a test target provided by the present invention includes:
a data capturing module 301, configured to capture data packets or traffic of all functions under each authority; the rights include: general user authority and administrator user authority; the functions include: performing login, query, input, upload and download;
a URL extraction module 302, configured to extract a uniform resource locator URL according to the data packet or the traffic;
a URL classification module 303, configured to classify the extracted URLs; the classification result comprises: a directory class, a link class, an upload class, and a component class;
and the test module 304 is used for carrying out corresponding tests according to the classification results to realize safety detection.
The invention provides a dynamic safety detection system for a test target, which further comprises:
a capture tool configuration module for configuring a traffic capture tool or a data packet capture tool;
the capture tool detection module is used for detecting the flow capture tool or the data packet capture tool and determining a detection result; the detection result comprises: traffic or data packets can be captured or not.
The URL extracting module 302 specifically includes:
the capturing tool starting unit is used for starting the flow capturing tool or the data packet capturing tool;
the first data capturing unit is used for capturing data packets or flow which respectively execute login, query, input, upload and download under the authority of a common user;
and the second data capturing unit is used for capturing data packets or flow which respectively execute login, query, input, upload and download under the authority of the administrator user.
The test module 304 specifically includes:
a first test unit for replaying a directory class with a traffic capture tool or a packet capture tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal;
the second testing unit is used for replacing or deleting the cookie information in the link class and then replaying the replaced or deleted link class by using a flow capturing tool or a data packet capturing tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal; performing injection vulnerability test on the link class to verify whether injection vulnerabilities exist; if the result output exists, the existence of the vulnerability is proved; if no result is output, no leak is proved; modifying parameters of the link classes, and replaying the modified link classes by utilizing a flow capturing tool or a data packet capturing tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal;
the third testing unit is used for performing code file uploading operation on the uploading class, if a 200 state code is returned, the uploading is proved to be successful, and if a 403 or 404 state code is returned, the uploading is proved to be failed; the code file includes: malicious code or code files containing backdoors;
the fourth testing unit is used for extracting the version information of the component from the component class and marking the version information of the component according to the established sensitive information base; the sensitive information base comprises: password, account number, identification number, mobile phone number, user name, or URL link.
The invention provides a dynamic safety detection system for a test target, which further comprises:
a txt text creating module used for creating txt texts corresponding to the classification results;
and the test result uploading module is used for uploading the test result to the corresponding txt text.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. For the system disclosed by the embodiment, the description is relatively simple because the system corresponds to the method disclosed by the embodiment, and the relevant points can be referred to the method part for description.
The principles and embodiments of the present invention have been described herein using specific examples, which are provided only to help understand the method and the core concept of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, the specific embodiments and the application range may be changed. In view of the above, the present disclosure should not be construed as limiting the invention.
Claims (6)
1. A dynamic security detection method for a test object, comprising:
capturing data packets or flow of all functions under each authority; the rights include: a general user authority and an administrator user authority; the functions include: performing login, query, input, upload and download;
extracting a Uniform Resource Locator (URL) according to the data packet or the flow;
classifying the extracted URL; the classification result comprises: a directory class, a link class, an upload class, and a component class;
carrying out corresponding tests according to the classification results to realize safety detection;
the capturing of data packets or traffic of all functions under each authority further includes:
configuring a traffic capture tool or a data packet capture tool;
detecting the flow capturing tool or the data packet capturing tool to determine a detection result; the detection result comprises: traffic or data packets can be captured or cannot be captured;
and correspondingly testing according to the classification result to realize safety detection, which specifically comprises the following steps:
replaying the directory class with a traffic capture tool or a packet capture tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal;
the cookie information in the link class is replaced or deleted, and then the replaced or deleted link class is replayed by using a flow capturing tool or a data packet capturing tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal;
performing vulnerability injection test on the link classes to verify whether the vulnerability injection exists; if the result output exists, the existence of the vulnerability is proved; if no result is output, no leak is proved;
modifying parameters of the link classes, and replaying the modified link classes by utilizing a flow capturing tool or a data packet capturing tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal;
uploading the code file to the uploading class, if a 200 state code is returned, the uploading is successful, and if a 403 or 404 state code is returned, the uploading is failed; the code file includes: malicious code or code files containing backdoors;
extracting version information of the components from the component class, and marking the version information of the components according to the established sensitive information library; the sensitive information base comprises: password, account number, identification number, mobile phone number, user name, or URL link.
2. The method according to claim 1, wherein the extracting a uniform resource locator URL according to the data packet or the traffic specifically includes:
starting a flow capturing tool or a data packet capturing tool;
capturing data packets or flows which respectively execute login, query, input, upload and download under the authority of a common user;
data packets or traffic that respectively perform login, query, input, upload, and download under the authority of an administrator user are captured.
3. The method according to claim 1, wherein the performing of the corresponding test according to the classification result to achieve the security detection further comprises:
creating txt texts corresponding to the classification results;
and uploading the test result to a corresponding txt text.
4. A dynamic security detection system for a test object, comprising:
the data capturing module is used for capturing data packets or flow of all functions under each authority; the rights include: general user authority and administrator user authority; the functions include: performing login, query, input, upload and download;
the URL extraction module is used for extracting a Uniform Resource Locator (URL) according to the data packet or the flow;
the URL classification module is used for classifying the extracted URLs; the classification result comprises: a directory class, a link class, an upload class, and a component class;
the test module is used for carrying out corresponding tests according to the classification results to realize safety detection;
a capture tool configuration module for configuring a traffic capture tool or a data packet capture tool;
the capturing tool detection module is used for detecting the flow capturing tool or the data packet capturing tool and determining a detection result; the detection result comprises: traffic or data packets can be captured or cannot be captured;
the test module specifically comprises:
a first test unit for replaying a directory class with a traffic capture tool or a packet capture tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal;
the second testing unit is used for replacing or deleting the cookie information in the link class and then replaying the replaced or deleted link class by using a flow capturing tool or a data packet capturing tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal; performing injection vulnerability test on the link class to verify whether injection vulnerabilities exist; if the result output exists, the existence of the vulnerability is proved; if no result is output, no leak is proved; modifying parameters of the link classes, and replaying the modified link classes by utilizing a flow capturing tool or a data packet capturing tool; checking a return state, and if the state code of 200 is returned, indicating that an unauthorized access vulnerability exists; if the status code is returned to 403 or 404, the status is normal;
the third testing unit is used for performing code file uploading operation on the uploading class, if a 200 state code is returned, the uploading is proved to be successful, and if a 403 or 404 state code is returned, the uploading is proved to be failed; the code file includes: malicious code or code files containing backdoors;
the fourth testing unit is used for extracting the version information of the component from the component class and marking the version information of the component according to the established sensitive information base; the sensitive information base comprises: password, account number, identification number, mobile phone number, user name, or URL link.
5. The dynamic security detection system for a test target according to claim 4, wherein the URL extraction module specifically comprises:
the capturing tool starting unit is used for starting the flow capturing tool or the data packet capturing tool;
the first data capturing unit is used for capturing data packets or flow which respectively execute login, query, input, upload and download under the authority of a common user;
and the second data capturing unit is used for capturing data packets or flow which respectively execute login, query, input, upload and download under the authority of the administrator user.
6. The dynamic security detection system for the test object as claimed in claim 4, further comprising:
a txt text creating module used for creating txt texts corresponding to the classification results;
and the test result uploading module is used for uploading the test result to the corresponding txt text.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111492821.8A CN114138661B (en) | 2021-12-08 | 2021-12-08 | Dynamic security detection method and system for test target |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111492821.8A CN114138661B (en) | 2021-12-08 | 2021-12-08 | Dynamic security detection method and system for test target |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114138661A CN114138661A (en) | 2022-03-04 |
| CN114138661B true CN114138661B (en) | 2022-08-05 |
Family
ID=80385285
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111492821.8A Active CN114138661B (en) | 2021-12-08 | 2021-12-08 | Dynamic security detection method and system for test target |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114138661B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108667770A (en) * | 2017-03-29 | 2018-10-16 | 腾讯科技(深圳)有限公司 | A kind of loophole test method, server and the system of website |
| CN109033838A (en) * | 2018-07-27 | 2018-12-18 | 平安科技(深圳)有限公司 | Website security detection method and device |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9178901B2 (en) * | 2013-03-26 | 2015-11-03 | Microsoft Technology Licensing, Llc | Malicious uniform resource locator detection |
| CN106027528B (en) * | 2016-05-24 | 2019-07-12 | 微梦创科网络科技(中国)有限公司 | A kind of method and device of the horizontal permission automatic identification of WEB |
| CN113032787A (en) * | 2021-03-12 | 2021-06-25 | 北京安全共识科技有限公司 | System vulnerability detection method and device |
| CN113127885B (en) * | 2021-05-18 | 2024-02-23 | 中国银行股份有限公司 | Authority vulnerability detection method and device |
-
2021
- 2021-12-08 CN CN202111492821.8A patent/CN114138661B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108667770A (en) * | 2017-03-29 | 2018-10-16 | 腾讯科技(深圳)有限公司 | A kind of loophole test method, server and the system of website |
| CN109033838A (en) * | 2018-07-27 | 2018-12-18 | 平安科技(深圳)有限公司 | Website security detection method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114138661A (en) | 2022-03-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110324311B (en) | Vulnerability detection method and device, computer equipment and storage medium | |
| CN109922052B (en) | Malicious URL detection method combining multiple features | |
| CN103888490B (en) | A kind of man-machine knowledge method for distinguishing of full automatic WEB client side | |
| KR101001132B1 (en) | Method and System for Determining Vulnerability of Web Application | |
| CN104348803B (en) | Link kidnaps detection method, device, user equipment, Analysis server and system | |
| CN111294345B (en) | Vulnerability detection method, device and equipment | |
| CN108768921B (en) | Malicious webpage discovery method and system based on feature detection | |
| CN101656710B (en) | Proactive audit system and method | |
| CN103297394B (en) | Website security detection method and device | |
| CN103442361B (en) | Method for detecting safety of mobile application, and mobile terminal | |
| CN105871845A (en) | Method and device for detecting Web vulnerability scanning behavior | |
| CN108632219B (en) | Website vulnerability detection method, detection server, system and storage medium | |
| CN103746992B (en) | Based on reverse intruding detection system and method thereof | |
| CN105956474A (en) | Abnormal behavior detection system of Android platform software | |
| CN102065147A (en) | Method and device for obtaining user login information based on enterprise application system | |
| Karlsson et al. | Android anti-forensics: Modifying cyanogenmod | |
| KR101902747B1 (en) | Method and Apparatus for Analyzing Web Vulnerability for Client-side | |
| CN107332804B (en) | Method and device for detecting webpage bugs | |
| CN113177205B (en) | Malicious application detection system and method | |
| CN114244564B (en) | Attack defense method, device, equipment and readable storage medium | |
| CN108337269A (en) | A kind of WebShell detection methods | |
| CN113518077A (en) | Malicious web crawler detection method, device, equipment and storage medium | |
| CN104182681A (en) | Hook-based iOS (iPhone operating system) key behavior detection device and detection method thereof | |
| EP3340097A1 (en) | Analysis device, analysis method, and analysis program | |
| Wang et al. | Research on web application security vulnerability scanning technology |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |