CN114386047A - Application vulnerability detection method and device, electronic equipment and storage medium - Google Patents
Application vulnerability detection method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN114386047A CN114386047A CN202210040191.9A CN202210040191A CN114386047A CN 114386047 A CN114386047 A CN 114386047A CN 202210040191 A CN202210040191 A CN 202210040191A CN 114386047 A CN114386047 A CN 114386047A
- Authority
- CN
- China
- Prior art keywords
- user account
- execution result
- detected
- target application
- service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The embodiment of the application discloses an application vulnerability detection method and device, electronic equipment and a storage medium, and is applied to the technical field of security detection. The method comprises the following steps: monitoring a first operation request submitted by a first user account at a target application to be detected, recording the first service operation when the first service operation is sensitive operation, acquiring a first execution result fed back after the first service operation is executed, monitoring a second operation request submitted by a second user account at the target application to be detected, recording the second service operation when the second service operation requested to be executed by the second operation request is the first service operation, acquiring a second execution result fed back after the second service operation is executed, and determining that the target application to be detected has an unauthorized vulnerability when the first execution result and the second execution result meet a first preset condition. By the adoption of the method and the device, the unauthorized vulnerability detection efficiency can be improved. The application relates to a block chain technology, such as obtaining the authority level of a user account from a block chain.
Description
Technical Field
The application relates to the technical field of security detection, in particular to an application vulnerability detection method and device, electronic equipment and a storage medium.
Background
The unauthorized vulnerability is caused by the fact that the applied equipment trusts the data operation request provided by the user excessively and ignores the judgment of the operation authority of the user, so that the user can have the functions of adding, deleting, checking and changing other accounts only by modifying related parameters, and the unauthorized vulnerability is generated. The existing unauthorized vulnerability detection method is generally to manually search a sensitive data operation page by a tester to check the unauthorized vulnerability. However, this method is cumbersome and time-consuming, resulting in inefficient detection of unauthorized vulnerabilities. Therefore, how to improve the detection efficiency of the unauthorized vulnerability of the application becomes a problem to be solved urgently.
Disclosure of Invention
The embodiment of the application vulnerability detection method and device, the electronic equipment and the storage medium can improve the unauthorized vulnerability detection efficiency of the application.
In one aspect, an embodiment of the present application provides an application vulnerability detection method, including:
monitoring a first operation request submitted by a first user account in a target application to be detected; the first operation request is used for requesting to execute a first service operation; the first user account has the operation authority of the first service operation;
when the first business operation is sensitive operation, recording the first business operation;
obtaining a first execution result fed back after the first business operation is executed;
monitoring a second operation request submitted by a second user account in the target application to be detected; the second operation request is used for requesting to execute a second service operation; the second user account does not have the operation authority of the first service operation;
when the second service operation requested to be executed by the second operation request is the first service operation, recording the second service operation;
obtaining a second execution result fed back after the second service operation is executed;
and when the first execution result and the second execution result meet a first preset condition, determining that the target application to be detected has an unauthorized vulnerability.
In one aspect, an embodiment of the present application provides an application vulnerability detection apparatus, which includes:
the monitoring module is used for monitoring a first operation request submitted by a first user account in a target application to be detected; the first operation request is used for requesting to execute a first service operation; the first user account has the operation authority of the first service operation;
the recording module is used for recording the first business operation when the first business operation is sensitive operation;
the acquisition module is used for acquiring a first execution result fed back after the first business operation is executed;
the monitoring module is further configured to monitor a second operation request submitted by a second user account in the target application to be detected; the second operation request is used for requesting to execute a second service operation; the second user account does not have the operation authority of the first service operation;
the recording module is further configured to record a second service operation requested to be executed by the second operation request when the second service operation is the first service operation;
the obtaining module is further configured to obtain a second execution result fed back after the second service operation is executed;
and the determining module is used for determining that the target application to be detected has the unauthorized vulnerability when the first execution result and the second execution result meet a first preset condition.
In one aspect, an embodiment of the present application provides an electronic device, which includes a processor and a memory, where the memory is used to store a computer program, and the computer program includes program instructions, and the processor is configured to call the program instructions to execute some or all of the steps in the method.
In one aspect, the present application provides a computer-readable storage medium, which stores a computer program, where the computer program includes program instructions, and the program instructions, when executed by a processor, are used to perform some or all of the steps of the above method.
In the embodiment of the application, a first operation request submitted by a first user account at a target application to be detected is recorded when the first operation is a sensitive operation, a first execution result fed back after the first operation is executed is obtained, a second operation request submitted by a second user account at the target application to be detected is monitored, when a second operation requested to be executed by the second operation request is the first operation, the second operation is recorded, a second execution result fed back after the second operation is executed is obtained, and when the first execution result and the second execution result meet a first preset condition, it is determined that the target application to be detected has an unauthorized vulnerability. By implementing the method, the quick detection of the unauthorized vulnerability can be realized by comparing the execution result fed back after the business operation is executed, the workload during the application test can be reduced to a greater extent, and the detection efficiency and the accuracy of the unauthorized vulnerability can be improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic flowchart of an application vulnerability detection method according to an embodiment of the present application;
fig. 2 is a schematic flowchart of an application vulnerability detection method according to an embodiment of the present application;
fig. 3 is a schematic diagram of an application vulnerability detection process provided in the embodiment of the present application;
fig. 4 is a schematic structural diagram of an application vulnerability detection apparatus according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application.
The application vulnerability detection method provided by the embodiment of the application vulnerability detection method is implemented in electronic equipment, and the electronic equipment can be terminal equipment or a server. The terminal device can be a smart phone, a tablet computer, a notebook computer, a desktop computer and the like. The server may be an independent server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a Network service, cloud communication, a middleware service, a domain name service, a security service, a Content Delivery Network (CDN), a big data and artificial intelligence platform, but is not limited thereto. The application relates to a block chain technology, and electronic equipment can write related data such as the authority level of a user account and the like into a block chain, so that the electronic equipment can acquire required information on the block chain, for example, the authority level of a first user account and the authority level of a second user account on the block chain.
In some embodiments, the electronic device may execute the application vulnerability detection method according to actual service requirements, so as to improve detection efficiency of the unauthorized vulnerability. The technical scheme can be applied to vulnerability detection scenes of any application program. For example, in a vulnerability detection scenario of a web application, the electronic device may be a server side corresponding to the web application. For another example, in a vulnerability detection scenario of a software application, the electronic device may be a terminal device where the software application is located, or may be a corresponding server. The electronic equipment can determine whether the target application to be detected (a webpage application program or a software application program) has the unauthorized vulnerability according to a first execution result fed back after the first business operation is executed and a second execution result fed back after the second business operation is executed in an applied scene, so that the detection accuracy of the unauthorized vulnerability is improved.
It should be understood that the foregoing scenarios are only examples, and do not constitute a limitation on application scenarios of the technical solutions provided in the embodiments of the present application, and the technical solutions of the present application may also be applied to other scenarios. For example, as can be known by those skilled in the art, with the evolution of system architecture and the emergence of new service scenarios, the technical solution provided in the embodiments of the present application is also applicable to similar technical problems.
Based on the above description, the present application provides an application vulnerability detection method, which may be executed by the above-mentioned electronic device. As shown in fig. 1, a process of the application vulnerability detection method according to the embodiment of the present application may include the following steps:
s101, monitoring a first operation request submitted by a first user account in a target application to be detected.
Wherein, the first operation request is used for requesting to execute a first service operation; the first user account has an operation authority of the first service operation.
In some embodiments, the target application to be tested may be a software application, a web application, or the like. The technical scheme provided by the application is that the vulnerability of the target application to be detected is tested, so that the electronic equipment can start to execute the step of monitoring the first operation request submitted by the first user account at the target application to be detected when the vulnerability test instruction aiming at the target application to be detected is detected. Optionally, the electronic device may install a toolkit capable of monitoring that the electronic device receives any operation request in the target application to be detected, and implement monitoring of the first operation request by running the toolkit when the target application to be detected is running; or any request received by the electronic equipment can be intercepted through the tangent plane technology, so that the monitoring of the first operation request is realized.
In addition, the electronic device or a user terminal corresponding to the electronic device may log in the target application to be detected through the first user account, output an operation interface after the first user account logs in the target application to be detected after the login is successful, and generate a corresponding first operation request based on the indicated first business operation on the operation interface. The first operation request carries account information (such as a user name, a password, and the like) of the first user account, that is, the first operation request is represented as a first operation request submitted by the first user account in the target application to be detected. The first service operation requested to be executed by the first operation request may be any service operation of the first user account having an operation permission in the target application to be detected, for example, the first user account is an administrator account, and the indicated first service operation may be data modification of a service database that is only accessible by the administrator permission, and the like.
S102, when the first business operation is sensitive operation, recording the first business operation.
In some embodiments, the electronic device may determine whether a first business operation is a sensitive operation when monitoring a first operation request requesting execution of the first business operation. The sensitive operation represents an operation related to business important data, and the business important data is usually data (such as a business database, user private data and the like) which is important to a target application to be detected or a user, so the sensitive operation can be used only by an account with a specified authority, and an unauthorized vulnerability is easy to occur. If the target application to be detected has the unauthorized vulnerability, the leakage of the important business data or the improper operation on the important business data is easily caused, so that the first business operation can be recorded and the unauthorized vulnerability can be detected when the first business operation is detected to be the sensitive operation.
In some embodiments, the determining, by the electronic device, whether the first business operation is a sensitive operation may specifically be determining an operation object of the first business operation, and if the operation object belongs to a business important data type, determining that the first business operation belongs to the sensitive operation. The sensitive data object can be set by related business personnel according to actual business scenes and experience values. For example, if the first service operation is to modify a service data table in which user information exists in a service database, the operation object is the service data table in the service database, and if the service data table belongs to a service important data type, the first service operation is determined to be a sensitive operation. In addition, the electronic device may record the first service operation, and may specifically record specific operation content of the first service operation, account information of the first user account, address information of the first operation request (i.e., device information for generating the first operation request), and the like.
S103, obtaining a first execution result fed back after the first business operation is executed.
In some embodiments, the electronic device may execute the first business operation when (or after) determining whether the first business operation is a sensitive operation, and obtain a first execution result fed back after the first business operation is executed. The first execution result may refer to a call condition of an execution method corresponding to the first service operation, or may refer to first response information obtained after the first service operation is executed. The execution method corresponding to the first business operation may be an execution code statement for executing the first business operation, or may be an execution function.
And S104, monitoring a second operation request submitted by the second user account in the target application to be detected.
Wherein, the second operation request is used for requesting to execute a second service operation; the second user account does not have the operation authority of the first service operation.
In some embodiments, the electronic device may obtain one or more second user accounts without the operation permission of the first service operation, and generate a second operation request based on the one or more second user accounts, respectively, that is, after the electronic device generates the second operation request through the target application to be detected, it may be monitored that the second operation request is submitted by the second user account in the target application to be detected. It can be understood that the unauthorized vulnerability is that the specified service operation is executed for the user account that does not have the operation authority of the specified service operation, and therefore, when the second operation request is generated, the second service operation requested to be executed by the second operation request is the first service operation requested to be executed by the first operation request.
In some embodiments, before monitoring a second operation request submitted by a second user account at a target application to be detected, if a first execution result is obtained, the electronic device generates an account switching instruction for the second user account, switches from the first user account to the second user account to log in the target application to be detected after the account switching instruction is detected, and generates a corresponding second operation request based on the target application to be detected logged in by using the second user account.
In some embodiments, the unauthorized vulnerability is that a malicious attacker performs a first business operation indicated by a first user account by using a second user account, so that a process indicating a second business operation based on the second user account is a process indicating the first business operation. Specifically, the electronic device may generate the corresponding second operation request based on the target application to be detected, which is logged in by using the second user account, by outputting an operation interface of the target application to be detected, which is logged in based on the first user account, after the second user account is logged in, and acquiring an operation sequence of the first business operation, where the operation sequence represents a process of indicating the first business operation, and the operation sequence is sequentially executed on the operation interface based on the first business operation to specify the first business operation, so that the second operation request is generated according to the second user account and the specified first business operation. For example, when it is detected that a target application to be detected is logged in by using a first user account, an operation interface of the target application to be detected logged in based on the first user account is output, and a user can perform an instruction of a first business operation in the operation interface; subsequently, when it is detected that the target application to be detected is logged in by using the second user account, the operation interface of the target application to be detected logged in based on the first user account is output, an operation sequence used for indicating the first business operation is obtained, the electronic equipment automatically performs indication of the first business operation on the operation interface according to the indication of the operation sequence, and a second operation request is generated according to the second user account and the indicated first business operation.
In some embodiments, the electronic device may specifically generate the corresponding second operation request based on the target application to be detected logged in by using the second user account, after the second user account is switched and logged in, obtain an operation interface of the target application to be detected logged in based on the second user account, perform data capture on an account login process, obtain key parameters related to the second user account from captured data packets, such as a user identifier (user ID) or an authority parameter, and modify the key parameters related to the second user account into key parameters related to the first user account, such as a user identifier of the first user account is 1 and a user identifier of the second user account is 2, modify the user identifier of the second user account into 1 in the data packet, and update the current operation interface based on the modified data packet, and obtaining an updated operation interface, wherein the updated operation interface is the operation interface of the target application to be detected logged in based on the first user account, and further performing indication of the first service operation in the updated operation interface according to the operation sequence of the first service operation, so as to obtain a second operation request according to the second user account and the indicated first service operation. It can be understood that, this time, only the data packet of the account login process is captured as an example for description, and the electronic device may capture the data packet of any operation process in the target application to be detected to modify the key parameter.
For example, when it is detected that a second user account logs in a target application to be detected, an operation interface of the target application to be detected based on the second user account login is output, the electronic device can capture data in an account login process to obtain a data packet of the account login process, and key parameters related to the second user account are determined from the data packet; and modifying the key parameter related to the second user account into the key parameter related to the first user account, and if the key parameter related to the second user account is set as a user identifier (set as 2) of the second user account and the key parameter related to the first user account is set as a user identifier (set as 1) of the first user account, modifying the user identifier of the second user account in the data packet into the user identifier of the first user account (namely modifying the key parameter 2 into the key parameter 1), and updating the operation interface to obtain the operation interface of the target application to be detected based on the login of the first user account, so that the first business operation is specified based on the updated operation interface to generate the second operation request.
And S105, when the second service operation requested to be executed by the second operation request is the first service operation, recording the second service operation.
In some embodiments, after determining that the second service operation is the first service operation, the electronic device records the second service operation, and the recording mode of the second service operation may be the same as the recording mode of the first service operation.
And S106, acquiring a second execution result fed back after the second service operation is executed.
In some embodiments, the manner of obtaining the second execution result fed back after the second service operation is executed by the electronic device may be the same as the manner of obtaining the first execution result. That is, the second execution result may refer to a call condition of an execution method corresponding to the second service operation (i.e., an execution method corresponding to the first service operation), or may refer to second response information obtained after the second service operation is executed. The execution method corresponding to the second service operation is the execution method corresponding to the first service operation.
S107, when the first execution result and the second execution result meet a first preset condition, determining that the target application to be detected has an unauthorized bug.
In some embodiments, when the first execution result and the second execution result are both corresponding invocation conditions of the execution methods, the determining whether the target application to be detected has the override bug may be that, when the first execution result indicates that the execution method corresponding to the first service operation is successfully invoked and the second execution result indicates that the execution method corresponding to the second service operation is successfully invoked, it is determined that the first execution result and the second execution result satisfy a first preset condition, which indicates that the target application to be detected has the override bug. The successful calling of the execution method corresponding to the first service operation indicates that the first service operation is executed based on the first user account request and is successful, and the successful calling of the execution method corresponding to the second service operation indicates that the second service operation (namely, the first service operation) is executed based on the second user account request and is successful, namely, the first service operation is successfully executed for the second user account which does not have the operation authority of the first service operation, so that a vulnerability detection result indicating that the unauthorized vulnerability exists in the target application to be detected is obtained, and the vulnerability detection result can be sent to a user terminal of a related service person (such as a tester) to repair the vulnerability of the target application to be detected.
It can be understood that, when the first execution result indicates that the execution method corresponding to the first business operation is successfully called and the second execution result indicates that the execution method corresponding to the second business operation is not successfully called, it indicates that the target application to be detected does not have the unauthorized vulnerability.
In some embodiments, when the first execution result is first response information obtained after the first service operation is executed and the second execution result is second response information obtained after the second service operation is executed, and at this time, the first response information is set as response information obtained after the first service operation is successfully executed, whether the target application to be detected has the unauthorized hole or not is judged, whether the similarity between the first response information and the second response information is determined according to the length and the content of the first response information and the second response information or not is determined, if the similarity between the first response information and the second response information is determined to be the same, it is indicated that the target application to be detected has the unauthorized hole, and if the similarity between the first response information and the second response information is determined to be the same, it is indicated that the target application to be detected does not have the unauthorized hole.
In the embodiment of the application, the electronic device may monitor a first operation request submitted by a first user account at a target application to be detected, when the first operation is a sensitive operation, record the first operation, obtain a first execution result fed back after the first operation is executed, monitor a second operation request submitted by a second user account at the target application to be detected, when a second operation requested to be executed by the second operation request is the first operation, record the second operation, obtain a second execution result fed back after the second operation is executed, and determine that the target application to be detected has an unauthorized vulnerability when the first execution result and the second execution result satisfy a first preset condition. By implementing the method, the quick detection of the unauthorized vulnerability can be realized by comparing the execution result fed back after the business operation is executed, the workload during the application test can be reduced to a greater extent, and the detection efficiency and the accuracy of the unauthorized vulnerability can be improved.
Referring to fig. 2, fig. 2 is a schematic flowchart illustrating an application vulnerability detection method according to an embodiment of the present application, where the method may be executed by the above-mentioned electronic device. As shown in fig. 2, a process of applying the vulnerability detection method in the embodiment of the present application may include the following steps:
s201, monitoring a first operation request submitted by a first user account in a target application to be detected.
In some embodiments, before monitoring the first operation request, the electronic device may install a toolkit in the target application to be detected, where the toolkit is configured to capture an execution code of the target application to be detected, and the execution code may include an execution method corresponding to any business operation (e.g., the first business operation). The electronic device can monitor a first operation request submitted by a first user account at a target application to be detected through the tool kit.
The tool kit can be obtained based on Java agent technology and ASM technology, the ASM technology is a Java bytecode manipulation framework, the Java agent technology can be used for constructing a subprogram independent of the target application to be detected, when the electronic device runs the target application to be detected, the tool kit can also be run to generate a subprogram (which can be understood as a monitoring tool) capable of monitoring the target application to be detected, that is, the tool kit can be specifically run to obtain a binary file, the binary configuration file to be added is obtained from the binary file based on the ASM technology, and the binary configuration file is added to the configuration file of the target application to be detected to be compiled to obtain a binary operation file, so that the configuration file of the target application to be detected is modified on a bytecode level, and in the running process of the target application to be detected, the binary operation file in the configuration file is run based on the Java agent technology to obtain the binary operation file built in the target application to be detected The subprogram in use can be used for monitoring the operation request received by the electronic equipment through the target application to be detected, and capturing the execution code of the target application to be detected and the calling condition of the execution code. By the method, the content in the original configuration file of the target application to be detected does not need to be modified, but an operation file independent of the original configuration file of the target application to be detected is additionally added, and the toolkit can be applied to any application to reduce the programming workload of related business personnel.
In some embodiments, the electronic device may further monitor, by using a tangent plane technology, a first operation request submitted by the first user account at the target application to be detected. Specifically, when the first operation request is detected, the electronic device may implement interception of the first operation request through a predefined tangent plane (including tangent plane logic), and the interception process may be understood as a monitoring process. The section can be used for transversely intercepting the interface call request when any operation request is detected, the section logic included in the section defines an execution sub-method for the first operation request, and the execution sub-method includes a judgment mode for judging whether the first service operation is sensitive operation or not and a method for recording the first service operation if the first service operation is judged to be sensitive operation. It can be understood that, the implementation of interception through the defined cut plane (including the cut plane logic) means that before the first business operation is executed, the first business operation enters the cut plane, and then the execution sub-method defined in the cut plane logic can be executed on the first business operation in the cut plane, so as to implement monitoring of the first business operation, judgment of the sensitive operation, and recording of the first business operation. And in the section, the first service operation is not changed at will, that is, the data related to the first service operation is not changed.
S202, when the first business operation is sensitive operation, recording the first business operation. For a specific implementation of step S202, reference may be made to the relevant description of the above embodiments, which is not described herein again.
S203, obtaining a first execution result fed back after the first business operation is executed.
In some embodiments, the electronic device may execute the first service operation by calling an execution method corresponding to the first service operation, and may obtain a first execution result fed back after the first service operation is executed by using a toolkit, where the toolkit may capture an execution code of the target application to be detected and a calling condition of the execution code, and therefore the electronic device may capture the calling condition of the execution method corresponding to the first service operation by using the toolkit, so as to obtain the first execution result. That is, if the calling condition of the execution method corresponding to the first service operation captured by the toolkit is that the execution method is successfully called in the target time period, the first execution result indicates that the execution method corresponding to the first service operation is successfully called, and if the calling condition of the execution method corresponding to the first service operation captured by the toolkit is that the execution method is not successfully called in the target time period, the first execution result indicates that the execution method corresponding to the first service operation is not successfully called. The target time period is a preset maximum waiting time required for executing the first service operation, that is, if the target time period is exceeded and the first service operation cannot be executed, the first service operation is cancelled. The target time period may be set by the relevant service personnel according to empirical values.
And S204, monitoring a second operation request submitted by the second user account in the target application to be detected.
In some embodiments, the second user account may be one or more, and a second user account submits a second operation request. The second user account acquired by the electronic device may be pre-stored in the electronic device, and the acquiring, by the electronic device, the second user account may be acquired based on the first user account, and specifically, the permission level of the first user account may be acquired, and the second user account without the operation permission of the first business operation may be acquired according to the permission level of the first user account. The second user account is obtained according to the permission level of the first user account, wherein the user account with the permission level same as that of the first user account is obtained as the second user account, or the user account with the permission level lower than that of the first user account is obtained. The authority level of the user account may be a numerical value set by the relevant service person according to an empirical value. When the permission level of the second user account is the same as that of the first user account, the second user account and the first user account are user accounts of the same permission level, and when the permission level of the second user account is lower than that of the first user account, the second user account and the first user account are user accounts of different permission levels, that is, the first user account is a user account with a high permission level relative to the second user account, and the second user account is a user account with a low permission level relative to the first user account. For example, the permission level is a set numerical value, the larger the numerical value is, the higher the permission level is, and if the permission level of the first user account is 5, the permission level of the second user account is 1, so that the first user account is a high permission level, and the second user account is a low permission level.
In some embodiments, the electronic device may implement, through a toolkit or a tangent plane technology, monitoring of the second operation request submitted by the second user account at the target application to be detected. Optionally, when monitoring is performed by using the tangent plane technology, a tangent plane logic matched with the second operation request may be defined in the tangent plane, that is, the tangent plane logic may specifically be to record the second service operation when it is determined that the second service operation requested to be executed by the second operation request is the first service operation.
In some embodiments, before monitoring a second operation request submitted by a second user account at a target application to be detected, the electronic device generates a second operation request based on the second user account. The electronic device may generate the second operation request in a manner that the identity parameter associated with the first user account in the first operation request is obtained, the identity parameter associated with the first user account in the first operation request is replaced with the identity parameter associated with the second user account, and the replaced first operation request is used as the second operation request. The identity parameter associated with the first user account indicates that the first user account is identified in the operation request, and the identity parameter associated with the second user account indicates that the second user account is identified in the operation request, that is, the first operation request may be understood as an operation request for requesting a first service operation sent based on the first user account, and the replaced first operation request may be understood as an operation request for requesting the first service operation sent based on the second user account. For example, a first user account is taken as an administrator account, an identity parameter associated with the first user account is taken as admin account, a second user account is taken as a non-administrator account, and an identity parameter associated with the second user account is taken as not-admin account, so that after a first operation request is obtained, the identity parameter admin associated with the first user account contained in the first operation request is modified into the identity parameter not-admin associated with the second user account, and a second operation request is obtained, wherein the second operation request is used for requesting for a first service operation.
S205, when the second service operation requested to be executed by the second operation request is the first service operation, recording the second service operation. For a specific implementation of step S205, reference may be made to the related description of the above embodiments, which is not described herein again.
S206, obtaining a second execution result fed back after the second service operation is executed.
In some embodiments, a specific manner of obtaining the second execution result by the electronic device may be the same as the above-described specific manner of obtaining the first execution result, and details are not repeated here.
And S207, when the first execution result and the second execution result meet a first preset condition, determining that the target application to be detected has an unauthorized bug.
In some embodiments, the electronic device may obtain a first execution result and a second execution result through the toolkit, and when the first execution result indicates that the execution method corresponding to the first service operation is successfully called, and the second execution result indicates that the execution method corresponding to the second service operation is successfully called, it is determined that the first execution result and the second execution result satisfy a first preset condition, that is, the target application to be detected has an unauthorized vulnerability.
In some embodiments, when the first execution result and the second execution result do not satisfy the first preset condition, whether the first execution result and the second execution result satisfy the second preset condition is determined, and if the first execution result and the second execution result satisfy the second preset condition, it is determined that the target application to be detected has the operation abnormality vulnerability. Specifically, the determining, by the electronic device, whether the first execution result and the second execution result satisfy the second preset condition may be that, when the first execution result indicates that the execution method corresponding to the first service operation is not successfully called and the second execution result indicates that the execution method corresponding to the second service operation is not successfully called, it is determined that the first execution result and the second execution result satisfy the second preset condition. That is, the current operation of the target application to be detected is abnormal, and the service operation cannot be executed, so that a vulnerability detection result indicating that the operation of the target application to be detected is abnormal is obtained, and the vulnerability detection result can be sent to a user terminal of a relevant service person (such as a tester) to repair the vulnerability of the target application to be detected.
In some embodiments, when the first execution result and the second execution result do not satisfy the first preset condition and the second preset condition, whether the first execution result and the second execution result satisfy a third preset condition is determined, and if the first execution result and the second execution result satisfy the third preset condition, it is determined that the target application to be detected has the authority logic vulnerability. Specifically, the determining, by the electronic device, whether the first execution result and the second execution result satisfy a third preset condition may be that, when the first execution result indicates that the execution method corresponding to the first service operation is not successfully called and the second execution result indicates that the execution method corresponding to the second service operation is successfully called, it is determined that the first execution result and the second execution result satisfy the third preset condition. The method includes the steps that a target application to be detected cannot execute first service operation based on a first user account with operation authority, and when the target application to be detected can execute the first service operation based on a second user account without operation authority, the condition that authority logic configuration is wrong may exist, so that a vulnerability detection result indicating that the target application to be detected has authority logic errors is obtained, and the vulnerability detection result can be sent to a user terminal of related service personnel (such as testing personnel) to repair the vulnerability of the target application to be detected.
S208, determining the override type of the override vulnerability existing in the target application to be detected according to the authority level of the first user account and the authority level of the second user account.
In some embodiments, when it is determined that the target application to be detected has the override vulnerability, the override vulnerability of the override vulnerability may be determined based on the permission level of the first user account and the permission level of the second user account. Specifically, the permission level of the first user account and the permission level of the second user account are obtained, the consistency between the permission level of the first user account and the permission level of the second user account is compared to obtain a comparison result, and the override type of the override vulnerability existing in the target application to be detected is determined according to the comparison result. The determining of the override type of the override vulnerability existing in the target application to be detected according to the comparison result may specifically be that, when the comparison result indicates that the permission level of the first user account is inconsistent with the permission level of the second user account, the determining of the override type of the override vulnerability existing in the target application to be detected is a vertical override type; and when the comparison result indicates that the authority level of the first user account is consistent with the authority level of the second user account, determining that the override type of the override vulnerability existing in the target application to be detected is a horizontal override type. It can be understood that, when the permission level of the first user account is inconsistent with the permission level of the second user account, that is, the permission level of the first user account is higher than that of the second user account, it indicates that the first user account is a user account with a high permission level and the second user account is a user account with a low permission level, so that the override type at this time is a vertical override, that is, a user with a low permission level can also perform a service operation that can only be performed by a user with a high permission level. The electronic device can send the override type of the override vulnerability existing in the target application to be detected to a user terminal of related service personnel (such as testers) so as to repair the target application to be detected by combining the specific override type.
For example, as shown in fig. 3, fig. 3 is a schematic diagram of an application vulnerability detection process provided in the embodiment of the present application; wherein, the target application to be detected is set as a web application program, the electronic device is a server corresponding to the web application program, after the electronic device detects that the user terminal logs in the target application to be detected through the first user account, outputting an operation interface of a target application to be detected logged in based on a first user account to a user terminal, receiving a first operation request sent by the user terminal, after acquiring the first execution result fed back by executing the first business operation requested by the first operation request, the electronic equipment generates a second operation request based on the first operation request and the second user account, after acquiring a second execution result fed back by a second service operation requested by executing the second operation request, and judging the vulnerability of the target application to be detected based on the first execution result and the second execution result, and determining and sending a vulnerability detection result to the user terminal.
In the embodiment of the application, the electronic device may monitor a first operation request submitted by a first user account at a target application to be detected, when the first business operation is sensitive operation, recording the first business operation, acquiring a first execution result fed back after the first business operation is executed, monitoring a second operation request submitted by a second user account at a target application to be detected, when the second service operation requested to be executed by the second operation request is the first service operation, recording the second service operation, acquiring a second execution result fed back after the second service operation is executed, when the first execution result and the second execution result meet a first preset condition, determining that the target application to be detected has an unauthorized vulnerability, and determining the override type of the override vulnerability existing in the target application to be detected according to the authority level of the first user account and the authority level of the second user account. By implementing the method, the quick detection of the unauthorized vulnerability can be realized by comparing the execution result fed back after the business operation is executed, the workload during the application test can be reduced to a greater extent, and the detection efficiency and the accuracy of the unauthorized vulnerability can be improved.
Please refer to fig. 4, fig. 4 is a schematic structural diagram of an application vulnerability detection apparatus provided in the present application. It should be noted that the application vulnerability detection apparatus shown in fig. 4 is used for executing the method of the embodiment shown in fig. 1 and fig. 2 of the present application, and for convenience of description, only the portion related to the embodiment of the present application is shown, and details of the technology are not disclosed, please refer to the embodiment shown in fig. 1 and fig. 2 of the present application. The application vulnerability detection apparatus 400 may include: a monitoring module 401, a recording module 402, an obtaining module 403, and a determining module 404. Wherein:
the monitoring module 401 is configured to monitor a first operation request submitted by a first user account at a target application to be detected; the first operation request is used for requesting to execute a first service operation; the first user account has the operation authority of the first service operation;
a recording module 402, configured to record the first business operation when the first business operation is a sensitive operation;
an obtaining module 403, configured to obtain a first execution result fed back after the first service operation is executed;
the monitoring module 401 is further configured to monitor a second operation request submitted by a second user account at the target application to be detected; the second operation request is used for requesting to execute a second service operation; the second user account does not have the operation authority of the first service operation;
the recording module 402 is further configured to record a second service operation requested to be executed by the second operation request when the second service operation is the first service operation;
the obtaining module 403 is further configured to obtain a second execution result fed back after the second service operation is executed;
a determining module 404, configured to determine that the target application to be detected has an unauthorized vulnerability when the first execution result and the second execution result meet a first preset condition.
In one possible embodiment, the first execution result and the second execution result satisfy a first preset condition, including:
and when the first execution result shows that the execution method corresponding to the first business operation is successfully called and the second execution result shows that the execution method corresponding to the second business operation is successfully called, determining that the first execution result and the second execution result meet a first preset condition.
In a possible embodiment, before the monitoring module 401 is configured to monitor the first operation request submitted by the first user account at the target application to be detected, the monitoring module is further configured to:
installing a toolkit on the target application to be detected; the tool kit is used for capturing the execution code of the target application to be detected; the execution code comprises an execution method corresponding to the first business operation and an execution method corresponding to the second business operation;
the monitoring module 401, when configured to monitor a first operation request submitted by a first user account at a target application to be detected, is specifically configured to:
monitoring a first operation request submitted by a first user account in a target application to be detected through the tool kit;
the obtaining module 403, when configured to obtain a first execution result fed back after the first service operation is executed, is specifically configured to:
and monitoring a first execution result fed back after the first business operation through the tool kit.
In a possible embodiment, before the monitoring module 401 is configured to monitor the second operation request submitted by the second user account at the target application to be detected, the monitoring module is further configured to:
and when an account switching instruction is detected, switching from the first user account to the second user account to log in the target application to be detected.
In one possible implementation, the determining module 404 is further configured to:
acquiring the authority level of the first user account and the authority level of the second user account;
comparing the permission level of the first user account with the permission level of the second user account to obtain a comparison result;
and determining the override type of the override vulnerability existing in the target application to be detected according to the comparison result.
In one possible implementation, the determining module 404 is further configured to:
when the first execution result and the second execution result do not meet a first preset condition, judging whether the first execution result and the second execution result meet a second preset condition;
if the first execution result and the second execution result meet a second preset condition, determining that the target application to be detected has a vulnerability of abnormal operation
In a possible implementation manner, when the determining module 404 is configured to determine whether the first execution result and the second execution result satisfy a second preset condition, specifically:
when the first execution result indicates that the execution method corresponding to the first business operation is not successfully called and the second execution result indicates that the execution method corresponding to the second business operation is not successfully called, it is determined that the first execution result and the second execution result satisfy a second preset condition.
In the embodiment of the application, a monitoring module monitors a first operation request submitted by a first user account in a target application to be detected; the recording module records the first business operation when the first business operation is sensitive operation; the acquisition module acquires a first execution result fed back after the first business operation is executed; the monitoring module monitors a second operation request submitted by a second user account in the target application to be detected; when the second service operation requested to be executed by the second operation request is the first service operation, the recording module records the second service operation; the acquisition module acquires a second execution result fed back after executing the second service operation; the determining module determines that the target application to be detected has the unauthorized vulnerability when the first execution result and the second execution result meet a first preset condition. By the scheme, the quick detection of the unauthorized vulnerability can be realized by comparing the execution results fed back after the business operation is executed, the workload during application test can be reduced to a greater extent, and the detection efficiency and accuracy of the unauthorized vulnerability can be improved.
Each functional module in the embodiments of the present application may be integrated into one module, or each module may exist alone physically, or two or more modules are integrated into one module. The integrated module may be implemented in a form of hardware, or may be implemented in a form of software functional module, which is not limited in this application.
Please refer to fig. 5, fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure. As shown in fig. 5, the electronic device 500 includes: at least one processor 501, a memory 502. Optionally, the electronic device may further include a network interface. Data can be exchanged between the processor 501, the memory 502 and a network interface, the network interface is controlled by the processor 501 to send and receive messages, the memory 502 is used for storing a computer program, the computer program comprises program instructions, and the processor 501 is used for executing the program instructions stored in the memory 502. Wherein the processor 501 is configured to call the program instructions to perform the above-described method.
The memory 502 may include volatile memory (volatile memory), such as random-access memory (RAM); the memory 502 may also include a non-volatile memory (non-volatile memory), such as a flash memory (flash memory), a solid-state drive (SSD), etc.; the memory 502 may also comprise a combination of memories of the kind described above.
The processor 501 may be a Central Processing Unit (CPU). In one embodiment, the processor 501 may also be a Graphics Processing Unit (GPU). The processor 501 may also be a combination of a CPU and a GPU.
In one possible embodiment, the memory 502 is used to store program instructions, which the processor 501 can call to perform the following steps:
monitoring a first operation request submitted by a first user account in a target application to be detected; the first operation request is used for requesting to execute a first service operation; the first user account has the operation authority of the first service operation;
when the first business operation is sensitive operation, recording the first business operation;
obtaining a first execution result fed back after the first business operation is executed;
monitoring a second operation request submitted by a second user account in the target application to be detected; the second operation request is used for requesting to execute a second service operation; the second user account does not have the operation authority of the first service operation;
when the second service operation requested to be executed by the second operation request is the first service operation, recording the second service operation;
obtaining a second execution result fed back after the second service operation is executed;
and when the first execution result and the second execution result meet a first preset condition, determining that the target application to be detected has an unauthorized vulnerability.
In one possible embodiment, the first execution result and the second execution result satisfy a first preset condition, including:
and when the first execution result shows that the execution method corresponding to the first business operation is successfully called and the second execution result shows that the execution method corresponding to the second business operation is successfully called, determining that the first execution result and the second execution result meet a first preset condition.
In one possible embodiment, before the processor 501 is configured to monitor the first operation request submitted by the first user account at the target application to be detected, the processor is further configured to:
installing a toolkit on the target application to be detected; the tool kit is used for capturing the execution code of the target application to be detected; the execution code comprises an execution method corresponding to the first business operation and an execution method corresponding to the second business operation;
when the processor 501 is configured to monitor a first operation request submitted by a first user account at a target application to be detected, specifically:
monitoring a first operation request submitted by a first user account in a target application to be detected through the tool kit;
when the processor 501 is configured to obtain a first execution result fed back after the first service operation is executed, specifically:
and monitoring a first execution result fed back after the first business operation through the tool kit.
In a possible implementation manner, before the processor 501 is configured to monitor a second operation request submitted by a second user account at the target application to be detected, the processor is further configured to:
and when an account switching instruction is detected, switching from the first user account to the second user account to log in the target application to be detected.
In one possible implementation, the processor 501 is further configured to:
acquiring the authority level of the first user account and the authority level of the second user account;
comparing the permission level of the first user account with the permission level of the second user account to obtain a comparison result;
and determining the override type of the override vulnerability existing in the target application to be detected according to the comparison result.
In one possible implementation, the processor 501 is further configured to:
when the first execution result and the second execution result do not meet a first preset condition, judging whether the first execution result and the second execution result meet a second preset condition;
if the first execution result and the second execution result meet a second preset condition, determining that the target application to be detected has a vulnerability of abnormal operation
In a possible implementation manner, when the processor 501 is configured to determine whether the first execution result and the second execution result satisfy a second preset condition, specifically, to:
when the first execution result indicates that the execution method corresponding to the first business operation is not successfully called and the second execution result indicates that the execution method corresponding to the second business operation is not successfully called, it is determined that the first execution result and the second execution result satisfy a second preset condition.
In a specific implementation, the apparatus, the processor 501, the memory 502, and the like described in the embodiments of the present application may perform the implementation described in the above method embodiments, and may also perform the implementation described in the embodiments of the present application, which is not described herein again.
Also provided in embodiments of the present application is a computer (readable) storage medium storing a computer program comprising program instructions that, when executed by a processor, cause the processor to perform some or all of the steps performed in the above-described method embodiments. Alternatively, the computer storage media may be volatile or nonvolatile. The computer-readable storage medium may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function, and the like; the storage data area may store data created according to the use of the blockchain node, and the like.
The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism and an encryption algorithm. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.
Embodiments of the present application provide a computer program product, which may include a computer program, and when the computer program is executed by a processor, part or all of the steps in the method may be implemented, which is not described herein again.
Reference herein to "a plurality" means two or more. "and/or" describes the association relationship of the associated objects, meaning that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship.
It will be understood by those skilled in the art that all or part of the processes of the methods of the above embodiments may be implemented by a computer program, which may be stored in a computer storage medium, and the computer storage medium may be a computer readable storage medium, and when executed, the programs may include the processes of the above embodiments of the methods. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
While the present disclosure has been described with reference to particular embodiments, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the present disclosure.
Claims (10)
1. An application vulnerability detection method, the method comprising:
monitoring a first operation request submitted by a first user account in a target application to be detected; the first operation request is used for requesting to execute a first service operation; the first user account has the operation authority of the first service operation;
when the first business operation is sensitive operation, recording the first business operation;
obtaining a first execution result fed back after the first business operation is executed;
monitoring a second operation request submitted by a second user account in the target application to be detected; the second operation request is used for requesting to execute a second service operation; the second user account does not have the operation authority of the first service operation;
when the second service operation requested to be executed by the second operation request is the first service operation, recording the second service operation;
obtaining a second execution result fed back after the second service operation is executed;
and when the first execution result and the second execution result meet a first preset condition, determining that the target application to be detected has an unauthorized vulnerability.
2. The method of claim 1, wherein the first execution result and the second execution result satisfy a first preset condition, comprising:
and when the first execution result shows that the execution method corresponding to the first business operation is successfully called and the second execution result shows that the execution method corresponding to the second business operation is successfully called, determining that the first execution result and the second execution result meet a first preset condition.
3. The method according to claim 2, wherein before monitoring the first operation request submitted by the first user account at the target application to be detected, the method further comprises:
installing a toolkit on the target application to be detected; the tool kit is used for capturing the execution code of the target application to be detected; the execution code comprises an execution method corresponding to the first business operation and an execution method corresponding to the second business operation;
the monitoring of the first operation request submitted by the first user account in the target application to be detected includes:
monitoring a first operation request submitted by a first user account in a target application to be detected through the tool kit;
the obtaining of the first execution result fed back after the first service operation is executed includes:
and monitoring a first execution result fed back after the first business operation through the tool kit.
4. The method according to claim 3, wherein the monitoring is performed before the second operation request submitted by the target application to be detected by the second user account, and the method further comprises:
and when an account switching instruction is detected, switching from the first user account to the second user account to log in the target application to be detected.
5. The method of claim 1, further comprising:
acquiring the authority level of the first user account and the authority level of the second user account;
comparing the permission level of the first user account with the permission level of the second user account to obtain a comparison result;
and when the comparison result indicates that the authority level of the first user account is not consistent with the authority level of the second user account, determining that the override type of the override vulnerability existing in the target application to be detected is a vertical override type.
6. The method of claim 1, further comprising:
when the first execution result and the second execution result do not meet a first preset condition, judging whether the first execution result and the second execution result meet a second preset condition;
and if the first execution result and the second execution result meet a second preset condition, determining that the target application to be detected has a vulnerability of abnormal operation.
7. The method of claim 1, wherein the determining whether the first execution result and the second execution result satisfy a second preset condition comprises:
when the first execution result indicates that the execution method corresponding to the first business operation is not successfully called and the second execution result indicates that the execution method corresponding to the second business operation is not successfully called, it is determined that the first execution result and the second execution result satisfy a second preset condition.
8. An application vulnerability detection apparatus, the apparatus comprising:
the monitoring module is used for monitoring a first operation request submitted by a first user account in a target application to be detected; the first operation request is used for requesting to execute a first service operation; the first user account has the operation authority of the first service operation;
the recording module is used for recording the first business operation when the first business operation is sensitive operation;
the acquisition module is used for acquiring a first execution result fed back after the first business operation is executed;
the monitoring module is further configured to monitor a second operation request submitted by a second user account in the target application to be detected; the second operation request is used for requesting to execute a second service operation; the second user account does not have the operation authority of the first service operation;
the recording module is further configured to record a second service operation requested to be executed by the second operation request when the second service operation is the first service operation;
the obtaining module is further configured to obtain a second execution result fed back after the second service operation is executed;
and the determining module is used for determining that the target application to be detected has the unauthorized vulnerability when the first execution result and the second execution result meet a first preset condition.
9. An electronic device comprising a processor and a memory, wherein the memory is configured to store a computer program comprising program instructions, and wherein the processor is configured to invoke the program instructions to perform the method of any of claims 1-7.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program comprising program instructions that, when executed by a processor, cause the processor to carry out the method according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210040191.9A CN114386047A (en) | 2022-01-13 | 2022-01-13 | Application vulnerability detection method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210040191.9A CN114386047A (en) | 2022-01-13 | 2022-01-13 | Application vulnerability detection method and device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114386047A true CN114386047A (en) | 2022-04-22 |
Family
ID=81201362
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210040191.9A Pending CN114386047A (en) | 2022-01-13 | 2022-01-13 | Application vulnerability detection method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114386047A (en) |
-
2022
- 2022-01-13 CN CN202210040191.9A patent/CN114386047A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111191226B (en) | Method, device, equipment and storage medium for determining program by utilizing right-raising loopholes | |
| CN110995825B (en) | Intelligent contract issuing method, intelligent node equipment and storage medium | |
| CN113646761A (en) | Providing application security, authentication and feature analysis to applications | |
| CN111431753A (en) | Asset information updating method, device, equipment and storage medium | |
| CN111083093B (en) | Method and device for calling terminal capability, electronic equipment and storage medium | |
| WO2021174870A1 (en) | Network security risk inspection method and system, computer device, and storage medium | |
| CN112347472B (en) | Behavior credibility measuring method and device based on power edge calculation | |
| CN114138590A (en) | Operation and maintenance processing method and device for Kubernetes cluster and electronic equipment | |
| CN115248919A (en) | Method and device for calling function interface, electronic equipment and storage medium | |
| CN112995236A (en) | Internet of things equipment safety management and control method, device and system | |
| CN114386047A (en) | Application vulnerability detection method and device, electronic equipment and storage medium | |
| CN115455414A (en) | Safety detection method and device | |
| CN115189938A (en) | Service safety protection method and device | |
| CN110958267B (en) | Method and system for monitoring threat behaviors in virtual network | |
| CN110995756B (en) | Method and device for calling service | |
| CN113468217A (en) | Data query management method and device, computer equipment and readable storage medium | |
| CN112464225A (en) | Request processing method, request processing device and computer readable storage medium | |
| CN112732676A (en) | Data migration method, device, equipment and storage medium based on block chain | |
| CN111159714A (en) | Method and system for verifying credibility of main body in operation in access control | |
| CN111177726A (en) | System vulnerability detection method, device, equipment and medium | |
| CN117272278B (en) | Decentralization management method and device for digital asset platform | |
| CN114553563B (en) | Verification method and device without back display loopholes, electronic equipment and readable storage medium | |
| US20230101198A1 (en) | Computer-implemented systems and methods for application identification and authentication | |
| US20230094066A1 (en) | Computer-implemented systems and methods for application identification and authentication | |
| CN117034295A (en) | Vulnerability scanning method and system based on Kubernetes Operator |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |