CN115982715A - Security vulnerability detection system and method based on rapid generation of data files - Google Patents
Security vulnerability detection system and method based on rapid generation of data files Download PDFInfo
- Publication number
- CN115982715A CN115982715A CN202211656003.1A CN202211656003A CN115982715A CN 115982715 A CN115982715 A CN 115982715A CN 202211656003 A CN202211656003 A CN 202211656003A CN 115982715 A CN115982715 A CN 115982715A
- Authority
- CN
- China
- Prior art keywords
- data
- file
- vulnerability detection
- program code
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Debugging And Monitoring (AREA)
Abstract
The invention discloses a security vulnerability detection system and a method based on rapid generation of data files, and the security vulnerability detection system based on rapid generation of data files comprises: the device comprises a data acquisition module, a data extraction module, a data analysis module, a data generation module and a data display module. A method for a security vulnerability detection system based on rapid generation of data files comprises the following steps: acquiring a data file; extracting parameter data of the data file; the data analysis plug-in analyzes the corresponding data into a vulnerability detection function code and transmits a detection result to a framework program code; the frame program code carries out warehousing operation on the detection result; and performing Web display on the warehousing result. When a new bug occurs, security personnel only need to fill in relevant form data according to the bug type without writing plug-in and codes, so that time is saved, and the bug detection efficiency is improved.
Description
Technical Field
The invention relates to a security vulnerability detection system and method, in particular to a security vulnerability detection system and method based on rapid generation of data files, and belongs to the field of computer network security.
Background
In the field of network security, there are many security vulnerability detection methods, and fast programming of security vulnerability detection programs becomes a barrier that cannot go around. When a new bug occurs, the fastest online bug detection program becomes a necessary place for manufacturers. When an original vulnerability detection tool or system meets a large amount of vulnerability detection, a large amount of vulnerability detection codes are needed, and when a new vulnerability appears, the vulnerability detection can be completed only by matching of personnel who understand the codes and understand safety.
At present, many bugs are detected by using plug-ins in the world, and each bug detection needs a special plug-in, so that a large number of plug-ins and codes need to be written to detect the bugs, thereby wasting time and influencing the bug detection effect.
Disclosure of Invention
In order to overcome the defects of the technology, the invention provides a security vulnerability detection system and method based on rapid generation of data files.
In order to solve the technical problems, the invention adopts the technical scheme that: a security vulnerability detection system based on rapid generation of data files, the system comprising:
the data acquisition module is used for acquiring data files;
the data extraction module is used for extracting a parameter list of the data file;
the data analysis module analyzes the data into a vulnerability detection function code through the data analysis plug-in and transmits a detection result to the framework program code;
the data generation module is used for performing warehousing operation on the detection result through the framework program code;
and the data display module is used for carrying out Web display on the warehousing result.
Preferably, the data extraction module searches for corresponding data in the parameter list through the framework program code, extracts the corresponding data to obtain a data structure of the data to be filled, and transmits the data structure to the corresponding data analysis plug-in.
Preferably, the data file is a CSV file or a JSON file or an xml file or a yaml file.
A method for a security vulnerability detection system based on rapid generation of data files comprises the following steps:
step 101: acquiring a data file, namely reading the data file into a memory by a data acquisition module;
step 102: extracting parameter data of the data file;
step 103: the data analysis plug-in analyzes the corresponding data into a vulnerability detection function code and transmits a detection result to a framework program code;
step 104: the frame program code carries out warehousing operation on the detection result;
step 105: and performing Web display on the warehousing result.
Preferably, the specific process of step 102 is: and the framework program code searches corresponding parameter data in the data file according to the vulnerability number or the plug-in name, extracts the corresponding parameter data and transmits the parameter data to the corresponding data analysis plug-in.
Preferably, the data parsing plug-in is implemented by adopting Python language or GO language.
Preferably, the Web is displayed as a Web part of the security vulnerability detection system, and the security vulnerability detection result is read and displayed in a Web interface.
The invention can realize the detection of the security vulnerability only by using some general plug-ins, for example, httpdecect plug-ins are adopted for Web type common vulnerabilities, and socket _ detect plug-ins are adopted for socket communication type vulnerabilities. When a new bug appears, security personnel only need to fill in relevant table data according to the bug type without writing plug-ins and codes, so that the time is saved, and the bug detection efficiency is improved.
Drawings
Fig. 1 is an overall flowchart of vulnerability detection based on CSV and JSON files in the present invention.
Fig. 2 is a schematic diagram of functional modules of the security vulnerability detection system according to the present invention.
FIG. 3 is a diagram illustrating a data structure based on CSV files according to the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and specific embodiments.
As shown in fig. 1, a method for a security vulnerability detection system based on rapid generation of a data file includes the following steps:
step 101: acquiring data files based on CSV files (JSON files, xml files and yaml files can be used), and the like, wherein the data acquisition module reads CSV data into a memory;
description of CSV data Format:
event name: vulnerability name
id: vulnerability numbering
Plug-in name: plug-in name to call
Prefix: the httpdetect plug-in is generally HOST, the socket _ detect plug-in is generally an IP address (IPD is a target IP address) corresponding to HOST, and other plug-ins are determined according to actual conditions;
suffix: httpdetect plug-ins are generally Uri, socket _ detect plug-ins are generally port numbers corresponding to HOST, and other plug-ins are determined according to actual conditions;
responding to the string: if there is a bug, responding to word string keywords contained in the message
Additional information: request method, request header feature, response header feature, and the like
An example of a CSV data format is shown in figure 3.
Step 102: parameter data for extracting data files such as CSV
The framework program code searches corresponding parameter data in the CSV data file (the CSV file is generally a line or a plurality of lines of data, and the data format is described in the CSV data format in step 101) according to the vulnerability number or the plug-in name, extracts the corresponding parameter data, and transmits the parameter data to the corresponding data analysis plug-in;
step 103: the data analysis plug-in analyzes the corresponding data into a vulnerability detection function code and transmits a detection result to a framework program code;
the data analysis plug-in of the current system adopts Python language and can also be realized by GO language;
an example code of the simplest data parsing plug-in to verify a security vulnerability is shown as follows:
the example code is Url data, wherein ModulePara is parameter data transmitted from the main frame program code to the data analysis plug-in, wherein the core data is line _ list parameter data, the line _ list is parameter data acquired from a data file such as CSV in step 102, and the other data of ModulePara is data such as Url and IP.
Step 104: the framework program code carries out operations such as warehousing on the detection result;
step 105: and performing Web display on the warehousing result.
And the Web is displayed as a Web part of the security vulnerability detection system, and the security vulnerability detection result is read and displayed in a Web interface.
A security vulnerability detection system based on rapid generation of data files, the system comprising: the data acquisition module is used for acquiring data files based on CSV (common service provider) files, JSON (Java service provider) files and the like;
the data extraction module is used for extracting parameter lists of data files such as CSV (common service provider) files and JSON (Java service provider) files, searching corresponding data in the parameter lists by using the framework program codes, extracting the corresponding data to obtain a data structure of data to be filled, and transmitting the data structure to a corresponding data analysis plug-in;
the data analysis module is used for analyzing the data into a vulnerability detection function code by the data analysis plug-in and transmitting a detection result to the framework program code;
the data generation module is used for carrying out operations such as warehousing on the detection result by the framework program code;
and the data display module is used for carrying out Web display on the warehousing result.
The invention provides a method for rapidly generating security vulnerability detection based on data files such as CSV (common service provider) and JSON (Java service provider) files (xml files and yaml files are also available). Under the condition that a developer provides a main frame program, most of the time, security personnel only need to configure related parameters in the data files such as CSV (common service provider) or JSON (Java service provider), and when a new vulnerability occurs, a system can be rapidly online with the vulnerability detection function.
The above embodiments are not intended to limit the present invention, and the present invention is not limited to the above examples, and variations, modifications, additions and substitutions which may be made by those skilled in the art within the technical scope of the present invention are also within the protective scope of the present invention.
Claims (7)
1. A security vulnerability detection system based on rapid generation of data files is characterized in that: the system comprises:
the data acquisition module is used for acquiring a data file;
the data extraction module is used for extracting a parameter list of the data file;
the data analysis module analyzes the data into a vulnerability detection function code through the data analysis plug-in and transmits a detection result to the framework program code;
the data generation module is used for carrying out warehousing operation on the detection result through the framework program code;
and the data display module is used for carrying out Web display on the warehousing result.
2. The system for detecting the security vulnerabilities based on the rapid generation of the data files according to claim 1, characterized in that: and the data extraction module searches corresponding data in the parameter list through the framework program code, extracts the corresponding data to obtain a data structure of the data to be filled, and transmits the data structure to the corresponding data analysis plug-in.
3. The system for detecting the security vulnerability based on the rapid generation of data files of claim 2, characterized in that: the data file is a CSV file or a JSON file or an xml file or a yaml file.
4. A method of a security vulnerability detection system based on rapid generation of data files according to any of claims 1-3, characterized by: the method comprises the following steps:
step 101: acquiring a data file, namely reading the data file into a memory by a data acquisition module;
step 102: extracting parameter data of the data file;
step 103: the data analysis plug-in analyzes the corresponding data into a vulnerability detection function code and transmits a detection result to a framework program code;
step 104: the frame program code carries out warehousing operation on the detection result;
step 105: and performing Web display on the warehousing result.
5. The method for rapidly generating detection of security vulnerabilities based on data files of claim 4, wherein: the specific process of step 102 is as follows: and the framework program code searches corresponding parameter data in the data file according to the vulnerability number or the plug-in name, extracts the corresponding parameter data and transmits the parameter data to the corresponding data analysis plug-in.
6. The method for rapidly generating detection of security vulnerabilities based on data files of claim 4, wherein: the data analysis plug-in is realized by adopting Python language or GO language.
7. The method for rapidly generating detection of security vulnerabilities based on data files of claim 4, wherein: and the Web is displayed as a Web part of the security vulnerability detection system, and the security vulnerability detection result is read and displayed in a Web interface.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211656003.1A CN115982715A (en) | 2022-12-22 | 2022-12-22 | Security vulnerability detection system and method based on rapid generation of data files |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211656003.1A CN115982715A (en) | 2022-12-22 | 2022-12-22 | Security vulnerability detection system and method based on rapid generation of data files |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115982715A true CN115982715A (en) | 2023-04-18 |
Family
ID=85973371
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211656003.1A Pending CN115982715A (en) | 2022-12-22 | 2022-12-22 | Security vulnerability detection system and method based on rapid generation of data files |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115982715A (en) |
-
2022
- 2022-12-22 CN CN202211656003.1A patent/CN115982715A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109684847B (en) | Automatic repairing method, device, equipment and storage medium for script loopholes | |
| CN108628748B (en) | Automatic test management method and automatic test management system | |
| CN107341399B (en) | Method and device for evaluating security of code file | |
| CN111209166B (en) | Automatic inspection system for B/S architecture service system | |
| CN106547658B (en) | Automatic testing method and device | |
| CN104573520A (en) | Method and device for detecting permanent type cross site scripting vulnerability | |
| CN111770079B (en) | Method and device for detecting vulnerability injection of web framework | |
| CN106681734A (en) | Response method and device for function interface call | |
| CN116911240B (en) | Command configuration method, device, equipment and medium of electronic automation design software | |
| CN112748928A (en) | Rich text data processing method and device, computer equipment and storage medium | |
| CN106681852B (en) | A kind of method of adjustment and device of browser compatibility | |
| CN105262720A (en) | Web robot traffic identification method and device | |
| CN115514677B (en) | Method and system for server dial testing | |
| CN115982715A (en) | Security vulnerability detection system and method based on rapid generation of data files | |
| CN116775488A (en) | Abnormal data determination method, device, equipment, medium and product | |
| CN107797917B (en) | Performance test script generation method and device | |
| CN114675989A (en) | Data verification method and device, electronic equipment and storage medium | |
| CN109218284B (en) | XSS vulnerability detection method and device, computer equipment and readable medium | |
| CN113157554A (en) | Software automation question making test method and related equipment | |
| CN111651356A (en) | Application program testing method, device and system | |
| CN114500253B (en) | Log information storage method and storage medium | |
| CN109743333A (en) | A kind of system of comprehensive analysis enterprise network security loophole | |
| CN111026575B (en) | Abnormality processing method and device and electronic equipment | |
| CN113141366B (en) | Message submitting method and device, storage medium and electronic equipment | |
| CN111984964B (en) | Selenium-based web application decryption method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |