CN116956305A - Evaluation method, apparatus, device, medium and program product for penetration test - Google Patents

Evaluation method, apparatus, device, medium and program product for penetration test Download PDF

Info

Publication number
CN116956305A
CN116956305A CN202310773280.9A CN202310773280A CN116956305A CN 116956305 A CN116956305 A CN 116956305A CN 202310773280 A CN202310773280 A CN 202310773280A CN 116956305 A CN116956305 A CN 116956305A
Authority
CN
China
Prior art keywords
embedded
vulnerability
loopholes
penetration test
weight value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310773280.9A
Other languages
Chinese (zh)
Inventor
魏兴
旷亚和
战姝宇
范鑫禹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN202310773280.9A priority Critical patent/CN116956305A/en
Publication of CN116956305A publication Critical patent/CN116956305A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3684Test management for test design, e.g. generating new test cases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3688Test management for test execution, e.g. scheduling of test suites
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3692Test management for test results analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Quality & Reliability (AREA)
  • Computing Systems (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The present application relates to an evaluation method, apparatus, computer device, storage medium and computer program product for penetration testing, to the field of information security, and to the field of financial science and technology or other related fields. The method comprises the following steps: acquiring a vulnerability deployment instruction comprising a vulnerability testing range and vulnerability information; determining a first number of embedded areas according to the vulnerability testing range; determining loopholes, the number of the pre-buried loopholes and the type of the pre-buried loopholes in the pre-buried region according to the loophole information; performing vulnerability deployment operation on the first number of embedded regions according to the vulnerabilities of the embedded regions, the number of the embedded vulnerabilities and the types of the embedded vulnerabilities; performing penetration test under the condition that the target server in the embedded area has completed vulnerability deployment operation to obtain a test result; and evaluating the penetration test according to the test result, the first number of embedded areas, the first number of embedded holes and the type of the embedded holes. The quality of the penetration test result can be known by adopting the method.

Description

Evaluation method, apparatus, device, medium and program product for penetration test
Technical Field
The present application relates to the field of information security, and in particular to an evaluation method, an apparatus, a computer device, a storage medium and a computer program product for penetration testing.
Background
With the development of computer technology, a penetration test technology has emerged, and penetration test is a method for performing security assessment on a computer system, an application program, a network or a physical device, and by simulating hacking and penetration behaviors, existing vulnerabilities and security weaknesses are found, so that organizations can be helped to improve the security of the computer system, the application program, the network or the physical device.
However, the quality of the penetration test results cannot be known because of the fact that the risk problems cannot be predicted and the comparison of the historical penetration test results is meaningless.
Disclosure of Invention
In view of the foregoing, it is desirable to provide an evaluation method, apparatus, computer device, computer-readable storage medium, and computer program product for a penetration test that can understand the quality of the penetration test results.
In a first aspect, the present application provides an assessment method for a penetration test. The method comprises the following steps:
obtaining a vulnerability deployment instruction; the vulnerability deployment instruction comprises a vulnerability testing range and vulnerability information;
Determining a first number of embedded areas according to the vulnerability testing range; the embedded area comprises one or more target servers;
determining loopholes, the number of the embedded loopholes and the type of the embedded loopholes in the embedded area according to the loophole information;
performing vulnerability deployment operation on the first number of embedded regions according to the vulnerabilities of the embedded regions, the number of embedded vulnerabilities and the types of the embedded vulnerabilities;
performing penetration test under the condition that the target servers in the first number of embedded areas have completed vulnerability deployment operation, so as to obtain a test result; the test result comprises a loophole discovery area, the loophole discovery quantity and the loophole discovery type in the penetration test;
and evaluating the penetration test according to the test result, the first number of embedded areas, the first number of embedded holes and the type of the embedded holes.
In one embodiment, the vulnerability testing range includes the number of pre-buried regions and network information, and determining, according to the vulnerability testing range, the first number of pre-buried regions includes:
determining a plurality of target servers corresponding to the network information according to the network information;
And dividing the plurality of target servers into a first number of embedded areas according to the number of the embedded areas.
In one embodiment, the network information includes at least one of segment range or web address information; the network segment range is an IP address range; determining a plurality of target servers corresponding to the network information according to the network information,
under the condition that the network information comprises a network segment range, determining a target server corresponding to the IP address range according to the IP address range;
and under the condition that the network information comprises website information, determining a target server corresponding to the website information according to the website information.
In one embodiment, the evaluating the penetration test according to the test result, the first number of embedded regions, the number of embedded holes, and the type of embedded holes includes:
acquiring first identification information of pre-buried loopholes and second identification information of loopholes in a test result;
removing loopholes which are different from the identification information of the pre-buried loopholes in the test result according to the first identification information and the second identification information to obtain an actual test result, wherein the actual test result comprises a second number of loopholes, a third number of loophole areas and a fourth number of loophole types;
And evaluating the penetration test according to the actual test result, the first number of embedded areas, the number of embedded holes and the type of the embedded holes.
In one embodiment, the evaluating the penetration test according to the actual test result, the first number of embedded regions, the number of embedded holes, and the type of embedded holes includes:
acquiring a first preset weight value, a second preset weight value and a third preset weight value, wherein the first preset weight value is a weight value aiming at the number of loopholes; the second preset weight value is a weight value for the vulnerability area; the third preset weight value is a weight value aiming at the vulnerability type;
and evaluating the penetration test according to the first preset weight value, the second preset weight value, the third preset weight value, the actual test result, the first number of embedded areas, the number of embedded holes and the type of the embedded holes.
In one embodiment, the evaluating the penetration test according to the first preset weight value, the second preset weight value, the third preset weight value, the actual test result, the first number of pre-buried regions, the number of pre-buried holes, and the type of pre-buried holes includes:
Calculating a first score according to the third number of vulnerability areas and the first number of embedded areas;
calculating a second score according to the second number of holes and the pre-buried number of holes;
calculating a third score according to the fourth number of vulnerability types and the pre-buried vulnerability types;
and calculating the total score of the penetration test according to the first preset weight value, the second preset weight value, the third preset weight value, the first score, the second score and the third score, and evaluating the penetration test.
In one embodiment, determining an evaluation level of the penetration test according to the magnitude of the total score, the evaluation level including one of a first level, a second level, or a third level; and the corresponding penetration test effects of the first grade, the second grade and the third grade are sequentially reduced.
In a second aspect, the application also provides an evaluation device for penetration test. The device comprises:
the instruction acquisition module is used for acquiring the vulnerability deployment instruction; the vulnerability deployment instruction comprises a vulnerability testing range and vulnerability information;
the embedded region determining module is used for determining a first number of embedded regions according to the vulnerability testing range; the embedded area comprises one or more target servers;
The loophole information determining module is used for determining loopholes, the number of the embedded loopholes and the type of the embedded loopholes in the embedded area according to the loophole information;
the loophole deployment operation execution module is used for executing loophole deployment operation on the first number of embedded areas according to loopholes of the embedded areas, the number of the embedded loopholes and the type of the embedded loopholes;
the test result obtaining module is used for performing penetration test under the condition that the target servers in the first number of embedded areas have completed vulnerability deployment operation so as to obtain test results; the test result comprises a loophole discovery area, the loophole discovery quantity and the loophole discovery type in the penetration test;
and the penetration test evaluation module is used for evaluating the penetration test according to the test result, the first number of embedded areas, the first number of embedded holes and the type of the embedded holes.
In a third aspect, the present application also provides a computer device. The computer device comprises a memory storing a computer program and a processor which when executing the computer program performs the steps of:
Obtaining a vulnerability deployment instruction; the vulnerability deployment instruction comprises a vulnerability testing range and vulnerability information;
determining a first number of embedded areas according to the vulnerability testing range; the embedded area comprises one or more target servers;
determining loopholes, the number of the embedded loopholes and the type of the embedded loopholes in the embedded area according to the loophole information;
performing vulnerability deployment operation on the first number of embedded regions according to the vulnerabilities of the embedded regions, the number of embedded vulnerabilities and the types of the embedded vulnerabilities;
performing penetration test under the condition that the target servers in the first number of embedded areas have completed vulnerability deployment operation, so as to obtain a test result; the test result comprises a loophole discovery area, the loophole discovery quantity and the loophole discovery type in the penetration test;
and evaluating the penetration test according to the test result, the first number of embedded areas, the first number of embedded holes and the type of the embedded holes.
In a fourth aspect, the present application also provides a computer-readable storage medium. The computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of:
Obtaining a vulnerability deployment instruction; the vulnerability deployment instruction comprises a vulnerability testing range and vulnerability information;
determining a first number of embedded areas according to the vulnerability testing range; the embedded area comprises one or more target servers;
determining loopholes, the number of the embedded loopholes and the type of the embedded loopholes in the embedded area according to the loophole information;
performing vulnerability deployment operation on the first number of embedded regions according to the vulnerabilities of the embedded regions, the number of embedded vulnerabilities and the types of the embedded vulnerabilities;
performing penetration test under the condition that the target servers in the first number of embedded areas have completed vulnerability deployment operation, so as to obtain a test result; the test result comprises a loophole discovery area, the loophole discovery quantity and the loophole discovery type in the penetration test;
and evaluating the penetration test according to the test result, the first number of embedded areas, the first number of embedded holes and the type of the embedded holes.
In a fifth aspect, the present application also provides a computer program product. The computer program product comprises a computer program which, when executed by a processor, implements the steps of:
Obtaining a vulnerability deployment instruction; the vulnerability deployment instruction comprises a vulnerability testing range and vulnerability information;
determining a first number of embedded areas according to the vulnerability testing range; the embedded area comprises one or more target servers;
determining loopholes, the number of the embedded loopholes and the type of the embedded loopholes in the embedded area according to the loophole information;
performing vulnerability deployment operation on the first number of embedded regions according to the vulnerabilities of the embedded regions, the number of embedded vulnerabilities and the types of the embedded vulnerabilities;
performing penetration test under the condition that the target servers in the first number of embedded areas have completed vulnerability deployment operation, so as to obtain a test result; the test result comprises a loophole discovery area, the loophole discovery quantity and the loophole discovery type in the penetration test;
and evaluating the penetration test according to the test result, the first number of embedded areas, the first number of embedded holes and the type of the embedded holes.
The assessment method, the assessment device, the computer equipment, the storage medium and the computer program product for the penetration test acquire a vulnerability deployment instruction comprising a vulnerability test range and vulnerability information; determining a first number of embedded areas according to the vulnerability testing range; determining loopholes, the number of the pre-buried loopholes and the type of the pre-buried loopholes in the pre-buried region according to the loophole information; performing vulnerability deployment operation on the first number of embedded regions according to the vulnerabilities of the embedded regions, the number of the embedded vulnerabilities and the types of the embedded vulnerabilities; performing penetration test under the condition that the target servers in the first number of embedded areas have completed vulnerability deployment operation, so as to obtain a test result; and evaluating the penetration test according to the test result, the first number of embedded areas, the first number of embedded holes and the type of the embedded holes. By adopting the method, through the pre-buried loophole condition and the test result of the penetration test, the assessment of the penetration test is realized, the quality of the penetration test result is known, and the defect of the test capability in the penetration test is found out according to the assessment result, so as to help improve the penetration test capability of staff.
Drawings
FIG. 1 is an application environment diagram of an evaluation method for penetration testing in one embodiment;
FIG. 2 is a flow diagram of an evaluation method for penetration testing in one embodiment;
FIG. 3 is a block diagram of an evaluation for penetration testing in one embodiment;
FIG. 4 is a flow chart of an evaluation method for penetration testing in another embodiment;
FIG. 5 is a block diagram of an evaluation device for penetration testing in one embodiment;
fig. 6 is an internal structural diagram of a computer device in one embodiment.
Detailed Description
The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.
The assessment method for the penetration test provided by the embodiment of the application can be applied to an application environment shown in figure 1. Wherein the terminal 102 communicates with the server 104 via a network. The data storage system may store data that the server 104 needs to process. The data storage system may be integrated on the server 104 or may be located on a cloud or other network server.
The terminal 102 obtains a vulnerability deployment instruction comprising a vulnerability testing range and vulnerability information, and determines a first number of embedded areas from the server 104 according to the vulnerability testing range; determining loopholes of an embedded region, the number of the embedded loopholes and the type of the embedded loopholes according to the loophole information; performing vulnerability deployment operation on the first number of embedded regions according to the vulnerabilities of the embedded regions, the number of the embedded vulnerabilities and the types of the embedded vulnerabilities; performing penetration test under the condition that the target servers in the first number of embedded areas have completed vulnerability deployment operation, so as to obtain a test result; and evaluating the penetration test according to the test result, the first number of embedded areas, the first number of embedded holes and the type of the embedded holes.
The terminal 102 may be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, internet of things devices, and portable wearable devices, where the internet of things devices may be smart speakers, smart televisions, smart air conditioners, smart vehicle devices, and the like. The portable wearable device may be a smart watch, smart bracelet, headset, or the like. The server 104 may be implemented as a server cluster composed of a plurality of servers.
In one embodiment, as shown in FIG. 2, an evaluation method for penetration testing is provided, comprising the steps of:
step 202, obtaining a vulnerability deployment instruction; the vulnerability deployment instruction comprises a vulnerability testing range and vulnerability information.
Where a vulnerability is a defect in a particular implementation of hardware, software, protocols, or system security policy that may enable an attacker to access or destroy the system without authorization, is an unprotected entry point left by the mindset of a restricted computer, component, application, or other online resource.
The vulnerability deployment instruction may include a vulnerability test scope and vulnerability information. The vulnerability testing scope is used for determining vulnerability areas to be deployed. Vulnerability information may be used to determine information such as the type, number, etc. of vulnerabilities deployed.
Illustratively, in the case where deployment vulnerabilities are required to be tested, the vulnerability deployment instructions may be obtained.
In specific practice, test organization personnel can select vulnerabilities participating in the test from a vulnerability database and specify areas participating in the test to obtain vulnerability deployment instructions.
Step 204, determining a first number of pre-buried regions according to the vulnerability testing range; the embedded area comprises one or more target servers.
The first number may be determined based on the vulnerability test range or may be selected based on an empirical value. The pre-buried region includes a first or more target servers. Specifically, the number of the target servers corresponding to each embedded area may be the same or different.
In specific practice, for example, when the number of pre-buried areas is set to 4, there are an area a, an area B, an area C, and an area D, respectively, where the number of target servers in the area a may be 3, the number of target servers in the area B may be 4, the number of target servers in the area C may be 5, and the number of target servers in the area D may be 5.
And step 206, determining loopholes, the number of the pre-buried loopholes and the type of the pre-buried loopholes in the pre-buried region according to the loophole information.
Among them, vulnerabilities exist in a variety of types including, but not limited to, common Web application vulnerabilities, framework vulnerabilities, configuration vulnerabilities, operating system vulnerabilities. Specifically, the configuration loopholes comprise management account applications with weak passwords, and the common Web application loopholes comprise applications of file uploading loopholes and the like. The loopholes are stored in the loophole database, and the corresponding storage mode can be stored in a mirror image or virtual machine or application installation package mode.
Illustratively, determining the loopholes of the embedded region, the number of the embedded loopholes and the type of the embedded loopholes according to the loophole information.
And step 208, performing vulnerability deployment operation on the first number of embedded regions according to the vulnerabilities of the embedded regions, the number of embedded vulnerabilities and the type of the embedded vulnerabilities.
The vulnerability deployment operation is an operation of deploying the vulnerability to the embedded region. And deploying the loopholes in the target servers according to the storage mode of the loopholes and the environment of the target servers needing to deploy the loopholes.
Specifically, when the storage mode of the vulnerability is an application installation package, determining whether the current target server has a demand environment of the application installation package, if so, directly installing and deploying the vulnerability, and if not, firstly installing the demand environment of the application installation package and then deploying the vulnerability. If the target server has the virtual machine installation condition, the loopholes stored in the virtual machine mode are directly obtained from the loophole database. If the target server has a container running environment, the vulnerabilities stored in a mirrored manner can be directly from the vulnerability database.
In specific practice, the priority of configuration loopholes can be set according to different storage modes of the loopholes, so that the operation of deploying the loopholes is realized.
Step 210, performing a penetration test to obtain a test result when the target servers in the first number of embedded areas have completed the vulnerability deployment operation; the test results include the vulnerability discovery zone, the vulnerability discovery number, and the vulnerability discovery type in the penetration test.
The operation process of penetration test can be to collect information for a tester according to a server to be tested, mainly collect system and version information and the like, and then automatically scan attack ports and loopholes so as to obtain ports, services, loopholes and the like developed in the system.
The test results may include, among other things, the vulnerability discovery zone, the number of vulnerability discoveries, and the vulnerability discovery type in the penetration test.
Illustratively, in the case that the target servers in the first number of embedded areas have completed the vulnerability deployment operation, a penetration test is performed, so as to obtain a test result.
In specific practice, under the condition of completing vulnerability deployment operation, a tester performs penetration test by own experience, so as to obtain a test result.
And step 212, evaluating the penetration test according to the test result, the first number of embedded areas, the number of embedded holes and the type of the embedded holes.
The penetration test is evaluated based on the test result, the first number of embedded areas, the number of embedded holes and the type of the embedded holes.
In the above evaluation method for penetration test, a vulnerability deployment instruction including a vulnerability test range and vulnerability information is obtained; determining a first number of embedded areas according to the vulnerability testing range; determining loopholes, the number of the pre-buried loopholes and the type of the pre-buried loopholes in the pre-buried region according to the loophole information; performing vulnerability deployment operation on the first number of embedded regions according to the vulnerabilities of the embedded regions, the number of the embedded vulnerabilities and the types of the embedded vulnerabilities; performing penetration test under the condition that the target servers in the first number of embedded areas have completed vulnerability deployment operation, so as to obtain a test result; and evaluating the penetration test according to the test result, the first number of embedded areas, the first number of embedded holes and the type of the embedded holes. By adopting the method, through the pre-buried loophole condition and the test result of the penetration test, the assessment of the penetration test is realized, the quality of the penetration test result is known, and the defect of the test capability in the penetration test is found out according to the assessment result, so as to help improve the penetration test capability of staff.
In one embodiment, the vulnerability testing range includes the number of pre-buried regions and network information, and step 204 includes:
step 2042, determining a plurality of target servers corresponding to the network information according to the network information.
The vulnerability testing range may include the number of pre-buried regions and network information. The network information is used to determine the target server.
And 2044, dividing the plurality of target servers into a first number of embedded areas according to the number of the embedded areas.
The number of the embedded areas is equal to the first number.
Illustratively, after determining the target servers, the plurality of target servers are divided into a first number of pre-buried regions according to the number of pre-buried regions. The target servers with similar network information can be divided into the same area. Specifically, the division of the target servers is determined based on actual situations, and the present invention is not limited herein.
In the above embodiment, according to the network information, the plurality of target servers are determined, so that according to the number of pre-buried areas, the plurality of target servers are divided into the first number of pre-buried areas, so that the determination of the pre-buried areas of the loopholes is realized, the penetration test is performed, the assessment of the penetration test is realized through the pre-buried situations of the loopholes and the test results of the penetration test, the quality of the penetration test results is known, and the defect of the test capability in the penetration test is found according to the assessment results, so as to help to improve the penetration test capability of staff.
In one embodiment, the network information includes at least one of segment range or web address information; the network segment range is an IP address range; step 2044, comprising: under the condition that the network information comprises a network segment range, determining a target server corresponding to the IP address range according to the IP address range; and under the condition that the network information comprises website information, determining a target server corresponding to the website information according to the website information.
Wherein the network information may include at least one of a network segment range or a website information; the network segment range may be an IP address range, and the website information may be IP address information.
In the above embodiment, under the condition that the network information includes the network segment range, the target server corresponding to the IP address range is determined according to the IP address range. Under the condition that the network information comprises the website information, determining a target server corresponding to the website information according to the website information, determining the target server, and accordingly deploying holes on the target server to perform penetration test, evaluating the penetration test according to the pre-buried hole condition and the test result of the penetration test, knowing the quality of the penetration test result, and finding out defects of testing capability in the penetration test according to the evaluation result to help improve the penetration testing capability of staff.
In one embodiment, step 212 includes:
step 2122, obtaining first identification information of the pre-buried loopholes and second identification information of the loopholes in the test result;
step 2124, removing vulnerabilities different from the pre-buried vulnerability identification information in the test result according to the first identification information and the second identification information to obtain an actual test result, wherein the actual test result comprises a second number of vulnerabilities, a third number of vulnerability areas and a fourth number of vulnerability types;
step 2126, evaluating the penetration test according to the actual test result, the first number of embedded regions, the number of embedded holes and the type of the embedded holes.
Wherein, the vulnerability exists with identification information, which can be a unique identifier.
By way of example, the first identification information of the pre-buried loophole and the second identification information of the loophole in the test result are compared to remove loopholes different from the identification information of the pre-buried loophole in the test result, so that an actual test result is obtained.
In the above embodiment, by acquiring the first identification information of the pre-buried loopholes and the second identification information in the test result, the loopholes different from the identification information of the pre-buried loopholes are removed, so that the actual test result is obtained, the interference data are removed, the penetration test is comprehensively evaluated according to the three dimensions of the area, the number of the loopholes and the type of the loopholes, the quality of the penetration test result is known, and the defect of the test capability in the penetration test is found, so that the penetration test capability of staff is improved.
In one embodiment, the evaluating the penetration test according to the actual test result, the first number of embedded regions, the number of embedded holes, and the type of embedded holes includes:
acquiring a first preset weight value, a second preset weight value and a third preset weight value, wherein the first preset weight value is a weight value aiming at the number of loopholes; the second preset weight value is a weight value for the vulnerability area; the third preset weight value is a weight value aiming at the vulnerability type;
and evaluating the penetration test according to the first preset weight value, the second preset weight value, the third preset weight value, the actual test result, the first number of embedded areas, the number of embedded holes and the type of the embedded holes.
The first preset weight value may be a weight value for the vulnerability number; the second preset weight value is a weight value aiming at the vulnerability area; the third preset weight value is a weight value aiming at the vulnerability type; the sum of the first preset weight value, the second preset weight value and the third preset weight value can be 1, and the magnitudes of the first preset weight value, the second preset weight value and the third preset weight value are all larger than 0. Specifically, the magnitudes of the first preset weight value, the second preset weight value, and the third preset weight value may be set based on actual situations, which is not limited herein.
In the above embodiment, the first preset weight value is a weight value for the number of vulnerabilities; the second preset weight value is a weight value aiming at the vulnerability area; the third preset weight value is a weight value aiming at the vulnerability type; according to the three dimensions of the area, the number of the loopholes and the type of the loopholes, the comprehensive assessment of the penetration test is realized, and the quality of the penetration test result is known, so that the defect of the testing capability in the penetration test is found out, and the penetration test capability of staff is improved.
In one embodiment, the evaluating the penetration test according to the first preset weight value, the second preset weight value, the third preset weight value, the actual test result, the first number of pre-buried regions, the number of pre-buried holes, and the type of pre-buried holes includes:
calculating a first score according to the third number of vulnerability areas and the first number of embedded areas;
calculating a second score according to the second number of holes and the pre-buried number of holes;
calculating a third score according to the fourth number of vulnerability types and the pre-buried vulnerability types;
and calculating the total score of the penetration test according to the first preset weight value, the second preset weight value, the third preset weight value, the first score, the second score and the third score, and evaluating the penetration test.
Wherein the first score is a score for the vulnerability region. The second score is a score for the number of vulnerabilities. The third score is a score for the vulnerability type.
Specifically, the evaluation of the penetration test automatically generates an evaluation report, wherein the evaluation report comprises, but is not limited to, score information and test capability short-board information. The score information includes, but is not limited to, a total score for the penetration test, a first score, a second score, and a third score. The test capability short-board information comprises, but is not limited to, vulnerability type short-board information and vulnerability difficulty short-board information.
In specific practice, the test results of the penetration test corresponding to each type of vulnerability may be scored to determine whether the tester is able to test for this type of vulnerability. And setting scores according to the capability required by the vulnerability mining, and determining the test condition of the vulnerability of the tester with higher capability required by the penetration test, so as to find the penetration test capability of the tester.
In an example, if the pre-buried region is region a, region B, or region C. 10 holes are pre-buried in the area A, 8 holes are pre-buried in the area B, 12 holes are pre-buried in the area C, the deployed hole types comprise 15 kinds, a tester removes non-pre-buried holes in the process of performing penetration test, 9 holes exist in the area A, 8 holes exist in the area B, 10 holes exist in the area C, the accumulated deployed hole types comprise 12 kinds, the corresponding first score is 100, the second score is 90, the third score is 80, and then the total score is calculated based on the first score, the second score and the third score.
In the embodiment, according to the three dimensions of the area, the vulnerability number and the vulnerability type, the first score, the second score and the second score are calculated respectively, so that the total score of the penetration test is calculated, the penetration test is evaluated according to the total score, the penetration test is evaluated comprehensively, the quality of the penetration test result is known, and therefore the defect of testing capability in the penetration test is found, and the penetration test capability of staff is improved.
In one embodiment, the evaluating the penetration test comprises:
determining an evaluation grade of the penetration test according to the total score, wherein the evaluation grade comprises one of a first grade, a second grade or a third grade; and the corresponding penetration test effects of the first grade, the second grade and the third grade are sequentially reduced.
Wherein the evaluation level includes a first level, a second level, and a third level. The rating scale is determined based on the size of the total score. The first level is used for showing that the penetration test effect is excellent; the second level is used for showing that the penetration test effect is good; the third level is used for indicating that the penetration test effect is poor.
In the above embodiment, the evaluation grade of the penetration test is determined according to the total score, so that the penetration test is comprehensively evaluated, and the quality of the penetration test result is known, thereby finding out the defect of the test capability in the penetration test, and helping to improve the penetration test capability of staff.
Referring to FIG. 3, a block diagram illustrating evaluation for penetration testing in an embodiment of the present invention is shown, comprising: the system comprises a server and a plurality of servers, wherein the server comprises a vulnerability library module 302, a configuration module 304 and an evaluation module 306. Included in the server is an engine module 308.
And the vulnerability library module 302 is used for storing vulnerabilities and classifying and marking the vulnerabilities. Specifically, the vulnerability types include common Web application vulnerabilities, framework vulnerabilities, configuration vulnerabilities, operating system vulnerabilities, and the like.
The configuration module 304 is configured to configure the network scope and the selected vulnerability of the penetration test to generate a vulnerability deployment instruction, and send the vulnerability deployment instruction to the engine module 308. Specifically, which vulnerabilities and deployment network scope may be selected from the vulnerability library module 302, or a random extraction of part of the vulnerabilities may be employed to generate the vulnerability deployment instruction.
An evaluation module 306 for generating an evaluation report. Specifically, according to the test result of the penetration test of the tester and the pre-buried loophole situation, judging whether the loophole of the penetration test is fully found or not, and giving an evaluation report of the penetration test.
The engine module 308 is installed on a server within the penetration test range, and is configured to receive the vulnerability deployment instruction sent by the configuration module 304, and pull the corresponding vulnerability from the vulnerability library module 302 according to the server environment where the engine module is located and the vulnerability type to be deployed, so as to implement automatic deployment.
For a better understanding of the complete process of evaluation for penetration testing in an embodiment of the present invention, a complete example is described, referring to FIG. 4, which shows a schematic flow chart of an evaluation method for penetration testing in another embodiment, comprising the steps of:
step 402, obtaining a vulnerability deployment instruction; the vulnerability deployment instruction comprises a vulnerability testing range and vulnerability information.
Specifically, the vulnerability testing range includes the number of pre-buried regions and network information.
Step 404, determining a target server corresponding to the IP address range according to the IP address range when the network information includes the network segment range; and determining a target server corresponding to the website information according to the website information when the network information comprises the website information.
In step 406, the plurality of target servers are divided into a first number of pre-buried regions according to the number of pre-buried regions.
Step 408, determining loopholes of the embedded region, the number of the embedded loopholes and the type of the embedded loopholes according to the loophole information.
Step 410, performing vulnerability deployment operation on the first number of embedded regions according to the vulnerabilities of the embedded regions, the number of embedded vulnerabilities and the type of embedded vulnerabilities.
And step 412, performing a penetration test to obtain a test result when the target servers in the first number of embedded areas have completed the vulnerability deployment operation.
Specifically, the test results include the vulnerability discovery zone, the vulnerability discovery number, and the vulnerability discovery type in the penetration test.
Step 414, acquiring the first identification information of the pre-buried loophole and the second identification information of the loophole in the test result.
And step 416, removing loopholes which are different from the identification information of the pre-buried loopholes in the test result according to the first identification information and the second identification information, and obtaining an actual test result.
Specifically, the actual test result includes a second number of vulnerabilities, a third number of vulnerability regions, and a fourth number of vulnerability types;
step 418, acquiring a first preset weight value, a second preset weight value and a third preset weight value.
Specifically, the first preset weight value is a weight value for the vulnerability number; the second preset weight value is a weight value aiming at the vulnerability area; the third preset weight value is a weight value for the vulnerability type.
And step 420, evaluating the penetration test according to the first preset weight value, the second preset weight value, the third preset weight value, the actual test result, the first number of embedded areas, the first number of embedded holes and the first type of embedded holes.
In the embodiment, a vulnerability deployment instruction comprising a vulnerability testing range and vulnerability information is acquired; determining a first number of embedded areas according to the vulnerability testing range; determining loopholes, the number of the pre-buried loopholes and the type of the pre-buried loopholes in the pre-buried region according to the loophole information; performing vulnerability deployment operation on the first number of embedded regions according to the vulnerabilities of the embedded regions, the number of the embedded vulnerabilities and the types of the embedded vulnerabilities; performing penetration test under the condition that the target servers in the first number of embedded areas have completed vulnerability deployment operation, so as to obtain a test result; and evaluating the penetration test according to the test result, the first number of embedded areas, the first number of embedded holes and the type of the embedded holes. By adopting the method, through the pre-buried loophole condition and the test result of the penetration test, the assessment of the penetration test is realized, the quality of the penetration test result is known, and the defect of the test capability in the penetration test is found out according to the assessment result, so as to help improve the penetration test capability of staff.
It should be understood that, although the steps in the flowcharts related to the embodiments described above are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages.
Based on the same inventive concept, the embodiment of the application also provides an evaluation device for the penetration test, which is used for realizing the above-mentioned evaluation method for the penetration test. The implementation of the solution provided by the device is similar to the implementation described in the above method, so the specific limitations in one or more embodiments of the evaluation device for penetration test provided below can be referred to above for the limitations of the evaluation method for penetration test, and will not be repeated here.
In one embodiment, as shown in fig. 5, there is provided an evaluation device for a penetration test, comprising: an instruction acquisition module 502, an embedded region determination module 504, a vulnerability information determination module 506, a vulnerability deployment operation execution module 508, a test result obtaining module 510 and a penetration test evaluation module 512, wherein:
an instruction obtaining module 502, configured to obtain a vulnerability deployment instruction; the vulnerability deployment instruction comprises a vulnerability testing range and vulnerability information;
the pre-buried region determining module 504 is configured to determine a first number of pre-buried regions according to the vulnerability testing range; the embedded area comprises one or more target servers;
the vulnerability information determining module 506 is configured to determine, according to the vulnerability information, a vulnerability of the embedded region, an amount of embedded vulnerabilities, and an type of embedded vulnerabilities;
the vulnerability deployment operation execution module 508 is configured to execute vulnerability deployment operation on a first number of embedded regions according to the vulnerabilities of the embedded regions, the number of embedded vulnerabilities, and the type of embedded vulnerabilities;
a test result obtaining module 510, configured to perform a penetration test to obtain a test result when the target servers in the first number of embedded areas have completed the vulnerability deployment operation; the test result comprises a loophole discovery area, the loophole discovery quantity and the loophole discovery type in the penetration test;
And a penetration test evaluation module 512, configured to evaluate the penetration test according to the test result, the first number of embedded regions, the number of embedded holes, and the type of embedded holes.
In some embodiments, the vulnerability testing range includes the number of pre-buried regions and network information, and the pre-buried region determining module 504 includes:
the target server determining submodule is used for determining a plurality of target servers corresponding to the network information according to the network information;
and the embedded region dividing sub-module is used for dividing the plurality of target servers into a first number of embedded regions according to the number of the embedded regions.
In some embodiments, the network information includes at least one of segment scope or web address information; the network segment range is an IP address range; the target server determines a sub-module comprising:
a first target server determining unit, configured to determine, according to an IP address range, a target server corresponding to the IP address range, in a case where the network information includes a network segment range;
and the second target server determining unit is used for determining a target server corresponding to the website information according to the website information when the network information comprises the website information.
In some embodiments, the penetration test evaluation module 512 includes:
the identification information acquisition sub-module is used for acquiring first identification information of the pre-buried loopholes and second identification information of the loopholes in the test results;
the actual test result obtaining submodule is used for removing loopholes which are different from the identification information of the embedded loopholes in the test result according to the first identification information and the second identification information to obtain an actual test result, wherein the actual test result comprises a second number of loopholes, a third number of loophole areas and a fourth number of loophole types;
and the penetration test evaluation sub-module is used for evaluating the penetration test according to the actual test result, the first number of embedded areas, the number of embedded holes and the type of the embedded holes.
In some embodiments, the penetration test evaluation sub-module includes:
the vulnerability detection system comprises a preset weight value acquisition unit, a vulnerability detection unit and a vulnerability detection unit, wherein the preset weight value acquisition unit is used for acquiring a first preset weight value, a second preset weight value and a third preset weight value, wherein the first preset weight value is a weight value aiming at the vulnerability quantity; the second preset weight value is a weight value for the vulnerability area; the third preset weight value is a weight value aiming at the vulnerability type;
The penetration test evaluation unit is used for evaluating the penetration test according to the first preset weight value, the second preset weight value, the third preset weight value, the actual test result, the first number of embedded areas, the first number of embedded holes and the embedded hole type.
In some embodiments, the penetration test evaluation unit comprises:
a first score calculating subunit, configured to calculate a first score according to the third number of vulnerability areas and the first number of pre-buried areas;
a second score calculating subunit, configured to calculate a second score according to the second number of vulnerabilities and the pre-buried number of vulnerabilities;
a third score calculating subunit, configured to calculate a third score according to the fourth number of vulnerability types and the pre-buried vulnerability types;
and the penetration test evaluation subunit is used for calculating the total score of the penetration test according to the first preset weight value, the second preset weight value, the third preset weight value, the first score, the second score and the third score and evaluating the penetration test.
In some embodiments, a penetration test evaluation subunit configured to determine an evaluation level of the penetration test according to the magnitude of the total score, the evaluation level including one of a first level, a second level, or a third level; and the corresponding penetration test effects of the first grade, the second grade and the third grade are sequentially reduced.
The individual modules in the above-described evaluation device for penetration testing may be implemented in whole or in part by software, hardware, and combinations thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In one embodiment, a computer device is provided, which may be a terminal, and the internal structure of which may be as shown in fig. 6. The computer device includes a processor, a memory, an input/output interface, a communication interface, a display unit, and an input means. The processor, the memory and the input/output interface are connected through a system bus, and the communication interface, the display unit and the input device are connected to the system bus through the input/output interface. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The input/output interface of the computer device is used to exchange information between the processor and the external device. The communication interface of the computer device is used for carrying out wired or wireless communication with an external terminal, and the wireless mode can be realized through WIFI, a mobile cellular network, NFC (near field communication) or other technologies. The computer program is executed by a processor to implement an evaluation method for penetration testing.
The display unit of the computer device is used for forming a visual picture, and can be a display screen, a projection device or a virtual reality imaging device. The display screen can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, can also be a key, a track ball or a touch pad arranged on the shell of the computer equipment, and can also be an external keyboard, a touch pad or a mouse and the like.
It will be appreciated by those skilled in the art that the structure shown in FIG. 6 is merely a block diagram of some of the structures associated with the present inventive arrangements and is not limiting of the computer device to which the present inventive arrangements may be applied, and that a particular computer device may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.
In one embodiment, a computer device is provided comprising a memory and a processor, the memory having stored therein a computer program, the processor when executing the computer program performing the steps of:
obtaining a vulnerability deployment instruction; the vulnerability deployment instruction comprises a vulnerability testing range and vulnerability information;
determining a first number of embedded areas according to the vulnerability testing range; the embedded area comprises one or more target servers;
Determining loopholes, the number of the embedded loopholes and the type of the embedded loopholes in the embedded area according to the loophole information;
performing vulnerability deployment operation on the first number of embedded regions according to the vulnerabilities of the embedded regions, the number of embedded vulnerabilities and the types of the embedded vulnerabilities;
performing penetration test under the condition that the target servers in the first number of embedded areas have completed vulnerability deployment operation, so as to obtain a test result; the test result comprises a loophole discovery area, the loophole discovery quantity and the loophole discovery type in the penetration test;
and evaluating the penetration test according to the test result, the first number of embedded areas, the first number of embedded holes and the type of the embedded holes.
In one embodiment, a computer readable storage medium is provided having a computer program stored thereon, which when executed by a processor, performs the steps of:
obtaining a vulnerability deployment instruction; the vulnerability deployment instruction comprises a vulnerability testing range and vulnerability information;
determining a first number of embedded areas according to the vulnerability testing range; the embedded area comprises one or more target servers;
Determining loopholes, the number of the embedded loopholes and the type of the embedded loopholes in the embedded area according to the loophole information;
performing vulnerability deployment operation on the first number of embedded regions according to the vulnerabilities of the embedded regions, the number of embedded vulnerabilities and the types of the embedded vulnerabilities;
performing penetration test under the condition that the target servers in the first number of embedded areas have completed vulnerability deployment operation, so as to obtain a test result; the test result comprises a loophole discovery area, the loophole discovery quantity and the loophole discovery type in the penetration test;
and evaluating the penetration test according to the test result, the first number of embedded areas, the first number of embedded holes and the type of the embedded holes.
In one embodiment, a computer program product is provided comprising a computer program which, when executed by a processor, performs the steps of:
obtaining a vulnerability deployment instruction; the vulnerability deployment instruction comprises a vulnerability testing range and vulnerability information;
determining a first number of embedded areas according to the vulnerability testing range; the embedded area comprises one or more target servers;
Determining loopholes, the number of the embedded loopholes and the type of the embedded loopholes in the embedded area according to the loophole information;
performing vulnerability deployment operation on the first number of embedded regions according to the vulnerabilities of the embedded regions, the number of embedded vulnerabilities and the types of the embedded vulnerabilities;
performing penetration test under the condition that the target servers in the first number of embedded areas have completed vulnerability deployment operation, so as to obtain a test result; the test result comprises a loophole discovery area, the loophole discovery quantity and the loophole discovery type in the penetration test;
and evaluating the penetration test according to the test result, the first number of embedded areas, the first number of embedded holes and the type of the embedded holes.
It should be noted that, the user information (including but not limited to user equipment information, user personal information, etc.) and the data (including but not limited to data for analysis, stored data, presented data, etc.) related to the present application are information and data authorized by the user or sufficiently authorized by each party, and the collection, use and processing of the related data need to comply with the related laws and regulations and standards of the related country and region.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, database, or other medium used in embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high density embedded nonvolatile Memory, resistive random access Memory (ReRAM), magnetic random access Memory (Magnetoresistive Random Access Memory, MRAM), ferroelectric Memory (Ferroelectric Random Access Memory, FRAM), phase change Memory (Phase Change Memory, PCM), graphene Memory, and the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory, and the like. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like. The databases referred to in the embodiments provided herein may include at least one of a relational database and a non-relational database. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processor referred to in the embodiments provided in the present application may be a general-purpose processor, a central processing unit, a graphics processor, a digital signal processor, a programmable logic unit, a data processing logic unit based on quantum computing, or the like, but is not limited thereto.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The foregoing examples illustrate only a few embodiments of the application and are described in detail herein without thereby limiting the scope of the application. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the application, which are all within the scope of the application. Accordingly, the scope of the application should be assessed as that of the appended claims.

Claims (10)

1. An evaluation method for a penetration test, the method comprising:
obtaining a vulnerability deployment instruction; the vulnerability deployment instruction comprises a vulnerability testing range and vulnerability information;
determining a first number of embedded areas according to the vulnerability testing range; the embedded area comprises one or more target servers;
determining loopholes, the number of the embedded loopholes and the type of the embedded loopholes in the embedded area according to the loophole information;
Performing vulnerability deployment operation on the first number of embedded regions according to the vulnerabilities of the embedded regions, the number of embedded vulnerabilities and the types of the embedded vulnerabilities;
performing penetration test under the condition that the target servers in the first number of embedded areas have completed vulnerability deployment operation, so as to obtain a test result; the test result comprises a loophole discovery area, the loophole discovery quantity and the loophole discovery type in the penetration test;
and evaluating the penetration test according to the test result, the first number of embedded areas, the first number of embedded holes and the type of the embedded holes.
2. The method of claim 1, wherein the vulnerability testing range comprises a number of pre-buried regions and network information, and wherein the determining a first number of pre-buried regions from the vulnerability testing range comprises:
determining a plurality of target servers corresponding to the network information according to the network information;
and dividing the plurality of target servers into a first number of embedded areas according to the number of the embedded areas.
3. The method of claim 2, wherein the network information comprises at least one of segment range or web address information; the network segment range is an IP address range; determining a plurality of target servers corresponding to the network information according to the network information,
Under the condition that the network information comprises a network segment range, determining a target server corresponding to the IP address range according to the IP address range;
and under the condition that the network information comprises website information, determining a target server corresponding to the website information according to the website information.
4. The method of claim 1, wherein evaluating the penetration test based on the test result, a first number of pre-buried regions, a number of pre-buried vulnerabilities, and the type of pre-buried vulnerabilities comprises:
acquiring first identification information of pre-buried loopholes and second identification information of loopholes in a test result;
removing loopholes which are different from the identification information of the pre-buried loopholes in the test result according to the first identification information and the second identification information to obtain an actual test result, wherein the actual test result comprises a second number of loopholes, a third number of loophole areas and a fourth number of loophole types;
and evaluating the penetration test according to the actual test result, the first number of embedded areas, the number of embedded holes and the type of the embedded holes.
5. The method of claim 4, wherein evaluating the penetration test based on the actual test result, the first number of pre-buried regions, the number of pre-buried vulnerabilities, and the type of pre-buried vulnerabilities comprises:
Acquiring a first preset weight value, a second preset weight value and a third preset weight value, wherein the first preset weight value is a weight value aiming at the number of loopholes; the second preset weight value is a weight value for the vulnerability area; the third preset weight value is a weight value aiming at the vulnerability type;
and evaluating the penetration test according to the first preset weight value, the second preset weight value, the third preset weight value, the actual test result, the first number of embedded areas, the number of embedded holes and the type of the embedded holes.
6. The method of claim 5, wherein evaluating the present penetration test based on the first preset weight value, the second preset weight value, the third preset weight value, the actual test result, the first number of pre-buried regions, the number of pre-buried vulnerabilities, and the type of pre-buried vulnerabilities comprises:
calculating a first score according to the third number of vulnerability areas and the first number of embedded areas;
calculating a second score according to the second number of holes and the pre-buried number of holes;
Calculating a third score according to the fourth number of vulnerability types and the pre-buried vulnerability types;
and calculating the total score of the penetration test according to the first preset weight value, the second preset weight value, the third preset weight value, the first score, the second score and the third score, and evaluating the penetration test.
7. The method of claim 6, wherein said evaluating said penetration test comprises:
determining an evaluation grade of the penetration test according to the total score, wherein the evaluation grade comprises one of a first grade, a second grade or a third grade; and the corresponding penetration test effects of the first grade, the second grade and the third grade are sequentially reduced.
8. An evaluation device for penetration testing, the device comprising:
the instruction acquisition module is used for acquiring the vulnerability deployment instruction; the vulnerability deployment instruction comprises a vulnerability testing range and vulnerability information;
the embedded region determining module is used for determining a first number of embedded regions according to the vulnerability testing range; the embedded area comprises one or more target servers;
The loophole information determining module is used for determining loopholes, the number of the embedded loopholes and the type of the embedded loopholes in the embedded area according to the loophole information;
the loophole deployment operation execution module is used for executing loophole deployment operation on the first number of embedded areas according to loopholes of the embedded areas, the number of the embedded loopholes and the type of the embedded loopholes;
the test result obtaining module is used for performing penetration test under the condition that the target servers in the first number of embedded areas have completed vulnerability deployment operation so as to obtain test results; the test result comprises a loophole discovery area, the loophole discovery quantity and the loophole discovery type in the penetration test;
and the penetration test evaluation module is used for evaluating the penetration test according to the test result, the first number of embedded areas, the first number of embedded holes and the type of the embedded holes.
9. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor, when executing the computer program, implements the steps of the assessment method for penetration testing according to any one of claims 1 to 7.
10. A computer-readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the assessment method for penetration testing according to any one of claims 1 to 7.
CN202310773280.9A 2023-06-27 2023-06-27 Evaluation method, apparatus, device, medium and program product for penetration test Pending CN116956305A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310773280.9A CN116956305A (en) 2023-06-27 2023-06-27 Evaluation method, apparatus, device, medium and program product for penetration test

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310773280.9A CN116956305A (en) 2023-06-27 2023-06-27 Evaluation method, apparatus, device, medium and program product for penetration test

Publications (1)

Publication Number Publication Date
CN116956305A true CN116956305A (en) 2023-10-27

Family

ID=88450302

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310773280.9A Pending CN116956305A (en) 2023-06-27 2023-06-27 Evaluation method, apparatus, device, medium and program product for penetration test

Country Status (1)

Country Link
CN (1) CN116956305A (en)

Similar Documents

Publication Publication Date Title
KR102150742B1 (en) Automatic fraudulent digital certificate detection
WO2020181839A1 (en) Page data testing method, apparatus, computer device, and storage medium
CN107005438A (en) Non-intrusion type dynamically scalable network load generation
CN114244808B (en) Offline illegal external connection method and device based on passive inspection of non-client mode
CN109542764B (en) Webpage automatic testing method and device, computer equipment and storage medium
US20190354913A1 (en) Method and system for quantifying quality of customer experience (cx) of an application
CN114356631A (en) Fault positioning method and device, computer equipment and storage medium
CN115987570A (en) Safety detection method and device for supply chain management system
CN113553583A (en) Information system asset security risk assessment method and device
CN114401187B (en) Gray scale issuing method, device, computer equipment and storage medium
CN108280024B (en) Flow distribution strategy testing method and device and electronic equipment
CN114549849A (en) Image recognition method and device, computer equipment and storage medium
CN116956305A (en) Evaluation method, apparatus, device, medium and program product for penetration test
CN114826727A (en) Flow data acquisition method and device, computer equipment and storage medium
CN114006701A (en) Method, device and equipment for sharing name list and storage medium
CN110297625B (en) Application processing method and device
CN112506765A (en) Software testing method, device, equipment and storage medium
CN118018552B (en) Cluster service deployment method and device based on middleware and computer equipment
CN114726757B (en) Equipment networking test method, device, computer equipment and storage medium
CN117319022A (en) Vulnerability detection method, vulnerability detection device, computer equipment and storage medium
CN117130881A (en) Page performance testing method and device, computer equipment and storage medium
CN117149404A (en) Method, device, computer equipment and storage medium for allocating detection task resources
CN116781373A (en) Risk assessment method, apparatus, device, storage medium, and program product
CN115934521A (en) Method and device for acquiring standing book information of business application and computer equipment
CN117151717A (en) Device password modification method, device, computer device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination