CN117251856A - Vulnerability processing method, device and equipment based on web site - Google Patents

Vulnerability processing method, device and equipment based on web site Download PDF

Info

Publication number
CN117251856A
CN117251856A CN202311230313.1A CN202311230313A CN117251856A CN 117251856 A CN117251856 A CN 117251856A CN 202311230313 A CN202311230313 A CN 202311230313A CN 117251856 A CN117251856 A CN 117251856A
Authority
CN
China
Prior art keywords
vulnerability
web site
scanning
report
processing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311230313.1A
Other languages
Chinese (zh)
Inventor
肖坚炜
肖建林
杨磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Anluo Technology Co ltd
Original Assignee
Shenzhen Anluo Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Anluo Technology Co ltd filed Critical Shenzhen Anluo Technology Co ltd
Priority to CN202311230313.1A priority Critical patent/CN117251856A/en
Publication of CN117251856A publication Critical patent/CN117251856A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a vulnerability processing method, device and equipment based on a web site, wherein the method comprises the following steps: obtaining a target web site list to be scanned for vulnerability scanning; respectively generating corresponding vulnerability scanning results according to different sites of the target web site list; matching the vulnerability scanning result with a vulnerability processing strategy of a preset vulnerability strategy library to generate a vulnerability processing suggestion; generating a vulnerability report to be examined and approved based on the vulnerability processing suggestion and the vulnerability scanning result; analyzing and verifying the vulnerability report to be examined and approved based on an AI technology to form a vulnerability report to be manually checked; and obtaining an artificial verification result of the vulnerability report to be manually verified, and generating a target vulnerability detection report according to the artificial verification result. The embodiment of the invention can realize batch scanning analysis on the web site and provide a proposal solution for repairing the loopholes according to the scanning result; generating detailed vulnerability reports provides convenience for users to fix web vulnerabilities.

Description

Vulnerability processing method, device and equipment based on web site
Technical Field
The present invention relates to the field of network security technologies, and in particular, to a method, an apparatus, and a device for vulnerability processing based on a web site.
Background
web vulnerabilities are typically vulnerabilities on website programs, and may be caused by reasons such as inadequacies considered by a code writer when writing code, and common web vulnerabilities include Sql injection, xss vulnerabilities, uploading vulnerabilities, and the like. If web vulnerabilities exist in the website and the web vulnerabilities are utilized by hacker attackers, the attacker can easily control the whole website, further give authority to acquire the authority of a server of the website, control the whole server and threaten the information security of users.
In the prior art, when the loopholes of the web site are scanned, detailed data of the loopholes cannot be analyzed in time, so that a loophole repairing suggestion cannot be generated, and inconvenience is brought to a user in repairing the loopholes.
Accordingly, the prior art is still in need of improvement and development.
Disclosure of Invention
In view of the shortcomings of the prior art, the invention aims to provide a vulnerability processing method, device and equipment based on a web site, and aims to solve the technical problems that detailed data of a vulnerability cannot be analyzed in time when the vulnerability of the web site is scanned in the prior art, so that a vulnerability restoration suggestion cannot be generated, and inconvenience is brought to a user in restoring the vulnerability.
The technical scheme of the invention is as follows:
a web site-based vulnerability processing method, the method comprising:
obtaining a target web site list to be scanned, and performing vulnerability scanning on the target web site list;
respectively generating corresponding vulnerability scanning results according to different sites of the target web site list;
matching the vulnerability scanning result with a vulnerability processing strategy of a preset vulnerability strategy library to generate a vulnerability processing suggestion;
generating a vulnerability report to be examined and approved based on the vulnerability processing suggestion and the vulnerability scanning result;
analyzing and verifying the vulnerability report to be checked based on an AI technology to form a vulnerability report to be checked manually;
and obtaining an artificial verification result of the vulnerability report to be manually verified, and generating a target vulnerability detection report according to the artificial verification result.
Further, the obtaining the target web site list to be scanned, before performing vulnerability scanning on the target web site list, includes:
and selecting a corresponding vulnerability scanning tool in advance according to vulnerability scanning requirements.
Further preferably, the obtaining a target web site list to be scanned, and performing vulnerability scanning on the target web site list includes:
acquiring a web site list or a specified web address range of a target to be scanned, and acquiring a target web site list according to the web site list or the specified web address range of the target to be scanned;
and performing vulnerability scanning on the target web site list according to the vulnerability scanning tool.
Further preferably, the generating the vulnerability processing suggestion according to matching the vulnerability scanning result with a vulnerability processing policy of a preset vulnerability policy library includes:
obtaining the vulnerability type and the corresponding security risk of the web vulnerability in the vulnerability scanning result;
matching the vulnerability type of the web vulnerability and the corresponding security risk with a vulnerability processing strategy of a preset vulnerability strategy library;
and if the vulnerability processing strategy is matched with the corresponding vulnerability processing strategy, generating vulnerability processing suggestions according to the vulnerability processing strategy.
Preferably, the AI-based technology analyzes and verifies the vulnerability report to be examined and approved to form a vulnerability report to be manually checked, including:
simulating a sandbox service based on an AI technology, wherein the sandbox is used for deploying web services and components with holes; repairing web services in the sandboxes based on the vulnerability processing suggestions;
performing vulnerability scanning on the repaired web service;
and forming a vulnerability report to be manually verified according to the vulnerability scanning result.
Further, according to the scanning result, forming a vulnerability report to be manually verified, including:
obtaining a vulnerability scanning result;
if the vulnerability scanning result is that the corresponding vulnerability is not scanned, verifying that the vulnerability processing suggestion is an effective repairing scheme, and forming a vulnerability report to be manually verified according to the verification result;
and if the vulnerability scanning result is that the corresponding vulnerability is scanned, verifying that the vulnerability processing suggestion is an invalid repair scheme, and forming a vulnerability report to be manually verified according to the verification result.
Further, the generating, according to the different sites of the target web site list, the corresponding vulnerability scanning result includes:
and respectively generating one-to-one vulnerability scanning results according to different sites of the target web site list, wherein the vulnerability scanning results comprise vulnerability scanning summary information, a vulnerability list, vulnerability detail data, vulnerability scanning data, vulnerability risk analysis information and vulnerability repair suggestions.
Another embodiment of the present invention provides a vulnerability processing device based on a web site, the device including:
the vulnerability scanning module is used for acquiring a target web site list to be scanned and carrying out vulnerability scanning on the target web site list;
the vulnerability scanning result generation module is used for respectively generating corresponding vulnerability scanning results according to different sites of the target web site list;
the vulnerability matching module is used for matching with a vulnerability processing strategy of a preset vulnerability strategy library according to a vulnerability scanning result to generate a vulnerability processing suggestion;
the vulnerability report generation module is used for generating a vulnerability report to be examined and approved based on the vulnerability processing suggestion and the vulnerability scanning result;
the AI processing module is used for analyzing and verifying the vulnerability report to be examined and approved based on an AI technology to form a vulnerability report to be manually checked and approved;
and the vulnerability detection report synthesis module is used for acquiring the artificial verification result of the vulnerability report to be manually verified and generating a target vulnerability detection report according to the artificial verification result.
Another embodiment of the present invention provides a web site-based vulnerability processing apparatus, the apparatus comprising at least one processor; the method comprises the steps of,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the web site-based vulnerability processing method described above.
Another embodiment of the present invention also provides a non-volatile computer-readable storage medium storing computer-executable instructions that, when executed by one or more processors, cause the one or more processors to perform the web site-based vulnerability processing method described above.
The beneficial effects are that: the embodiment of the invention can realize batch scanning analysis on the web site and provide a proposal solution for repairing the loopholes according to the scanning result; generating detailed vulnerability reports provides convenience for users to fix web vulnerabilities.
Drawings
The invention will be further described with reference to the accompanying drawings and examples, in which:
FIG. 1 is a flowchart of a vulnerability processing method based on web sites according to a preferred embodiment of the present invention;
FIG. 2 is a schematic diagram of functional modules of a vulnerability processing apparatus based on a web site according to a preferred embodiment of the present invention;
FIG. 3 is a schematic hardware diagram of a vulnerability processing device based on a web site according to a preferred embodiment of the present invention.
Detailed Description
The present invention will be described in further detail below in order to make the objects, technical solutions and effects of the present invention more clear and distinct. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
Embodiments of the present invention are described below with reference to the accompanying drawings.
Referring to fig. 1, fig. 1 is a flowchart of a preferred embodiment of a vulnerability processing method based on a web site. As shown in fig. 1, it comprises the steps of:
step S100, acquiring a target web site list to be scanned, and performing vulnerability scanning on the target web site list;
step 200, respectively generating corresponding vulnerability scanning results according to different sites of the target web site list;
step S300, matching the vulnerability scanning result with a vulnerability processing strategy of a preset vulnerability strategy library to generate a vulnerability processing suggestion;
step S400, generating a vulnerability report to be examined and approved based on the vulnerability processing suggestion and the vulnerability scanning result;
step S500, analyzing and verifying the vulnerability report to be examined and approved based on an AI technology to form a vulnerability report to be manually checked and approved;
and S600, acquiring an artificial verification result of the vulnerability report to be manually verified, and generating a target vulnerability detection report according to the artificial verification result.
In specific implementation, the embodiment of the invention selects a proper vulnerability scanning tool according to requirements and preferences; acquiring a target web site list corresponding to a web site to be scanned, scanning vulnerabilities of the target web site list according to a vulnerability scanning tool, generating a report according to a scanned vulnerability result, and reporting and listing discovered vulnerabilities and security risks;
according to the discovered loopholes and the security risks, matching is automatically carried out with a preset loophole strategy library, so as to form a proposal solution for different loopholes and security risks; automatically updating a detection report after the solution is matched, and generating a vulnerability report to be approved;
analyzing and verifying the loopholes and the repairing scheme of the loopholes through an AI technology to form a report to be verified manually; and manually checking and analyzing the report according to the AI verification result, generating an artificial verification result, and generating a final target vulnerability detection report according to the artificial verification result.
In the artificial checking step, a technician further checks the report according to the AI check result, and firstly checks summary information of the report, such as the number of loopholes, severity level and suggested repair scheme; verifying the existence of the vulnerability, and a technician verifies whether the vulnerability listed in the report can be successfully utilized by attempting to simulate an attack on the affected system; and (3) carrying out further analysis on the loopholes with lower risks by technicians, analyzing the potential joint utilization risks, and finally forming a final detection report.
Further, acquiring a target web site list to be scanned, and before performing vulnerability scanning on the target web site list, including:
and selecting a corresponding vulnerability scanning tool in advance according to vulnerability scanning requirements.
In particular implementations, suitable vulnerability scanning tools are selected according to requirements and preferences, including but not limited to Nessus, openVAS, nikto, etc. Wherein,
nessus is a commercial vulnerability scanning tool that provides comprehensive vulnerability identification and assessment functions. It has a powerful vulnerability library and supports scanning of a variety of operating systems and applications. Nessus provides a user-friendly interface and report generation functionality, and may be configured and customized at a high level;
OpenVAS is a free and open-source vulnerability scanning framework, a branch item of Nessus (based on the Nessus 2.X version), and thus has a functional similarity. OpenVAS provides the ability to scan target hosts and also has a vulnerability library to detect various security vulnerabilities;
nikto is a vulnerability scanning tool focused on Web applications. It is mainly used for finding and evaluating common loopholes on Web servers, such as configuration errors, sensitive file exposure, backup files, etc. Nikto supports a variety of Web server and Web application technologies and provides detailed reports.
Further, obtaining a target web site list to be scanned, and performing vulnerability scanning on the target web site list, including:
acquiring a web site list or a specified web address range of a target to be scanned, and acquiring a target web site list according to the web site list or the specified web address range of the target to be scanned;
and performing vulnerability scanning on the target web site list according to the vulnerability scanning tool.
In the implementation, a target web site list is generated by providing a list of scanning targets or designating an address range, and a plurality of target sites in the target web site list are submitted to a scanning tool in batches;
and starting a scanning tool to scan the loopholes, and automatically sending a request and analyzing the loopholes of the website by the tool.
Further, matching is performed according to the vulnerability scanning result and a vulnerability processing strategy of a preset vulnerability strategy library, and a vulnerability processing suggestion is generated, which comprises the following steps:
obtaining the vulnerability type and the corresponding security risk of the web vulnerability in the vulnerability scanning result;
matching the vulnerability type of the web vulnerability and the corresponding security risk with a vulnerability processing strategy of a preset vulnerability strategy library;
and if the vulnerability processing strategy is matched with the corresponding vulnerability processing strategy, generating vulnerability processing suggestions according to the vulnerability processing strategy.
When the method is implemented, after scanning is completed, the tool respectively generates reports according to different sites, and the discovered loopholes and security risks are listed; according to the discovered loopholes and the security risks, the system automatically matches with a loophole strategy library to form a proposal solution for different loopholes and security risks, and a user can repair or alleviate the discovered loopholes according to the proposal in the report.
Policy library examples:
1. operating system vulnerabilities: detecting a lack of an operating system patch, a known operating system vulnerability, such as a heart bleed vulnerability (heart bleed) or a perpetual blue (EternalBlue) vulnerability;
2. web application vulnerabilities: common Web application vulnerabilities are detected, such as cross site scripting attack (XSS), SQL injection, command injection, etc.;
3. unauthorized access: detecting an unauthorized access to a sensitive directory, file or function, such as a default credential, a weak password or a problem of not configuring access control;
4. network service vulnerabilities: detecting security vulnerabilities and configuration errors existing in network services (e.g., FTP, SMTP, DNS, etc.), such as open anonymous access, weak encryption algorithm usage, etc.;
5. data leakage: detecting a leak condition of sensitive data in a system or network, such as unencrypted storage, unencrypted transmission, or improper access control;
6. malware: the presence of malicious code such as malware, viruses, trojans, etc. is detected and its potential risk to the system is determined.
Vulnerability and security risk corresponding policies are exemplified as follows:
1. SQL injection vulnerability policy:
input verification and filtering: the data input by the user is ensured to be correctly verified and filtered, and malicious SQL codes are prevented from being injected.
Using a precompiled statement: instead of directly concatenating SQL query statements, pre-compiled statement binding parameters are used to avoid injection attacks.
2. Cross-site scripting attack (XSS) vulnerability policy:
input verification and filtering: the data input by the user is ensured to be correctly verified and filtered, and the malicious script is prevented from being injected.
Output coding: when user data is output to a webpage, proper encoding is performed, and malicious scripts are prevented from being executed.
3. File upload vulnerability policy:
and (3) verifying file types: limiting the type of uploading files, only accepting legal file types, and carrying out strict verification and inspection on the files.
File processing rights: ensuring that the uploaded files are stored in a safe directory, and setting proper file authority to prevent malicious files from being executed.
4. XML external entity (XXE) vulnerability policy:
disabling entity resolution: resolving external entities is disabled or resolving only trusted entities is restricted.
Input verification: for an application program receiving XML data, input is strictly verified and filtered, and malicious entities are prevented from being injected.
5. Cross-site request forgery (CSRF) attack strategy:
random token: a unique token is generated for each user request and included in the form to verify that the submitted form is legitimate.
Reference examination: the reference header of the request is checked to ensure that the request originates from a legitimate web site.
Further, the vulnerability report to be approved is analyzed and verified based on an AI technology to form a vulnerability report to be manually verified, which comprises the following steps:
simulating a sandbox service based on an AI technology, wherein the sandbox is used for deploying web services and components with holes; repairing web services in the sandboxes based on the vulnerability processing suggestions;
performing vulnerability scanning on the repaired web service;
and forming a vulnerability report to be manually verified according to the vulnerability scanning result.
In specific implementation, AI mainly handles vulnerability analysis and verification of some common services or components, and the specific implementation manner is as follows:
AI simulates a sandbox service by deploying related services and leaky components in the sandbox; upgrading or repairing the service or the component in the sandbox according to the vulnerability repairing scheme; performing vulnerability scanning on the simulation service or the components in the sandbox after the upgrading or repairing is completed; and obtaining a vulnerability report to be manually verified according to the scanning result.
By using the AI technology to analyze and verify the loopholes and the repair scheme of the loopholes, a report to be manually verified is formed, so that the workload of manual verification is reduced.
Further, according to the scanning result, forming a vulnerability report to be manually verified, including:
obtaining a vulnerability scanning result;
if the vulnerability scanning result is that the corresponding vulnerability is not scanned, verifying that the vulnerability processing suggestion is an effective repairing scheme, and forming a vulnerability report to be manually verified according to the verification result;
and if the vulnerability scanning result is that the corresponding vulnerability is scanned, verifying that the vulnerability processing suggestion is an invalid repair scheme, and forming a vulnerability report to be manually verified according to the verification result.
In the specific implementation, if the vulnerability scanning result is that the scanning is completed and the corresponding vulnerability is not scanned, the vulnerability is indicated as an effective repairing scheme; after verification is completed, generating a verified scheme and a scheme list to be manually verified;
and if the vulnerability scanning result is that scanning is completed and the corresponding vulnerability is scanned, indicating that the vulnerability is an invalid repairing scheme, and generating a verified scheme and a scheme list to be manually verified after verification is completed.
Further, generating corresponding vulnerability scanning results according to different sites of the target web site list respectively, including:
and respectively generating one-to-one vulnerability scanning results according to different sites of the target web site list, wherein the vulnerability scanning results comprise vulnerability scanning summary information, a vulnerability list, vulnerability detail data, vulnerability scanning data, vulnerability risk analysis information and vulnerability repair suggestions.
In the implementation, according to different sites of the target web site list, one-to-one vulnerability scanning results are respectively generated, wherein the vulnerability scanning results comprise vulnerability scanning summary information, a vulnerability list, vulnerability detail data, vulnerability scanning data, vulnerability risk analysis information and vulnerability restoration suggestions.
Vulnerability scanning summary information: providing an overall summary of the scan, including information on scan targets, scan times, and scanner versions;
list of vulnerabilities: all vulnerabilities and security issues found during the scan are listed. Each vulnerability typically includes a vulnerability name, severity, CVE number (if applicable), detailed description, and recommended repair measures;
vulnerability detail data: providing more detailed information for each vulnerability, including an influence range, an attack vector, a verification method, an availability description and the like;
vulnerability scanning data: providing technical data about the scanning process and results, such as IP address, port status, protocol information, service version, etc.;
vulnerability risk analysis information: carrying out overall analysis according to the scanning result and the vulnerability severity, and indicating the vulnerability with the highest risk and suggesting the problem to be solved preferentially;
vulnerability restoration suggestions: specific repair suggestions are provided for each vulnerability, including patches, configuration modifications, security settings, and reinforcement measures, etc.
According to the method, the device and the system, the vulnerability distribution situation and vulnerability statistical data of each unit and enterprise can be presented, so that a user can quickly know the vulnerability situation of each dimension; automatically obtaining a vulnerability scanning report through batch scanning sites; and the safety expert carries out online quick verification, so that the accuracy of a user receiving a report is ensured.
It should be noted that, there is not necessarily a certain sequence between the steps, and those skilled in the art will understand that, in different embodiments, the steps may be performed in different orders, that is, may be performed in parallel, may be performed interchangeably, or the like.
Another embodiment of the present invention provides a vulnerability processing device based on a web site, as shown in fig. 2, the device 1 includes:
the vulnerability scanning module 11 is configured to obtain a target web site list to be scanned, and perform vulnerability scanning on the target web site list;
the vulnerability scanning result generation module 12 is configured to generate corresponding vulnerability scanning results according to different sites of the target web site list;
the vulnerability matching module 13 is configured to match a vulnerability scanning result with a vulnerability processing policy of a preset vulnerability policy library to generate a vulnerability processing suggestion;
a vulnerability report generating module 14, configured to generate a vulnerability report to be approved based on the vulnerability processing suggestion and the vulnerability scanning result;
the AI processing module 15 is configured to analyze and verify the vulnerability report to be examined and approved based on AI technology, so as to form a vulnerability report to be manually checked and approved;
and the vulnerability detection report synthesis module 16 is configured to obtain an artificial verification result of the vulnerability report to be manually verified, and generate a target vulnerability detection report according to the artificial verification result.
The specific implementation is shown in the method embodiment, and will not be described herein.
Further, the apparatus further comprises a scan tool selection module for:
and selecting a corresponding vulnerability scanning tool in advance according to vulnerability scanning requirements.
The specific implementation is shown in the method embodiment, and will not be described herein.
Further, the vulnerability scanning module 11 is specifically configured to:
acquiring a web site list or a specified web address range of a target to be scanned, and acquiring a target web site list according to the web site list or the specified web address range of the target to be scanned;
and performing vulnerability scanning on the target web site list according to the vulnerability scanning tool.
The specific implementation is shown in the method embodiment, and will not be described herein.
Further, the vulnerability matching module 13 is specifically configured to:
obtaining the vulnerability type and the corresponding security risk of the web vulnerability in the vulnerability scanning result;
matching the vulnerability type of the web vulnerability and the corresponding security risk with a vulnerability processing strategy of a preset vulnerability strategy library;
and if the vulnerability processing strategy is matched with the corresponding vulnerability processing strategy, generating vulnerability processing suggestions according to the vulnerability processing strategy.
The specific implementation is shown in the method embodiment, and will not be described herein.
Further, the AI processing module 15 is specifically configured to:
simulating a sandbox service based on an AI technology, wherein the sandbox is used for deploying web services and components with holes; repairing web services in the sandboxes based on the vulnerability processing suggestions;
performing vulnerability scanning on the repaired web service;
and forming a vulnerability report to be manually verified according to the vulnerability scanning result.
The specific implementation is shown in the method embodiment, and will not be described herein.
Further, the AI processing module 15 is further configured to:
obtaining a vulnerability scanning result;
if the vulnerability scanning result is that the corresponding vulnerability is not scanned, verifying that the vulnerability processing suggestion is an effective repairing scheme, and forming a vulnerability report to be manually verified according to the verification result;
and if the vulnerability scanning result is that the corresponding vulnerability is scanned, verifying that the vulnerability processing suggestion is an invalid repair scheme, and forming a vulnerability report to be manually verified according to the verification result.
The specific implementation is shown in the method embodiment, and will not be described herein.
Further, the vulnerability scanning result generation module 12 is specifically configured to:
and respectively generating one-to-one vulnerability scanning results according to different sites of the target web site list, wherein the vulnerability scanning results comprise vulnerability scanning summary information, a vulnerability list, vulnerability detail data, vulnerability scanning data, vulnerability risk analysis information and vulnerability repair suggestions.
The specific implementation is shown in the method embodiment, and will not be described herein.
Another embodiment of the present invention provides a vulnerability processing device based on a web site, as shown in FIG. 3, the device 10 includes:
one or more processors 110 and a memory 120, one processor 110 being illustrated in fig. 3, the processors 110 and the memory 120 being coupled via a bus or other means, the bus coupling being illustrated in fig. 3.
Processor 110 is used to complete the various control logic of device 10, which may be a general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA), a single-chip microcomputer, ARM (Acorn RISC Machine) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination of these components. Also, the processor 110 may be any conventional processor, microprocessor, or state machine. The processor 110 may also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
The memory 120 is used as a non-volatile computer readable storage medium, and can be used to store non-volatile software programs, non-volatile computer executable programs, and modules, such as program instructions corresponding to the web site-based vulnerability processing method in the embodiment of the present invention. The processor 110 performs various functional applications of the device 10 and data processing, i.e., implements the web site-based vulnerability processing method in the above-described method embodiments, by running non-volatile software programs, instructions, and units stored in the memory 120.
The memory 120 may include a storage program area that may store an operating device, an application program required for at least one function, and a storage data area; the storage data area may store data created from the use of the device 10, etc. In addition, memory 120 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid-state storage device. In some embodiments, memory 120 may optionally include memory located remotely from processor 110, which may be connected to device 10 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
One or more units are stored in memory 120 that, when executed by one or more processors 110, perform the web site-based vulnerability processing method in any of the method embodiments described above, e.g., perform method steps S100 through S600 in fig. 1 described above.
Embodiments of the present invention provide a non-transitory computer-readable storage medium storing computer-executable instructions for execution by one or more processors, e.g., to perform the method steps S100 through S600 of fig. 1 described above.
By way of example, nonvolatile storage media can include Read Only Memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically erasable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM), which acts as external cache memory. By way of illustration and not limitation, RAM may be available in many forms such as Synchronous RAM (SRAM), dynamic RAM, (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDR SDRAM), enhanced SDRAM (ESDRAM), synchl ink DRAM (SLDRAM), and Direct Rambus RAM (DRRAM). The disclosed memory components or memories of the operating environments described herein are intended to comprise one or more of these and/or any other suitable types of memory.
Another embodiment of the present invention provides a computer program product comprising a computer program stored on a non-transitory computer readable storage medium, the computer program comprising program instructions which, when executed by a processor, cause the processor to perform the web site based vulnerability processing method of the above method embodiments. For example, the above-described method steps S100 to S600 in fig. 1 are performed.
The embodiments described above are merely illustrative, wherein elements illustrated as separate elements may or may not be physically separate, and elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
From the above description of embodiments, it will be apparent to those skilled in the art that the embodiments may be implemented by means of software plus a general purpose hardware platform, or may be implemented by hardware. Based on such understanding, the foregoing technical solution may be embodied essentially or in a part contributing to the related art in the form of a software product, which may exist in a computer-readable storage medium such as ROM/RAM, a magnetic disk, an optical disk, etc., including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method of the respective embodiments or some parts of the embodiments.
Conditional language such as "capable," "energy," "possible," or "may," among others, is generally intended to convey that a particular embodiment can include (but other embodiments do not include) particular features, elements, and/or operations unless specifically stated otherwise or otherwise understood within the context as used. Thus, such conditional language is also generally intended to imply that features, elements and/or operations are in any way required for one or more embodiments or that one or more embodiments must include logic for deciding, with or without input or prompting, whether these features, elements and/or operations are included or are to be performed in any particular embodiment.
What has been described herein in this specification and the drawings includes examples of methods and apparatus capable of providing web-site based vulnerability processing. It is, of course, not possible to describe every conceivable combination of components and/or methodologies for purposes of describing the various features of the present disclosure, but it may be appreciated that many further combinations and permutations of the disclosed features are possible. It is therefore evident that various modifications may be made thereto without departing from the scope or spirit of the disclosure. Further, or in the alternative, other embodiments of the disclosure may be apparent from consideration of the specification and drawings, and practice of the disclosure as presented herein. It is intended that the examples set forth in this specification and figures be considered illustrative in all respects as illustrative and not limiting. Although specific terms are employed herein, they are used in a generic and descriptive sense only and not for purposes of limitation.

Claims (10)

1. A web site-based vulnerability processing method, the method comprising:
obtaining a target web site list to be scanned, and performing vulnerability scanning on the target web site list;
respectively generating corresponding vulnerability scanning results according to different sites of the target web site list;
matching the vulnerability scanning result with a vulnerability processing strategy of a preset vulnerability strategy library to generate a vulnerability processing suggestion;
generating a vulnerability report to be examined and approved based on the vulnerability processing suggestion and the vulnerability scanning result;
analyzing and verifying the vulnerability report to be checked based on an AI technology to form a vulnerability report to be checked manually;
and obtaining an artificial verification result of the vulnerability report to be manually verified, and generating a target vulnerability detection report according to the artificial verification result.
2. The web site-based vulnerability processing method of claim 1, wherein the obtaining a target web site list to be scanned, before performing vulnerability scanning on the target web site list, comprises:
and selecting a corresponding vulnerability scanning tool in advance according to vulnerability scanning requirements.
3. The web site-based vulnerability processing method of claim 2, wherein the obtaining a target web site list to be scanned, performing vulnerability scanning on the target web site list, comprises:
acquiring a web site list or a specified web address range of a target to be scanned, and acquiring a target web site list according to the web site list or the specified web address range of the target to be scanned;
and performing vulnerability scanning on the target web site list according to the vulnerability scanning tool.
4. The web site-based vulnerability processing method of claim 3, wherein the generating vulnerability processing suggestion according to the vulnerability scanning result matching with a vulnerability processing policy of a preset vulnerability policy library comprises:
obtaining the vulnerability type and the corresponding security risk of the web vulnerability in the vulnerability scanning result;
matching the vulnerability type of the web vulnerability and the corresponding security risk with a vulnerability processing strategy of a preset vulnerability strategy library;
and if the vulnerability processing strategy is matched with the corresponding vulnerability processing strategy, generating vulnerability processing suggestions according to the vulnerability processing strategy.
5. The web site-based vulnerability processing method of claim 4, wherein the AI-based technology analyzes and validates the vulnerability report to be approved to form a vulnerability report to be manually verified, comprising:
simulating a sandbox service based on an AI technology, wherein the sandbox is used for deploying web services and components with holes; repairing web services in the sandboxes based on the vulnerability processing suggestions;
performing vulnerability scanning on the repaired web service;
and forming a vulnerability report to be manually verified according to the vulnerability scanning result.
6. The web site-based vulnerability processing method of claim 5, wherein forming a vulnerability report to be manually verified according to the scanning result comprises:
obtaining a vulnerability scanning result;
if the vulnerability scanning result is that the corresponding vulnerability is not scanned, verifying that the vulnerability processing suggestion is an effective repairing scheme, and forming a vulnerability report to be manually verified according to the verification result;
and if the vulnerability scanning result is that the corresponding vulnerability is scanned, verifying that the vulnerability processing suggestion is an invalid repair scheme, and forming a vulnerability report to be manually verified according to the verification result.
7. The web site-based vulnerability processing method of claim 6, wherein the generating corresponding vulnerability scanning results according to different sites of the target web site list comprises:
and respectively generating one-to-one vulnerability scanning results according to different sites of the target web site list, wherein the vulnerability scanning results comprise vulnerability scanning summary information, a vulnerability list, vulnerability detail data, vulnerability scanning data, vulnerability risk analysis information and vulnerability repair suggestions.
8. A web site based vulnerability processing apparatus, the apparatus comprising:
the vulnerability scanning module is used for acquiring a target web site list to be scanned and carrying out vulnerability scanning on the target web site list;
the vulnerability scanning result generation module is used for respectively generating corresponding vulnerability scanning results according to different sites of the target web site list;
the vulnerability matching module is used for matching with a vulnerability processing strategy of a preset vulnerability strategy library according to a vulnerability scanning result to generate a vulnerability processing suggestion;
the vulnerability report generation module is used for generating a vulnerability report to be examined and approved based on the vulnerability processing suggestion and the vulnerability scanning result;
the AI processing module is used for analyzing and verifying the vulnerability report to be examined and approved based on an AI technology to form a vulnerability report to be manually checked and approved;
and the vulnerability detection report synthesis module is used for acquiring the artificial verification result of the vulnerability report to be manually verified and generating a target vulnerability detection report according to the artificial verification result.
9. A web site based vulnerability processing device, the device comprising at least one processor; the method comprises the steps of,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the web site-based vulnerability processing method of any one of claims 1-7.
10. A non-transitory computer-readable storage medium storing computer-executable instructions which, when executed by one or more processors, cause the one or more processors to perform the web-site based vulnerability processing method of any one of claims 1-7.
CN202311230313.1A 2023-09-21 2023-09-21 Vulnerability processing method, device and equipment based on web site Pending CN117251856A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311230313.1A CN117251856A (en) 2023-09-21 2023-09-21 Vulnerability processing method, device and equipment based on web site

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311230313.1A CN117251856A (en) 2023-09-21 2023-09-21 Vulnerability processing method, device and equipment based on web site

Publications (1)

Publication Number Publication Date
CN117251856A true CN117251856A (en) 2023-12-19

Family

ID=89130898

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311230313.1A Pending CN117251856A (en) 2023-09-21 2023-09-21 Vulnerability processing method, device and equipment based on web site

Country Status (1)

Country Link
CN (1) CN117251856A (en)

Similar Documents

Publication Publication Date Title
US11170097B1 (en) Secure authentication server for smart contract
Ma et al. Cdrep: Automatic repair of cryptographic misuses in android applications
de Carnavalet et al. Killed by proxy: Analyzing client-end TLS interception software
US10523701B2 (en) Automated configuration of application firewalls
Khera et al. Analysis and impact of vulnerability assessment and penetration testing
Shah et al. An overview of vulnerability assessment and penetration testing techniques
US8800042B2 (en) Secure web application development and execution environment
Yang et al. Model-based security testing: An empirical study on oauth 2.0 implementations
US20150121532A1 (en) Systems and methods for defending against cyber attacks at the software level
CN107004092B (en) Control device and method for network and vulnerability scanner
Zhang et al. Automatic detection of Java cryptographic API misuses: Are we there yet?
CN114065176A (en) Secure operation device, secure operation method, verifier, and device verification method
WO2014047147A1 (en) Certifying server side web applications against security vulnerabilities
Mahmood et al. Systematic threat assessment and security testing of automotive over-the-air (OTA) updates
KR101436404B1 (en) User authenticating method and apparatus
CN117251856A (en) Vulnerability processing method, device and equipment based on web site
KR102143511B1 (en) Security reliability management server for smart transaction
CN114978544A (en) Access authentication method, device, system, electronic equipment and medium
Bautista et al. Guide of principles and good practices for software security testing in web applications for a private sector company
Yoshida et al. Understanding the origins of weak cryptographic algorithms used for signing android apps
CN117951036B (en) User identification card security detection method, device and computer readable storage medium
de Carné de Carnavalet Last-Mile TLS Interception: Analysis and Observation of the Non-Public HTTPS Ecosystem
CN117648100B (en) Application deployment method, device, equipment and storage medium
Green An Evaluation of Two Host-Based Vulnerability Scanning Tools
US11816213B2 (en) System and method for improved protection against malicious code elements

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination