Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Script-based website vulnerability scanning method and system

A technology of website vulnerability and scanning method, applied in the fields of instruments, digital data processing, platform integrity maintenance, etc., can solve the problems of different detection methods, inability to expand rapidly, and lack of flexibility in configuration files, and achieve easy expansion, The effect of reducing the degree of coupling

Active Publication Date: 2014-12-10
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF4 Cites 37 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] But almost all scanners are faced with such problems: (1) there are many kinds of vulnerabilities, and the detection methods for different vulnerabilities are different. How can a scanner be reasonably designed to support various vulnerabilities to the greatest extent? (2) The Internet is a rapidly developing industry, and new website security vulnerabilities may appear at any time. How can the scanner be quickly expanded to support new vulnerability detection solutions?
But common configuration files are often inflexible, cannot be expanded quickly, and are not convenient for security researchers to use

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Script-based website vulnerability scanning method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] First of all, it should be explained that the present invention relates to network application security technology, which is an application of computer technology in the field of information security technology. During the implementation of the present invention, the application of multiple software function modules will be involved. The applicant believes that, after carefully reading the application documents and accurately understanding the realization principle and purpose of the present invention, combined with the existing known technology, those skilled in the art can fully implement the present invention by using their software programming skills. The aforementioned software function modules include but are not limited to: scanning engine module, vulnerability detection script module, etc. All mentioned in the application documents of the present invention belong to this category, and the applicant will not list them one by one.

[0040] Below in conjunction wit...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the field of network application security, and provides a script-based website vulnerability scanning method and system. The script-based website vulnerability scanning method comprises the steps of setting a website URL to be scanned, selecting security vulnerability types needing to be detected by a website, starting a scanning engine module, constructing and sending an HTTP request to the URL needing to be detected, receiving an HTTP response, storing all data into the scanning engine module, and respectively executing corresponding vulnerability detection script modules according to the security vulnerability types selected by a user. The website vulnerability scanning system comprises the scanning engine module and the vulnerability detection script modules. According to the script-based website vulnerability scanning method and system, vulnerability detection logic is separated from a scanning engine, the coupling degree of the vulnerability detection logic and the scanning engine is reduced, the vulnerability detection logic is achieved through a vulnerability detection script, and the scanning engine has the general basic function not special for vulnerabilities of a certain kind.

Description

technical field [0001] The invention relates to the field of network application security, in particular to a script-based website vulnerability scanning method and system. Background technique [0002] With the development of the Internet, various network applications emerge in an endless stream. While realizing various functions, various security loopholes are also introduced, which provides convenience for attackers. In response to the increasing demand for website security, many website vulnerability scanners have appeared. The scanners usually "crawl" the entire website according to the URL provided by the user, download the webpage, and then detect and analyze the content of the webpage to check whether there is any vulnerability in the webpage. There are loopholes. [0003] But almost all scanners are faced with such problems: (1) there are many kinds of vulnerabilities, and the detection methods for different vulnerabilities are different. How can a scanner be reaso...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57
CPCG06F21/577G06F2221/033
Inventor 林章峰高雪瑶王晓天范渊
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com