Unlock instant, AI-driven research and patent intelligence for your innovation.

WEB vulnerability scanning method in support of dynamic expansion and scanner

A vulnerability scanning and vulnerability technology, applied in the field of WEB vulnerability scanning methods and scanners, can solve the problems of no dynamic expansion, poor system scalability, slow scanning speed, etc., to increase accuracy, reduce the number of invalid scans, and improve efficiency. Effect

Inactive Publication Date: 2016-12-14
HUNAN SHADAN TECH
View PDF5 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Common WEB vulnerability scanners may have the following problems: only one target can be tested for vulnerabilities at a time, and the scanning efficiency is low; all vulnerabilities can be detected for one target at the same time, the scanning speed is slow, and there are many invalid scans; the vulnerability library is integrated in In the scanner, once the vulnerability database information needs to be added, the scanner needs to be restarted, updated or even reinstalled to achieve this, and the system has poor scalability
Although this invention maximizes the use of bandwidth and other resources, it does not cause too much impact on the load of the scanned site; but this invention does not address dynamic expansion

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • WEB vulnerability scanning method in support of dynamic expansion and scanner
  • WEB vulnerability scanning method in support of dynamic expansion and scanner

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] Such as figure 1 Shown, a kind of WEB vulnerability scanning method that supports dynamic expansion of the present invention comprises the following steps,

[0025] Step S101: Vulnerability scanning initialization, the software management module of the scanning engine performs vulnerability scanning initialization; mainly loading configuration, generating management logs and starting and monitoring multiple scanning sub-threads, so that the vulnerability scanning module is called at the same time to respond to various scanning tasks, Greatly improved scanning efficiency.

[0026] Step S102: Respond to the vulnerability scanning task, respond to the scanning task through the task response module of the vulnerability scanning module, analyze the scanning task, obtain the scanning target address and the plug-in name corresponding to the vulnerability; after the initialization is completed, the scanning sub-thread responds to the scanning task through the task response modu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the technical field of network information security, and specifically relates to a WEB vulnerability scanning method in support of dynamic expansion. The method includes following steps: S101: vulnerability scanning initialization; S102: vulnerability scanning task response; S103: vulnerability information loading; S104: vulnerability information connection; and S105: vulnerability scanning result return. By employing the method and structure, each scanning only aims at one vulnerability so that the scanning accuracy is improved and the frequency of ineffective scanning is reduced; besides, the multi-thread concurrency technology is adopted so that multiple targets and multiple vulnerabilities can be simultaneously scanned, and the scanning efficiency is improved.

Description

technical field [0001] The invention relates to the technical field of network information security, in particular to a WEB vulnerability scanning method and a scanner supporting dynamic expansion. Background technique [0002] WEB vulnerabilities usually refer to loopholes in website programs, which may be caused by code writers who did not consider well when writing code. Common WEB vulnerabilities include Sql injection, Xss vulnerabilities, and upload vulnerabilities. [0003] With the continuous development of the Internet, as early as 2014, the number of websites in the world has exceeded 1 billion, and as of December 2015, the total number of websites in China alone has reached 4.23 million. Correspondingly, website security issues are becoming more and more serious. Incidents such as the global Openssl Heartbleed vulnerability and user data leakage of multiple domestic websites have made website security issues more and more people's attention. [0004] General WEB v...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1433H04L63/168
Inventor 贺思炜刘耀
Owner HUNAN SHADAN TECH