Web security vulnerability detection system and detection method based on information collection

A technology of information collection and vulnerability detection, applied in the field of network security, can solve the problems of less information collection by scanners, incomplete information, affecting the normal operation of target business, etc., and achieve the effect of thorough scanning

Inactive Publication Date: 2017-10-24
四维创智(北京)科技发展有限公司
View PDF5 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

When using traditional scanners, many different tools are required. Each tool is in a fragmented state and does not form a complete penetration testing system. A large number of fuzzy tests are usually performed during scanning, which affects the normal operation of the target business. Moreover, traditional scanning There are few aspects of server information collection, and the collected information is not complete

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Web security vulnerability detection system and detection method based on information collection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0016] Below in conjunction with accompanying drawing and embodiment the present invention will be further described:

[0017] Such as figure 1 As shown, a Web security vulnerability detection system based on information collection is characterized in that it includes a project management module, an information collection module, a scanning detection module, a vulnerability utilization module, an auxiliary tool module, a Web comprehensive penetration module and a custom function module,

[0018] The information collection module integrates three tools: Whois information acquisition, second-level domain name acquisition and target mailbox information collection. Whois information acquisition can query and extract key registrant information, and query other domain names of the same registrant, NS records and MX records corresponding to domain names, so as to further expand penetration ideas; second-level domain name acquisition tools are equipped with search engine type and brut...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a Web security vulnerability detection system and detection method based on information collection. The Web security vulnerability detection system based on information collection includes a project management module, an information collection module, a scanning detection module, a vulnerability utilization module, an auxiliary tool module, a Web integrated penetration module and a custom function module. The Web security vulnerability detection system and detection method based on information collection enable each scanning tool to form a complete penetration system, perform modular classification on the penetration test tools to enable the penetration test flow to be clear at a glance, so that each tool of the system can be switched freely and coordinated with each other, can accurately position and verify the vulnerability after the related information of the target network service is scanned and detected so as to avoid the situation that a large quantity of FUZZ tests are fuzzed during the scanning process of a traditional scanner, so that normal operation of the target service is influenced, and have the advantages of being wide in the aspect of the scanned and collected information and being relatively more thorough in scanning.

Description

technical field [0001] The invention relates to the field of network security, in particular to an information collection-based Web security loophole detection system and detection method. Background technique [0002] With the rapid development of the IT market and the network, the sharing of network resources has been further strengthened, and the ensuing information security issues have become increasingly prominent. The diversity and interconnectivity of network composition forms provide more convenience for intrusion. When using traditional scanners, many different tools are required. Each tool is in a fragmented state and does not form a complete penetration testing system. A large number of fuzzy tests are usually performed during scanning, which affects the normal operation of the target business. Moreover, traditional scanning There are few aspects of server information collection, and the collected information is not complete. Contents of the invention [0003]...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F21/57
CPCG06F21/577H04L63/1416H04L63/1433
Inventor 司红星胡威
Owner 四维创智(北京)科技发展有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap