XSS (Cross Site Scripting) vulnerability detection method and device

A technology for cross-site scripting vulnerability and detection method, applied in the field of cross-site scripting vulnerability detection method, cross-site scripting vulnerability detection device, and computer-readable storage medium, can solve problems such as false positives, false negatives, etc., so as to reduce false positives and reduce false positives. Effectiveness of false negatives, increased breadth and depth, and improved security

Pending Publication Date: 2018-11-20
TENCENT TECH (SHENZHEN) CO LTD
View PDF3 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, with the increasing complexity of network application technology, more and more false positives and false negatives have occurred in this detection method.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • XSS (Cross Site Scripting) vulnerability detection method and device
  • XSS (Cross Site Scripting) vulnerability detection method and device
  • XSS (Cross Site Scripting) vulnerability detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0091] Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete and fully convey the concept of example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided in order to give a thorough understanding of embodiments of the invention. However, those skilled in the art will appreciate that the technical solution of the present invention may be practiced without one or more of the specific details, or other methods, components, devices, steps, etc. may be adopted. In other instances, well-known technical solutions have not been shown or descr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a XSS (Cross Site Scripting) vulnerability detection method and device, and belongs to the technical field of network security. The XSS vulnerability detection method comprises the steps of: using an initial address and a derived address of a target site as to-be-accessed addresses; loading the to-be-accessed addresses in a browser simulation environment, and acquiring first detection pages; triggering target element nodes in the first detection pages, which have an interaction attribute, by simulating a browser behavior, and obtaining second detection pages; acquiringinjection points in each first detection page and each second detection page; and detecting whether each injection point has a XSS vulnerability. According to the invention, misinformation and reportomission of the XSS vulnerability can be reduced.

Description

technical field [0001] The present invention relates to the technical field of network security, in particular to a cross-site scripting vulnerability detection method, a cross-site scripting vulnerability detection device, electronic equipment, and a computer-readable storage medium. Background technique [0002] With the rapid development of the Internet, there are more and more Internet-oriented services, and it is becoming more and more important to ensure the security of Internet services. For example, in web applications, if there is an XSS (Cross Site Scripting, cross-site scripting) vulnerability, the attacker may inject malicious code into the page through the cross-site scripting vulnerability; when the client user browses the page, the malicious The code will be automatically parsed and executed by the browser to achieve the purposes of hanging horses, phishing, stealing user cookies, and hijacking user browsing behaviors. Therefore, it is very necessary to condu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
CPCG06F21/577
Inventor 甘流卓
Owner TENCENT TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap