Unlock instant, AI-driven research and patent intelligence for your innovation.

Permeation test method and device, storage medium and electronic device

A penetration testing and target technology, applied in the field of network security, can solve problems such as inefficiency, inconvenience, incomplete information, etc., to achieve the effect of improving security and solving inefficiency

Active Publication Date: 2020-01-10
BEIJING QIANXIN TECH +1
View PDF3 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The penetration testing solutions in related technologies do not have a complete framework, they are spliced ​​based on individual functional modules, and can only complete part of the functions of penetration testing. Moreover, the existing penetration testing related products are in the information collection, vulnerability discovery and other solutions , the efficiency is too low, the information is incomplete, resulting in limited penetration effect, and the system security holes cannot be discovered in time
Penetration testing platforms in related technologies cannot automate the entire process of penetration testing. Most of them are based on a combination of single module function tools, and do not cover information collection, vulnerability discovery, vulnerability exploitation, access to permissions, and intranet penetration. The entire penetration test process
Vulnerabilities discovered automatically by the vulnerability discovery program have no follow-up exploitation process, making the exploitation of vulnerabilities still very complicated
There is no linkage between the discovered vulnerabilities and the permissions obtained by exploiting the vulnerabilities, and the obtained permissions cannot be easily operated
Infiltration-related information collection functions are not fully covered, and the results of information collection cannot be fully automated, resulting in incomplete and inefficient automated penetration processes
[0004] For the above-mentioned problems existing in related technologies, no effective solution has been found yet

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Permeation test method and device, storage medium and electronic device
  • Permeation test method and device, storage medium and electronic device
  • Permeation test method and device, storage medium and electronic device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0034] The method embodiment provided in Embodiment 1 of the present application may be executed in a computer terminal or a similar computing device. Take running on a computer terminal as an example, figure 1 It is a block diagram of the hardware structure of a computer terminal for penetration testing according to the embodiment of the present invention. Such as figure 1 As shown, the computer terminal 10 may include one or more (figure 1 Only one is shown in the figure) a processor 102 (the processor 102 may include but not limited to a processing device such as a microprocessor MCU or a programmable logic device FPGA) and a memory 104 for storing data. Optionally, the above-mentioned computer terminal also A transmission device 106 for communication functions as well as input and output devices 108 may be included. Those of ordinary skill in the art can understand that, figure 1 The shown structure is only for illustration, and does not limit the structure of the above...

Embodiment 2

[0071] This embodiment also provides a penetration testing device, which is used to implement the above embodiments and preferred implementation modes, and what has been described will not be repeated. As used below, the term "module" may be a combination of software and / or hardware that realizes a predetermined function. Although the devices described in the following embodiments are preferably implemented in software, implementations in hardware, or a combination of software and hardware are also possible and contemplated.

[0072] Image 6 is a structural block diagram of a penetration testing device according to an embodiment of the present invention, such as Image 6 As shown, the device includes: an acquisition module 60, a detection module 62, an acquisition module 64, and an access module 66, wherein,

[0073] A collection module 60, configured to collect relevant information of an infiltration target, wherein the infiltration target is a network system connected thr...

Embodiment 3

[0085]An embodiment of the present invention also provides a storage medium, in which a computer program is stored, wherein the computer program is set to execute the steps in any one of the above method embodiments when running.

[0086] Optionally, in this embodiment, the above-mentioned storage medium may be configured to store a computer program for performing the following steps:

[0087] S1, collecting relevant information of an infiltration target, wherein the infiltration target is a network system connected through a network;

[0088] S2, using the relevant information to detect external vulnerabilities of the infiltration target;

[0089] S3, using the external vulnerability to obtain a first operation authority of the infiltration target, and using the first operation authority to perform lateral infiltration in the intranet of the infiltration target, and obtain a second operation authority of the infiltration target;

[0090] S4. Use the second operation authorit...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a penetration test method and device, a storage medium and an electronic device. The method comprises the steps of collecting related information of a penetration target, wherein the penetration target is a network system connected through a network; detecting an external vulnerability of the permeation target by using the related information; acquiring a first operation authority of the permeation target by using the external vulnerability, performing transverse permeation in an intranet of the permeation target by using the first operation authority, and acquiring a second operation authority of the permeation target; and using the second operation authority to access the business system of the penetration target and / or the local data of the penetration target. According to the invention, the technical problem of low penetration test efficiency in related technologies is solved, and the security of a network system is improved through advanced penetration testand early warning.

Description

technical field [0001] The present invention relates to the field of network security, in particular, to a penetration test method and device, a storage medium, and an electronic device. Background technique [0002] A network attack is an attack on an electronic device by a hacker or a virus Trojan horse, which brings huge losses to users by stealing files, etc., and a penetration test is a process of simulating a network attack to detect problems in advance, make up for them in time, and be prepared. [0003] The penetration testing solutions in related technologies do not have a complete framework, they are spliced ​​based on individual functional modules, and can only complete part of the functions of penetration testing. Moreover, the existing penetration testing related products are in the information collection, vulnerability discovery and other solutions , the efficiency is too low, and the information is incomplete, resulting in limited penetration effect, and the s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1433
Inventor 田跃
Owner BEIJING QIANXIN TECH