Automatic penetration test system based on AI

A technology of penetration testing and intelligence information, applied in the direction of biological neural network model, platform integrity maintenance, other database retrieval, etc.

What is AI technical title?
AI technical title is built by PatSnap AI team. It summarizes the technical point description of the patent document.
A technology of penetration testing and intelligence information, applied in the direction of biological neural network model, platform integrity maintenance, other database retrieval, etc.

CN111488587APending Publication Date: 2020-08-04北京墨云科技有限公司

3 Cites 6 Cited by

Image

Smart Image Click on the blue labels to locate them in the text.

Viewing Examples

Smart Image

Examples

Experimental program

Comparison scheme

Effect test

Embodiment 1

[0103] like figure 1 As shown, an AI-based automated penetration testing system includes:

[0104] Information collection module 100: used to collect attack surface and intelligence information on network targets, used to analyze the vulnerability clinical of network targets, and used to transmit attack surface, intelligence information, and vulnerability information to penetration attack module 200 and artificial intelligence module 400 , used to receive the driving instructions sent by the artificial intelligence module 400; the attack surface and intelligence information include IP, domain name, side domain, port, URL, API entry path, database link entry, email address, name, phone number, commented out Path, background login entry, front-end login entry, file upload entry, service, operating system version, middleware version, database version, network device version, application component version, application framework, development language, WEBshell, credential informati...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine

Login to View More

PUM

Login to View More

Abstract

The invention discloses an automatic penetration test system based on AI. The automatic penetration test system includes an information collection module (100) which is used for collecting attack surfaces and intelligence information of network targets and analyzing vulnerabilities existing in the network targets to generate vulnerability information; a penetration attack module (200) which is used for utilizing the vulnerabilities and attacking the network targets to obtain access rights or information of the network targets.; a rear permeation module (300) which is used for carrying out right extraction and intelligence information extraction on the network target and carrying out detection and springboard attack on other objects in the network target association network; and an artificial intelligence module (400) which is used for generating an attack method according to the vulnerability information, the access right or information, the authority information and the intelligence information and generating a driving instruction according to the attack method. The AI-based automatic penetration test system provided by the invention can effectively improve the stability and efficiency of penetration test.

Description

technical field [0001] The invention relates to the technical field of network data security, in particular to an AI-based automated penetration testing system. Background technique [0002] Penetration test is to completely simulate the attack technology and vulnerability discovery technology that hackers may use, conduct in-depth detection of the security of the target system, discover the most vulnerable link of the system, discover complex, interrelated security problems, and deeper weaknesses , and report the intrusion process and details to the user. The penetration testing workflow is mainly divided into three stages: pre-attack stage, attack stage, and post-attack stage. Pre-attack stage: The purpose is to collect information. Generally, information is obtained by detecting and analyzing targets through tools such as basic network information acquisition and regular vulnerability scanning. Attack phase: The purpose is to attack the target and obtain certain permis...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine

Login to View More

Application Information

Patent Timeline

04 Aug 2020

Publication

CN111488587A

IPC: G06F21/57; G06F16/951; G06N3/04; G06N3/08

CPC: G06F21/577; G06F16/951; G06N3/084; G06N3/045

Inventors: 谢鑫; 何召阳