Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Web vulnerability detection method and system, terminal and computer readable storage medium

A vulnerability detection and port technology, which is applied in the field of web vulnerability detection, can solve problems such as company and personal losses, Internet information security threats, etc., and achieve the effect of facilitating maintenance and upgrading of the network, saving detection time, and protecting information security

Inactive Publication Date: 2020-10-13
SHANDONG LANGCHAO YUNTOU INFORMATION TECH CO LTD
View PDF2 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Through these loopholes and security issues, hackers can obtain commercial secrets or some relatively secret personal information, etc., causing immeasurable losses to companies and individuals, and posing a threat to the security of Internet information.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Web vulnerability detection method and system, terminal and computer readable storage medium
  • Web vulnerability detection method and system, terminal and computer readable storage medium
  • Web vulnerability detection method and system, terminal and computer readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0046] A web vulnerability detection method of the present invention mainly includes the following aspects for network security vulnerability detection: port scanning vulnerability detection, DNS domain transfer vulnerability detection, dangerous HTTP request method vulnerability detection, cross-site scripting attack vulnerability detection, sql injection vulnerability detection.

[0047] Port scanning vulnerability detection uses Nmap, an open source network connection port scanning software. Ports represent services, and port scanning is to find out which services are enabled by the server, and use these enabled services to prepare for future attacks using the collected information. That is, it is judged whether it has been opened by traversing the port.

[0048] That is, port scanning vulnerability detection traverses some existing services (http service, ftp service, ssh service, telnet service, rdp service, etc.) to determine whether the port is opened.

[0049] DNS do...

Embodiment 2

[0089] A web vulnerability detection system includes a port scanning vulnerability detection module, a DNS domain transmission vulnerability detection module, a dangerous HTTP request method vulnerability detection module, a cross-site scripting attack vulnerability detection module and a Sql injection vulnerability detection module.

[0090] Ports represent services, and port scanning is to find out which services are enabled by the server, and use these enabled services to prepare for future attacks using the collected information. That is, it is judged whether it has been opened by traversing the port.

[0091] The port scanning vulnerability detection module is used to call the Nmap scanning software, traverse the ports through the Nmap scanning software, determine whether the port is opened, and perform vulnerability detection on the opened ports. That is, port scanning vulnerability detection traverses some existing services (http service, ftp service, ssh service, telne...

Embodiment 3

[0132] A terminal of the present invention includes a processor, an input device, an output device, and a memory, the processor, the input device, the output device, and the memory are connected to each other, and the memory is used to store a computer program, the computer program includes program instructions, and the processing The device is configured to invoke the program instructions to execute the method disclosed in Embodiment 1.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a web vulnerability detection method and system, a terminal and a computer readable storage medium, and belongs to the field of web vulnerability detection. An aim of the method is to solve a technical problem of how to provide a security loophole tool with a wide detection range. The method comprises the steps: port scanning loophole detection is carried out, and port traversal is carried out through Nmap scanning software; DNS domain transmission loophole detection is carried out, and DNS records are read from a DNS server through a local domain name resolution server; loopholes of a dangerous HTTP request method are detected, and whether the dangerous request method is started or not is determined; cross-site script attack loophole detection is carried out, and data submitted by the client is filtered; Sql injection loophole detection is carried out, and an SQLmap test tool is called to carry out detection. The system comprises a port scanning loophole detection module, a DNS domain transmission loophole detection module, a dangerous HTTP request method loophole detection module, a cross-site script attack loophole detection module and an Sql injection loophole detection module.

Description

technical field [0001] The invention relates to the technical field of web vulnerability detection, in particular to a web vulnerability detection method, system, terminal, and computer-readable storage medium. Background technique [0002] At present, with the development of the Internet, some loopholes and security problems inevitably exist in website pages. Through these loopholes and security issues, hackers can obtain commercial secrets or some relatively secret personal information, etc., causing immeasurable losses to companies and individuals, and posing a threat to the security of Internet information. [0003] The current web application vulnerability scanning technology is relatively mature, such as Nikto, AWVS (Acunetix WebVulnerability Scanner), etc. There are also some vulnerability detection tools that focus on a certain aspect, such as the sql injection detection tool sqlmap. Each tool has its own strengths, but for a vulnerability security detection that re...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/08H04L29/12
CPCH04L63/1433H04L63/1416H04L67/02H04L61/4511
Inventor 张宏原罗锦涛张兆林杨明宇
Owner SHANDONG LANGCHAO YUNTOU INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com